Intel Research Seminar

DATE: Thursday , June 13, 2002
TIME: Noon - 1:30 pm
PLACE: Intel Seminar (417 S. Craig Street - 3rd Floor)

David Mazières

Building Secure File Systems out of Byzantine Storage

(joint work with Jinyuan Li and Dennis Shasha)

There are many reasons not to trust one's file server. Storage servers are typically managed by people who have no role in creating or using the data--for instance system administrators or data warehouse employees. Any such person can tamper with file contents in difficult-to-detect ways. Worse yet, attackers often penetrate network servers by exploiting buggy software. When an attack is discovered, it is extremely difficult to determine exactly which files have been modified.

SUNDR (secure untrusted data repository) is a secure network file system we are building to run on untrusted servers. Ideally, everyone would immediately and unconditionally detect any misbehavior on the part of a file server. While this ideal is not achievable, SUNDR provides the next best thing--a guarantee that even the subtlest of server failures causes all hell to break loose in a well-defined and readily-detectable sense. Thus, users quickly learn of even Byzantine server failures and can assure themselves that a server has been honest at least until some recent point. Finally, by adding either direct user-user communication or a simple trusted version number server to the network file system model, one can gain a full guarantee of traditional network file system semantics without any assumptions about the server's behavior.

David Mazières is an assistant professor of computer science at NYU. His research interests center around operating systems, security, and privacy. He is currently investigating such problems as network file system performance over low-bandwidth networks, secure data storage on untrusted servers, censorship-resistant publishing, scalable, robust, low-latency peer-to-peer systems, and global, cross-realm user authentication without global trust. Prof. Mazières received a Ph.D. in 2000 from MIT, where among other things he built xok, the kernel of an exokernel operating system, and, an email pseudonym server. His thesis was on SFS, a secure, global file system with decentralized control. Prof. Mazières is the recent recipient of an Alfred P. Sloan research fellowship.

For Further Seminar Info:
Contact Kim Kaan, 412-605-1203, or visit

SDI Home: