Pesto flavoured security

F.W. Dillema, Tage Stabell-Kulo, Tage Stabell-Kulo

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    9 Downloads (Pure)

    Abstract

    We demonstrate that symmetric-key cryptography can be used for both read and write access control. One-time write access can be granted by handing over an encryption key, and our encryption framework allows the revocation of previously granted rights. The number of keys to be managed explicitly grows linearly with the number of access control policies a user defines, making security manageable. The framework is used in the Pesto distributed storage system. In Pesto, policies can be stored the same as other data and the same mechanism can be used to control access to them. Delegation of authority over policies concerning different tasks can then be performed. Separating the different tasks of the system, allows for different tasks to be assigned to different sets of nodes. Nodes need then only be trusted wrt. the specific task(s) they have been assigned with.
    Original languageUndefined
    Title of host publication22nd Symp. on Reliable Distributed Systems (SRDS)
    Place of PublicationLos Alamitos, California
    PublisherIEEE Computer Society
    Pages241-249
    Number of pages9
    ISBN (Print)0-7695-1955-5
    Publication statusPublished - Oct 2003

    Publication series

    Name
    PublisherIEEE Computer Society Press Los Alamitos, California

    Keywords

    • IR-41379
    • METIS-214066
    • EWI-824

    Cite this

    Dillema, F. W., Stabell-Kulo, T., & Stabell-Kulo, T. (2003). Pesto flavoured security. In 22nd Symp. on Reliable Distributed Systems (SRDS) (pp. 241-249). Los Alamitos, California: IEEE Computer Society.