NASD Protection Options

    [ NASD Home | Work at CMU | Related Work | Technology Transfer ]
    [ DARPA Highlights | Recent Talks | Publications | NASD Code Downloads ]


    Our design supports different protection options which can be composed to specify the protection requirements that a drive or file manager requires that a client uses. When no protection is used, we still check the fields of a capability for validity and the nonce in the request although they are easily spoofable. The following options are specified in our design:

    • NO_PROTECTION: No privacy or integrity protection provided.
    • INTEGRITY_ARGS: The integrity of the arguments of the request and the return codes in the reply are protected through a keyed message digest.
    • INTEGRITY_DATA: The integrity of the bulk data is protected through a keyed message digest.
    • PRIVACY_ARGS: The privacy of the arguments in the request and the return codes are encrypted.
    • PRIVACY_DATA: The bulk data is encrypted.
    • PRIVACY_CAPABILITY: The fields of the capability are encrypted.


    PDL Home NASD Home

    © 2008.
    Last updated 11 November, 2004