Stateful authorization logic: proof theory and a case study
STM'10 Proceedings of the 6th international conference on Security and trust management
Privacy-aware proof-carrying authorization
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Proof-Carrying code in a session-typed process calculus
CPP'11 Proceedings of the First international conference on Certified Programs and Proofs
A proof-carrying file system with revocable and use-once certificates
STM'11 Proceedings of the 7th international conference on Security and Trust Management
New modalities for access control logics: permission, control and ratification
STM'11 Proceedings of the 7th international conference on Security and Trust Management
LF in LF: mechanizing the metatheories of LF in twelf
Proceedings of the seventh international workshop on Logical frameworks and meta-languages, theory and practice
Linear logical voting protocols
VoteID'11 Proceedings of the Third international conference on E-Voting and Identity
Stateful authorization logic --Proof theory and a case study
Journal of Computer Security - STM'10
Toward strong, usable access control for shared distributed data
FAST'14 Proceedings of the 12th USENIX conference on File and Storage Technologies
| Hi-index | 0.00 |
We present the design and implementation of PCFS, a file system that adapts proof-carrying authorization to provide direct, rigorous, and efficient enforcement of dynamic access policies. The keystones of PCFS are a new authorization logic BL that supports policies whose consequences may change with both time and system state, and a rigorous enforcement mechanism that combines proof verification with conditional capabilities. We prove that our enforcement using capabilities is correct, and evaluate our design through performance measurements and a case study.