A Proof-Carrying File System
journal contributionposted on 01.01.1978 by Deepak Garg, Frank Pfenning
Any type of content formally published in an academic journal, usually following a peer-review process.
We present the design and implementation of PCFS, a file system that adapts proof-carrying authorization to provide direct, rigorous, and efficient enforcement of dynamic access policies. The keystones of PCFS are a new authorization logic BL that supports policies whose consequences may change with both time and system state, and a rigorous enforcement mechanism that combines proof verification with conditional capabilities. We prove that our enforcement using capabilities is correct, and evaluate our design through performance measurements and a case study.