USENIX Association Proceedings of the 5 th Symposium on Operating Systems
نویسندگان
چکیده
Farsite is a secure, scalable file system that logically functions as a centralized file server but is physically distributed among a set of untrusted computers. Farsite provides file availability and reliability through randomized replicated storage; it ensures the secrecy of file contents with cryptographic techniques; it maintains the integrity of file and directory data with a Byzantine-fault-tolerant protocol; it is designed to be scalable by using a distributed hint mechanism and delegation certificates for pathname translations; and it achieves good performance by locally caching file data, lazily propagating file updates, and varying the duration and granularity of content leases. We report on the design of Farsite and the lessons we have learned by implementing much of that design.
منابع مشابه
USENIX Association Proceedings of the 12 th USENIX Security Symposium
Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against OpenSSL. Our experiments show that we can extract private keys from an OpenSSL-based web server running on a machine in the local network. Our results demonstrate that timing attacks against network se...
متن کاملUSENIX Association Proceedings of the 9 th USENIX Security Symposium
This paper describes the design and implementation of a TCP/IP stack ngerprint scrubber. The ngerprint scrubber is a new tool to restrict a remote user's ability to determine the operating system of another host on the network. Allowing entire subnetworks to be remotely scanned and characterized opens up security vulnerabilities. Specifically, operating system exploits can be eÆciently run agai...
متن کاملUSENIX Association Proceedings of the 5 th Symposium on Operating Systems
Current system loggers have two problems: they depend on the integrity of the operating system being logged, and they do not save sufficient information to replay and analyze attacks that include any non-deterministic events. ReVirt removes the dependency on the target operating system by moving it into a virtual machine and logging below the virtual machine. This allows ReVirt to replay the sy...
متن کاملProceedings of the First USENIX Symposium on Operating Systems Design and Implementation (OSDI), Monterey, California, USA, November 14-17, 1994
متن کامل
USENIX Association Proceedings of the 9 th USENIX Security Symposium Denver
We describe Shibboleth, a program to manage private Internet mailing lists. Differing from other mailing list managers, Shibboleth manages lists or groups of lists that are closed, or have membership by invitation only. So instead of focusing on automating the processes of subscribing and unsubscribing readers, we include features like SMTP forgery detection, prevention of outsiders’ ability to...
متن کاملUSENIX Association Proceedings of the 10 th USENIX Security Symposium
We present a new approach to fast certi cate revocation centered around the concept of an on-line semi-trusted mediator (SEM). The use of a SEM in conjunction with a simple threshold variant of the RSA cryptosystem (mediated RSA) o ers a number of practical advantages over current revocation techniques. Our approach simpli es validation of digital signatures and enables certi cate revocation wi...
متن کامل