Type System Support for Dynamic Revocation

نویسندگان

Chris Hawblitzel

Thorsten von Eicken

چکیده

Safe languages provide mechanisms to share data among multiple protection domains in a protected fashion, but lack support for revocation and control over resource usage. This paper describes a type system extension, called permits, to support the revocation of data structures. Permits use a combination of static and run-time checks to ensure the revocability of data shared between safe language tasks, with a minimum of run-time overhead. The paper presents the syntax for this extension formally, and summarizes our experience with implementing the type system in a real language.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Review on Credential Systems in Anonymizing Networks

A credential system is a system in which users can obtain credentials from organizations and reveal possession of these credentials. This system is called anonymous when transactions carried out by the same user cannot be linked. In this paper we are describing few such credential systems. Nymble is a credential system in which servers themselves can blacklist misbehaving users, and thus blocks...

متن کامل

Accumulators from Bilinear Pairings and Applications to ID-based Ring Signatures and Group Membership Revocation

We propose a dynamic accumulator scheme from bilinear pairings, whose security is based on the Strong Diffie-Hellman assumption. We show applications of this accumulator in constructing an identitybased (ID-based) ring signature scheme with constant-size signatures and its interactive counterpart, and providing membership revocation to group signature, traceable signature and identity escrow sc...

متن کامل

The Case for Dynamic Key Distribution for PKI-Based VANETs

Vehicular Ad hoc Networks (VANETs) are becoming a reality where secure communication is a prerequisite. Public key infrastructure (PKI) can be used to secure VANETs where an onboard tamper proof device (TPD) stores a number of encryption keys which are renewed upon visiting a certificate authority (CA). We previously proposed a dynamic key distribution protocol for PKI-based VANETs [1] to reduc...

متن کامل

Crypt-DAC: Cryptographically Enforced Dynamic Access Control in the Cloud

Enabling cryptographically enforced access controls for data hosted in untrusted cloud is attractive for many users and organizations. However, designing efficient cryptographically enforced dynamic access control system in the cloud is still a challenging issue. In this paper, we propose Crypt-DAC, a system that provides practical cryptographic enforcement of dynamic access control. Crypt-DAC ...

متن کامل

Revocation & Non-Repudiation: When the first destroys the latter

Electronic signatures replace handwritten signatures in electronic processes. In this context, non-repudiation is one of the most desired properties – yet in practice it cannot be provided by the signature schemes themselves. Therefore, additional mechanisms in the underlying public key infrastructure are required. In this work, we present a formal treatment of that issue. We extend the formal ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 1999

Type System Support for Dynamic Revocation

نویسندگان

چکیده

منابع مشابه

Review on Credential Systems in Anonymizing Networks

Accumulators from Bilinear Pairings and Applications to ID-based Ring Signatures and Group Membership Revocation

The Case for Dynamic Key Distribution for PKI-Based VANETs

Crypt-DAC: Cryptographically Enforced Dynamic Access Control in the Cloud

Revocation & Non-Repudiation: When the first destroys the latter

عنوان ژورنال:

اشتراک گذاری