Advertisement

Toward Securely Programming the Internet

  • Andrew C. Myers
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6503)

Abstract

Computation and persistent storage are rapidly moving into the distributed domain. Yet we are offered very weak security and privacy assurance, especially as complex information systems share information across trust boundaries. A fundamental problem is that these systems are contructed at too low a level of abstraction. Higher-level abstractions are needed for building complex distributed information systems securely and composably.

Fabric [1] is a new decentralized platform that embodies this approach. Heterogeneous, mutually distrusting network nodes can securely share both information and computation. Its high-level programming language makes distribution and persistence largely transparent to programmers. However, its Java-like object model is extended to label data resources with explicit confidentiality and integrity policies. Exposing these policies to programmers and to the underlying run-time system enables programmers to reason about security, and enables the system to enforce them through a combination of compile-time and run-time mechanisms. Optimistic, nested transactions ensure consistency across all objects and nodes. A peer-to-peer dissemination layer helps to increase availability and to balance load. Results from applications built using Fabric suggest that Fabric has a clean, concise programming model, offers good performance, and enforces security.

References

  1. 1.
    Liu, J., George, M.D., Vikram, K., Qi, X., Waye, L., Myers, A.C.: Fabric: a platform for secure distributed computation and storage. In: Proc. 22nd ACM Symp. on Operating System Principles (SOSP), pp. 321–334 (October 2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Andrew C. Myers
    • 1
  1. 1.Department of Computer ScienceCornell UniversityIthacaUSA

Personalised recommendations