DATE: Thursday , April 4, 2002
TIME: Noon - 1 pm
PLACE: Hamerschlag Hall, D-Level Conference Room

Sotiris Ioannidis
Ph.D. Candidate
Distributed Systems Lab, University of Pennsylvania

Fine-Grain Policy-Based Access Control for Distributed Systems

With the explosion in network use, the scope of computer security has greatly expanded. Novel technologies, such as active content and massively distributed services offer great new capabilities to users and service providers. Unfortunately, these same technologies offer great potential for misuse (email virii, JavaScript trojan horses, etc.). The lack of security mechanisms that offer the necessary flexibility and efficiency has become all too clear. One general approach towards addressing this defficiency is the use of access control mechanisms that can offer such services. In my recent work, I have investigated the use of policy-based access control, using the KeyNote trust-management system, in the areas of active content protection and security composition of distributed services. In the domain of protection from active content, such as scripting languages executed in browsers or mail attachments, I have developed the SubOS architecture. SubOS uses a policy-controlled data-flow architecture, using labels associated with objects to limit authorizations. The prototype for the OpenBSD operating system, as well as two sample applications, a secure web browser and a secure mailer, demonstrate the practicality and efficiency of this architecture. For distributed services, I designed a policy-based system which is used to control network access and host access in concert. Use of a global policy and automatic distribution to the relevant access points allows for consistent access control throughout the system, resulting in among other things the first implementation of a distributed firewall. This system instantiates what I call "Virtual Private Services," and the evaluation shows that this is achieved at a low cost in performance. The use of policy-based access control in these two new domains suggests that this technique has considerable promise as an access control scheme for many modern distributed systems with both scale and complexity challenges.

Sotiris Ioannidis is a Ph.D candidate at the university of Pennsylvania. He earned a M.S. in computer science from the University of Rochester, and a B.S. in Mathematics from the University of Crete, Greece. His research interests include Operating System and Network Security, Network Management, and Active Networking.

For Further Seminar Info: