基于语言的安全仲裁复制方法

Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security Pub Date : 2014-07-28 DOI:10.1145/2637113.2637117

Lantian Zheng, A. Myers

{"title":"基于语言的安全仲裁复制方法","authors":"Lantian Zheng, A. Myers","doi":"10.1145/2637113.2637117","DOIUrl":null,"url":null,"abstract":"Quorum replication is an important technique for building distributed systems because it can simultaneously improve both the integrity and availability of computation and storage. Information flow control is a well-known method for enforcing the confidentiality and integrity of information. This paper demonstrates that these two techniques can be integrated to simultaneously enforce all three major security properties: confidentiality, integrity and availability. It presents a security-typed language with explicit language constructs for supporting secure quorum replication. The dependency analysis performed by the type system of the language provides a way to formally verify the end-to-end security assurance of complex replication schemes. We also contribute a new multilevel timestamp mechanism for synchronizing code and data replicas while controlling previously ignored side channels introduced by such synchronization.","PeriodicalId":336079,"journal":{"name":"Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security","volume":"44 4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"A Language-Based Approach to Secure Quorum Replication\",\"authors\":\"Lantian Zheng, A. Myers\",\"doi\":\"10.1145/2637113.2637117\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Quorum replication is an important technique for building distributed systems because it can simultaneously improve both the integrity and availability of computation and storage. Information flow control is a well-known method for enforcing the confidentiality and integrity of information. This paper demonstrates that these two techniques can be integrated to simultaneously enforce all three major security properties: confidentiality, integrity and availability. It presents a security-typed language with explicit language constructs for supporting secure quorum replication. The dependency analysis performed by the type system of the language provides a way to formally verify the end-to-end security assurance of complex replication schemes. We also contribute a new multilevel timestamp mechanism for synchronizing code and data replicas while controlling previously ignored side channels introduced by such synchronization.\",\"PeriodicalId\":336079,\"journal\":{\"name\":\"Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security\",\"volume\":\"44 4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-07-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2637113.2637117\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2637113.2637117","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

摘要

仲裁复制是构建分布式系统的一项重要技术，因为它可以同时提高计算和存储的完整性和可用性。信息流控制是一种众所周知的加强信息保密性和完整性的方法。本文证明了这两种技术可以集成以同时执行所有三个主要的安全属性:机密性、完整性和可用性。它提供了一种具有显式语言结构的安全类型语言，用于支持安全仲裁复制。由该语言的类型系统执行的依赖分析提供了一种正式验证复杂复制模式的端到端安全保证的方法。我们还提供了一个新的多级时间戳机制，用于同步代码和数据副本，同时控制以前被忽略的由这种同步引入的侧通道。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Language-Based Approach to Secure Quorum Replication

Quorum replication is an important technique for building distributed systems because it can simultaneously improve both the integrity and availability of computation and storage. Information flow control is a well-known method for enforcing the confidentiality and integrity of information. This paper demonstrates that these two techniques can be integrated to simultaneously enforce all three major security properties: confidentiality, integrity and availability. It presents a security-typed language with explicit language constructs for supporting secure quorum replication. The dependency analysis performed by the type system of the language provides a way to formally verify the end-to-end security assurance of complex replication schemes. We also contribute a new multilevel timestamp mechanism for synchronizing code and data replicas while controlling previously ignored side channels introduced by such synchronization.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security

自引率

0.00%

发文量