Beta 1


Title Secure Program Partitioning in Dynamic Networks
Author Søndergaard, Dan
Supervisor Probst, Christian (Computer Science and Engineering, Informatics and Mathematical Modelling, Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark)
Institution Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark
Thesis level Master's thesis
Year 2006
Abstract A shortcoming of many systems dealing with sensitive data is that they do not control the propagation of information in an appropriate way. This includes both the denial of access for unauthorized principals, and the control of the data's integrity. Previous work has shown that security-typed programs can successfully address this shortcoming. Security-typed programs can safely be distributed and executed in a network, as shown by Zdanewic et al. The distributed programs obey, by construction, all annotations with respect to access rights. The approach does not, however, support dynamic changes to the network or the trust model. In this thesis, the original framework for distribution of security-typed programs has been extended to also consider dynamic systems. The main contribution is the development of a trust model with support for dynamic systems. Moving to a dynamic setting introduces new problems, e.g., the choice between several feasible distributions of a program. To address this, a metric is developed which can be used to find the most trustworthy distribution based on a user's preferences. The proposed concepts have been proven to work through the implementation of a prototype.
Series IMM-Thesis-2006-92
Keywords Information Flow; Distributed Systems; Trust; Program Partitioning
Fulltext
Original PDF imm4906.pdf (1.35 MB)
Admin Creation date: 2007-06-11    Update date: 2008-02-07    Source: dtu    ID: 200732    Original MXD