Formal Analysis of Dynamic, Distributed File-System Access Controls

  • Avik Chaudhuri
  • Martín Abadi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4229)

Abstract

We model networked storage systems with distributed, cryptographically enforced file-access control in an applied pi calculus. The calculus contains cryptographic primitives and supports file-system constructs, including access revocation. We establish that the networked storage systems implement simpler, centralized storage specifications with local access-control checks. More specifically, we prove that the former systems preserve safety properties of the latter systems. Focusing on security, we then derive strong secrecy and integrity guarantees for the networked storage systems.

Copyright information

© IFIP International Federation for Information Processing 2006

Authors and Affiliations

  • Avik Chaudhuri
    • 1
  • Martín Abadi
    • 1
    • 2
  1. 1.Computer Science DepartmentUniversity of CaliforniaSanta Cruz
  2. 2.Microsoft ResearchSilicon Valley

Personalised recommendations