, June 13, 2002
Noon - 1:30 pm
Intel Seminar (417 S. Craig Street - 3rd Floor)
EVENTS PAGE: http://www.intel-research.net/pittsburgh/events.htm
Building Secure File Systems out of Byzantine Storage
(joint work with Jinyuan Li and Dennis Shasha)
There are many reasons not to trust one's file server. Storage servers
are typically managed by people who have no role in creating or using
the data--for instance system administrators or data warehouse employees.
Any such person can tamper with file contents in difficult-to-detect ways.
Worse yet, attackers often penetrate network servers by exploiting buggy
software. When an attack is discovered, it is extremely difficult to determine
exactly which files have been modified.
SUNDR (secure untrusted data repository) is a secure network file system
we are building to run on untrusted servers. Ideally, everyone would immediately
and unconditionally detect any misbehavior on the part of a file server.
While this ideal is not achievable, SUNDR provides the next best thing--a
guarantee that even the subtlest of server failures causes all hell to
break loose in a well-defined and readily-detectable sense. Thus, users
quickly learn of even Byzantine server failures and can assure themselves
that a server has been honest at least until some recent point. Finally,
by adding either direct user-user communication or a simple trusted version
number server to the network file system model, one can gain a full guarantee
of traditional network file system semantics without any assumptions about
the server's behavior.
David Mazières is an assistant professor of computer science
at NYU. His research interests center around operating systems, security,
and privacy. He is currently investigating such problems as network file
system performance over low-bandwidth networks, secure data storage on
untrusted servers, censorship-resistant publishing, scalable, robust,
low-latency peer-to-peer systems, and global, cross-realm user authentication
without global trust. Prof. Mazières received a Ph.D. in 2000 from
MIT, where among other things he built xok, the kernel of an exokernel
operating system, and nym.alias.net, an email pseudonym server. His thesis
was on SFS, a secure, global file system with decentralized control. Prof.
Mazières is the recent recipient of an Alfred P. Sloan research
Contact Kim Kaan, 412-605-1203,
or visit http://www.intel-research.net.
SDI Home: http://www.pdl.cmu.edu/SDI/