Implementing Distributed Capabilities without a Trusted Kernel

Capabilities are well-known to be a simple and efficient technique for implementing protection in centralized systems. In decentralized distributed systems, however, implementing capabilities can be considerably more difficult. Two problems stand out: (1) how to communicate information about capabilities across an insecure communication network, and (2) how to revoke capabilities in the presence of failures such as message delays, crashes, and network partitions. This paper describes a new scheme for managing capabilities in a distributed system that incorporates novel solutions to both problems. The communication problem is addressed by a new and efficient protocol that exploits recent developments in “zero-knowledge” authentication protocols. The revocation problem is solved by new protocols that rely on approximately synchronized real-time clocks to create the illusion that revocation occurs instantaneously, even in the presence of failures.

[1]  Michael O. Rabin,et al.  Probabilistic Algorithms in Finite Fields , 1980, SIAM J. Comput..

[2]  Maurice Herlihy,et al.  How to Make Replicated Data Secure , 1987, CRYPTO.

[3]  Nancy A. Lynch,et al.  On the Correctness of Orphan Elimination Algorithms. , 1987 .

[4]  Maurice V. Wilkes,et al.  The Cambridge CAP computer and its operating system (Operating and programming systems series) , 1979 .

[5]  Ralph Howard,et al.  Data encryption standard , 1987 .

[6]  Michael Luby,et al.  Pseudo-random permutation generators and cryptographic composition , 1986, STOC '86.

[7]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[8]  Raymond E. Miller,et al.  Complexity of Computer Computations , 1972 .

[9]  László Babai,et al.  Trading group theory for randomness , 1985, STOC '85.

[10]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .

[11]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[12]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[13]  Keith Marzullo,et al.  Maintaining the time in a distributed system , 1983, PODC '83.

[14]  Maurice Herlihy,et al.  Time-Driven Orphan Elimination , 1986, Symposium on Reliability in Distributed Software and Database Systems.

[15]  William A. Wulf,et al.  HYDRA/C.Mmp, An Experimental Computer System , 1981 .

[16]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[17]  Bruce Jay Nelson Remote procedure call , 1981 .

[18]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[19]  Bennet S. Yee,et al.  Strongbox : a self-securing protection system for distributed programs , 1988 .

[20]  Mahadev Satyanarayanan,et al.  The ITC distributed file system: principles and design , 1985, SOSP 1985.

[21]  Ken Thompson,et al.  Password security: a case history , 1979, CACM.

[22]  Richard A. Kemmerer,et al.  Specification and verification of the UCLA Unix security kernel , 1979, CACM.

[23]  David Jefferson,et al.  Protection in the Hydra Operating System , 1975, SOSP.

[24]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[25]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[26]  Richard M. Karp,et al.  Combinatorics, complexity, and randomness , 1986, CACM.

[27]  Henry M. Levy,et al.  Capability-Based Computer Systems , 1984 .

[28]  J. Doug Tygar,et al.  Efficient Parallel Pseudo-Random Number Generation , 1985, CRYPTO.

[29]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..