Pesto flavoured security

Feike W. Dillema; Tage Stabell-Kulø

doi:10.1109/RELDIS.2003.1238074

Pesto flavoured security

Feike W. Dillema
, Tage Stabell-Kulø

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

52 Downloads (Pure)

Abstract

We demonstrate that symmetric-key cryptography can be used for both read and write access control. One-time write access can be granted by handing over an encryption key, and our encryption framework allows the revocation of previously granted rights. The number of keys to be managed explicitly grows linearly with the number of access control policies a user defines, making security manageable. The framework is used in the Pesto distributed storage system. In Pesto, policies can be stored the same as other data and the same mechanism can be used to control access to them. Delegation of authority over policies concerning different tasks can then be performed. Separating the different tasks of the system, allows for different tasks to be assigned to different sets of nodes. Nodes need then only be trusted wrt. the specific task(s) they have been assigned with.

Original language	English
Title of host publication	Proceedings 22nd International Symposium on Reliable Distributed Systems (SRDS)
Place of Publication	Los Alamitos, CA
Publisher	IEEE
Pages	241-249
Number of pages	9
ISBN (Print)	0-7695-1955-5
DOIs	https://doi.org/10.1109/RELDIS.2003.1238074
Publication status	Published - Oct 2003
Event	22nd IEEE Symposium on Reliable Distributed Systems, SRDS 2003 - Florence, Italy Duration: 6 Oct 2003 → 8 Oct 2003 Conference number: 22

Publication series

Name	Proceedings International Symposium on Reliable Distributed Systems (SRDS)
Publisher	IEEE
Number	22
Volume	2003
ISSN (Print)	1060-9857

Conference

Conference	22nd IEEE Symposium on Reliable Distributed Systems, SRDS 2003
Country/Territory	Italy
City	Florence
Period	6/10/03 → 8/10/03

Access to Document

10.1109/RELDIS.2003.1238074

ArticleFinal published version, 74.4 KB

Pesto Flavoured Security
Dillema, F. W. & Stabell-Kulø, T., Dec 2003, Enschede: Centre for Telematics and Information Technology (CTIT). 8 p. (CTIT technical report series; no. TR-CTIT-03-51)
Research output: Book/Report › Report › Other research output

Open Access
File

Cite this

@inproceedings{6c9f77160de94534866a3f45766f86be,

title = "Pesto flavoured security",

abstract = "We demonstrate that symmetric-key cryptography can be used for both read and write access control. One-time write access can be granted by handing over an encryption key, and our encryption framework allows the revocation of previously granted rights. The number of keys to be managed explicitly grows linearly with the number of access control policies a user defines, making security manageable. The framework is used in the Pesto distributed storage system. In Pesto, policies can be stored the same as other data and the same mechanism can be used to control access to them. Delegation of authority over policies concerning different tasks can then be performed. Separating the different tasks of the system, allows for different tasks to be assigned to different sets of nodes. Nodes need then only be trusted wrt. the specific task(s) they have been assigned with.",

author = "Dillema, \{Feike W.\} and Tage Stabell-Kul{\o}",

year = "2003",

month = oct,

doi = "10.1109/RELDIS.2003.1238074",

language = "English",

isbn = "0-7695-1955-5",

series = "Proceedings International Symposium on Reliable Distributed Systems (SRDS)",

publisher = "IEEE",

number = "22",

pages = "241--249",

booktitle = "Proceedings 22nd International Symposium on Reliable Distributed Systems (SRDS)",

address = "United States",

note = "22nd IEEE Symposium on Reliable Distributed Systems, SRDS 2003 ; Conference date: 06-10-2003 Through 08-10-2003",

}

Dillema, FW & Stabell-Kulø, T 2003, Pesto flavoured security. in Proceedings 22nd International Symposium on Reliable Distributed Systems (SRDS). Proceedings International Symposium on Reliable Distributed Systems (SRDS), no. 22, vol. 2003, IEEE, Los Alamitos, CA, pp. 241-249, 22nd IEEE Symposium on Reliable Distributed Systems, SRDS 2003, Florence, Italy, 6/10/03. https://doi.org/10.1109/RELDIS.2003.1238074

Pesto flavoured security. / Dillema, Feike W.; Stabell-Kulø, Tage.
Proceedings 22nd International Symposium on Reliable Distributed Systems (SRDS). Los Alamitos, CA: IEEE, 2003. p. 241-249 (Proceedings International Symposium on Reliable Distributed Systems (SRDS); Vol. 2003, No. 22).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Pesto flavoured security

AU - Dillema, Feike W.

AU - Stabell-Kulø, Tage

N1 - Conference code: 22

PY - 2003/10

Y1 - 2003/10

N2 - We demonstrate that symmetric-key cryptography can be used for both read and write access control. One-time write access can be granted by handing over an encryption key, and our encryption framework allows the revocation of previously granted rights. The number of keys to be managed explicitly grows linearly with the number of access control policies a user defines, making security manageable. The framework is used in the Pesto distributed storage system. In Pesto, policies can be stored the same as other data and the same mechanism can be used to control access to them. Delegation of authority over policies concerning different tasks can then be performed. Separating the different tasks of the system, allows for different tasks to be assigned to different sets of nodes. Nodes need then only be trusted wrt. the specific task(s) they have been assigned with.

AB - We demonstrate that symmetric-key cryptography can be used for both read and write access control. One-time write access can be granted by handing over an encryption key, and our encryption framework allows the revocation of previously granted rights. The number of keys to be managed explicitly grows linearly with the number of access control policies a user defines, making security manageable. The framework is used in the Pesto distributed storage system. In Pesto, policies can be stored the same as other data and the same mechanism can be used to control access to them. Delegation of authority over policies concerning different tasks can then be performed. Separating the different tasks of the system, allows for different tasks to be assigned to different sets of nodes. Nodes need then only be trusted wrt. the specific task(s) they have been assigned with.

U2 - 10.1109/RELDIS.2003.1238074

DO - 10.1109/RELDIS.2003.1238074

M3 - Conference contribution

SN - 0-7695-1955-5

T3 - Proceedings International Symposium on Reliable Distributed Systems (SRDS)

SP - 241

EP - 249

BT - Proceedings 22nd International Symposium on Reliable Distributed Systems (SRDS)

PB - IEEE

CY - Los Alamitos, CA

T2 - 22nd IEEE Symposium on Reliable Distributed Systems, SRDS 2003

Y2 - 6 October 2003 through 8 October 2003

ER -

Pesto flavoured security

Abstract

Publication series

Conference

Access to Document

Fingerprint

Research output

Pesto Flavoured Security

Cite this