Secure Dynamic Program Repartitioning

Rene Rydhoff Hansen, Christian Probst

    Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

    91 Downloads (Pure)

    Abstract

    Secure program partitioning has been introduced as a language-based technique to allow the distribution of data and computation across mutualy untrusted hosts, while at the same time guaranteeing the protection of confidential data. Programs that have been annotated with security types are automaticaly partitioned by the compiler. The main drawback in this setting is that both the trust hierarchy and the set of hosts are fixed once the program has been partitioned. This paper suggests an enhanced version of the partitioning framework, where the trust relation stil remains fixed, but the partitioning compiler becomes a part of the network and can recompile applications, thus alowing hosts to enter or leave the framework. We contend that this setting is superior to static partitioning, since it allows redistribution of data and computations. This is especialy beneficial if the new host alows data and computations to better fulfil the trust requirements of the users. Erasure Policies ensure that the original host of the redistributed data or computation does not store the data any longer.
    Original languageEnglish
    Title of host publicationNordic Workshop in Secure IT-Systems
    Publication date2005
    Publication statusPublished - 2005

    Cite this