Tage Stabell-Kulø

Security functions for a file repository

When personal machines are incorporated into distributed systems a new mixture of threats is exposed. The security effort in the MobyDick project is aimed at understanding how privacy can be protected in this new environment. Our claim is that a two-step process for authentication and authorisation is required, but also sufficient. The research vehicle is a distributed file repository.

A methodology for verification of digital items in fair exchange protocols with active trustee

Abstract Fair exchange constitutes a fundamental mechanism for electronic commerce. Fair exchange assumes that it is possible to verify the correctness of the digital items to be exchanged. However, when an item is indescribable , i.e., it cannot be formally specified, its verification becomes difficult, if not impossible. This hinders a practical deployment of fair exchange. We propose a methodology for the verification of indescribable digital items. The methodology allows a participant in a fair exchange protocol to personally verify the indescribable item without giving him any practical advantage over the other participant, and therefore without violating the fairness imposed by the protocol.

Public-key cryptography and availability

When the safety community designs their systems to also maintain security properties, it is likely that public-key encryption will be among the tools that are applied. The security guarantees of this technology are based on a particular model of computation. We present the properties of this model that are relevant in the setting of distributed systems. Of particular importance is that the model has no notion of time. From this it follows that systems that need to be available must exercise the utmost care before applying public-key encryption in any form. We discuss the relation between public-key encryption and timeliness, the tradeoffs that must be made at design time, and how the property of (lack of) availability might very well contaminate other system components.

A Decentralized Authorization Architecture

We present a decentralized authorization architecture based on capabilities in which parties are able to exercise full control over their resources and delegate it in an ad-hoc manner. In our architecture data objects are encrypted and capabilities are used to gain access to them directly. Data storage can then be decoupled from access to the stored data. Capabilities are also protected by encryption, so that they can be distributed to principals not authorized to use them. Replication and distribution can therefore be used to increase the availability not only of the data objects but of the authorization architecture itself to cope with disconnections and, in general, to adapt to changes of network topology typical of loosely coupled systems such as peer-to-peer networks and collaborative systems.

Security and middleware

The security features of current middleware platforms, like Enterprise Java Beans and CORBA (Common Object Request Broker Architecture), are either simple and limited or complex and difficult to use. In both cases are the provided features static and do not support the flexibility needed in a wide range of applications. This paper introduces and approach to flexible security mechanisms in the context of a reflective middleware architecture. The reflective middleware OOPP (Open-ORB Python Prototype) is a component and capsule (container) based platform providing its reflective features through a set of distinct meta-models. Flexible security mechanisms are provided using a specialized programming language called Obol. In OOPP the flexible security mechanisms based on Obol is a subset of reflective features of the middleware platform. Obol and its machinery is a subset of one distinct aspect or meta-model of the middleware platform.

User controlled sharing in a variable connected distributed system

This paper describes the design and implementation of a distributed file repository that supports data sharing in a variable connected environment. Our design is based on the observation that it is difficult to make a clean cut between the various choices for important issues like consistency and concurrency control when the system is designed. Hence, we make it possible for the user to choose whether to adopt an optimistic or a pessimistic approach, rather than embedding it into the system; that is, the user is placed in the decision loop. Unlike many contemporary systems, our repository treats the optimistic and pessimistic approach uniformly and allows users to select them on a per-file basis. Furthermore, even if a file has to be managed pessimistically, the advantage of the optimistic approach-high availability-is retained. The file repository has been implemented, and it is our research vehicle.

Detecting Key-Dependencies

The confidentiality of encrypted data depends on how well the key under which it was encrypted is maintained. If a session key was exchanged encrypted under a long-term key, exposure of the long-term key may reveal the session key and hence the data encrypted with it. The problem of key-dependencies between keys can be mapped onto connectivity of a graph, and the resulting graph can be inspected. This article presents a structured method (an algorithm) with which key-dependencies can be detected and analysed. Several well-known protocols are examined, and it is shown that they are vulnerable to certain attacks exploiting key-dependencies. Protocols which are free from this defect do exist. That is, when a session is terminated it is properly closed.

Security and log structured file systems

A log structured file system (LFS) obtains its performance by refraining from seeking for blocks on the disk. Instead, new data is written into new blocks which is placed at the end of the log. This incurs a security issue by leaving data on disk that was supposed to be overwritten.To us, this shows how difficult it is for users concerned with their privacy, not to be lead astray. It also emphasizes how wide the gap is between an encryption channel and a user.

Pesto flavored security

We demonstrate that symmetric-key cryptography can be used for both read and write access control. One-time write access can be granted by handing over an encryption key, and our encryption framework allows the revocation of previously granted rights. The number of keys to be managed explicitly grows linearly with the number of access control policies a user defines, making security manageable. The framework is used in the Pesto distributed storage system. In Pesto, policies can be stored the same as other data and the same mechanism can be used to control access to them. Delegation of authority over policies concerning different tasks can then be performed. Separating the different tasks of the system, allows for different tasks to be assigned to different sets of nodes. Nodes need then only be trusted with respect to the specific task(s) they have been assigned with.