Accession Number : ADA563359


Title :   MONTAGE: A Methodology for Designing Composable End-to-End Secure Distributed Systems


Descriptive Note : Final technical rept. Mar 2008-2012


Corporate Author : IBM THOMAS J WATSON RESEARCH CENTER YORKTOWN HEIGHTS NY


Personal Author(s) : Chari, Suresh


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a563359.pdf


Report Date : Aug 2012


Pagination or Media Count : 202


Abstract : This report describes the Montage project, a principled approach to build secure distributed systems which remain secure when composed with other systems. This is an application of the Universal Composability Framework, which has been previously applied successfully to design cryptographic protocols, to the problem of designing software systems. This report describes how the framework can to be adapted to apply to software systems. Further it describes the successful application of this new framework to diverse applications including the design of safe subsets of the POSIX file system interface, the design of secure virtualization primitives and the analysis of web protocols. We also describe an attempt to automate the use of this framework by automatically generating proofs of equivalence required in application of this framework. Our results show that it is feasible to design large composably secure software systems using this framework.


Descriptors :   *DISTRIBUTED DATA PROCESSING , *SECURITY , COMPUTER PROGRAMS , CRYPTOGRAPHY , DISTRIBUTION , FILES(RECORDS) , INTERFACES , METHODOLOGY , RECORDS MANAGEMENT , REPORTS , SAFETY


Subject Categories : Computer Systems Management and Standards


Distribution Statement : APPROVED FOR PUBLIC RELEASE