Secure program partitioning

1 August 2002

journal article
Published by Association for Computing Machinery (ACM) in ACM Transactions on Computer Systems

Vol. 20 (3) , 283-328
https://doi.org/10.1145/566340.566343

Abstract

This paper presents secure program partitioning, a language-based technique for protecting confidential data during computation in distributed systems containing mutually untrusted hosts. Confidentiality and integrity policies can be expressed by annotating programs with security types that constrain information flow; these programs can then be partitioned automatically to run securely on heterogeneously trusted hosts. The resulting communicating subprograms collectively implement the original program, yet the system as a whole satisfies the security requirements of participating principals without requiring a universally trusted host machine. The experience in applying this methodology and the performance of the resulting distributed code suggest that this is a promising way to obtain secure distributed computation.

Keywords

This publication has 15 references indexed in Scilit:

From system F to typed assembly language
ACM Transactions on Programming Languages and Systems, 1999
On the (Im)possibility of Basing Oblivious Transfer and Bit Commitment on Weakened Security Assumptions
Published by Springer Nature ,1999
Multilevel security in the UNIX tradition
Software: Practice and Experience, 1992
Fine-grained mobility in the Emerald system
ACM Transactions on Computer Systems, 1988
A Randomized Protocol for Signing Contracts
Published by Springer Nature ,1983
A Technique for Proving Specifications are Multilevel Secure
Published by Defense Technical Information Center (DTIC) ,1980
Certification of programs for secure information flow
Communications of the ACM, 1977
A lattice model of secure information flow
Communications of the ACM, 1976
Security Kernel validation in practice
Communications of the ACM, 1976
Memoryless subsystems
The Computer Journal, 1974