08-16-2017, 10:10 PM
[attachment=370]
Secure Program Partitioning
Abstract
This paper presents secure program partitioning, a language-based technique for protecting con dential data during computation in distributed systems con- taining mutually untrusted hosts. Con dentiality and integrity policies can be expressed by annotat- ing programs with security types that constrain in- formation ow; these programs can then be parti- tioned automatically to run securely on heteroge- neously trusted hosts. The resulting communicating subprograms collectively implement the original pro- gram, yet the system as a whole satis es the security requirements of participating principals without re- quiring a universally trusted host machine. The ex- perience in applying this methodology and the perfor- mance of the resulting distributed code suggest that this is a promising way to obtain secure distributed computation