A Proof-Carrying File System with Revocable and Use-Once Certificates
We present the design and implementation of a file system which allows authorizations dependent on revocable and use-once policy certificates. Authorizations require explicit proof objects, combining ideas from previous authorization logics and Girard’s linear logic. Use-once certificates and revocations lists are maintained in a database that is consulted during file access. Experimental results demonstrate that the overhead of using the database is not significant in practice.