MONTAGE: A Methodology for Designing Composable End-to-End Secure Distributed Systems

Abstract

This report describes the Montage project, a principled approach to build secure distributed systems which remain secure when composed with other systems. This is an application of the Universal Composability Framework, which has been previously applied successfully to design cryptographic protocols, to the problem of designing software systems. This report describes how the framework can to be adapted to apply to software systems. Further it describes the successful application of this new framework to diverse applications including the design of safe subsets of the POSIX file system interface, the design of secure virtualization primitives and the analysis of web protocols. We also describe an attempt to automate the use of this framework by automatically generating proofs of equivalence required in application of this framework. Our results show that it is feasible to design large composably secure software systems using this framework.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 01, 2012
Accession Number
ADA563359

Entities

People

  • Suresh Chari

Organizations

  • IBM Thomas J. Watson Research Center

Tags

Communities of Interest

  • C4I
  • Cyber
  • Engineered Resilient Systems
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force
  • Application Protocols
  • Asymetric Encryption
  • Communication Channels
  • Computer Access Control
  • Computer Networks
  • Computer Programming
  • Computer Science
  • Computers
  • Cryptography
  • Cybersecurity
  • Electronic Mail
  • Instruction Set Architecture
  • Network Protocols
  • Network Science
  • Operating Systems
  • Security Protocols

Fields of Study

  • Computer science
  • Engineering

Readers

  • Distributed Systems and Data Platform Development
  • Software Engineering.