Integrity and access control in untrusted content distribution networks
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2005.
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Language: | eng |
| Published: |
Massachusetts Institute of Technology
2006
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/1721.1/34464 |
| _version_ | 1811079865808453632 |
|---|---|
| author | Fu, Kevin E. (Kevin Edward), 1976- |
| author2 | M. Frans Kaashoek and Ronald L. Rivest. |
| author_facet | M. Frans Kaashoek and Ronald L. Rivest. Fu, Kevin E. (Kevin Edward), 1976- |
| author_sort | Fu, Kevin E. (Kevin Edward), 1976- |
| collection | MIT |
| description | Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2005. |
| first_indexed | 2024-09-23T11:21:50Z |
| format | Thesis |
| id | mit-1721.1/34464 |
| institution | Massachusetts Institute of Technology |
| language | eng |
| last_indexed | 2024-09-23T11:21:50Z |
| publishDate | 2006 |
| publisher | Massachusetts Institute of Technology |
| record_format | dspace |
| spelling | mit-1721.1/344642019-04-12T09:21:48Z Integrity and access control in untrusted content distribution networks Fu, Kevin E. (Kevin Edward), 1976- M. Frans Kaashoek and Ronald L. Rivest. Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. Electrical Engineering and Computer Science. Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2005. Vita. Includes bibliographical references (p. 129-142). A content distribution network (CDN) makes a publisher's content highly available to readers through replication on remote computers. Content stored on untrusted servers is susceptible to attack, but a reader should have confidence that content originated from the publisher and that the content is unmodified. This thesis presents the SFS read-only file system (SFSRO) and key regression in the Chefs file system for secure, efficient content distribution using untrusted servers for public and private content respectively. SFSRO ensures integrity, authenticity, and freshness of single-writer, many-reader content. A publisher creates a digitally-signed database representing the contents of a source file system. Untrusted servers replicate the database for high availability. Chefs extends SFSRO with key regression to support decentralized access control of private content protected by encryption. Key regression allows a client to derive past versions of a key, reducing the number of keys a client must fetch from the publisher. Thus, key regression reduces the bandwidth requirements of publisher to make keys available to many clients. (cont.) Contributions of this thesis include the design and implementation of SFSRO and Chefs; a concrete definition of security, provably-secure constructions, and an implementation of key regression; and a performance evaluation of SFSRO and Chefs confirming that latency for individual clients remains low, and a single server can support many simultaneous clients. by Kevin E. Fu. Ph.D. 2006-11-07T12:22:55Z 2006-11-07T12:22:55Z 2005 2005 Thesis http://hdl.handle.net/1721.1/34464 70716512 eng M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582 143 p. 7660185 bytes 7666167 bytes application/pdf application/pdf application/pdf Massachusetts Institute of Technology |
| spellingShingle | Electrical Engineering and Computer Science. Fu, Kevin E. (Kevin Edward), 1976- Integrity and access control in untrusted content distribution networks |
| title | Integrity and access control in untrusted content distribution networks |
| title_full | Integrity and access control in untrusted content distribution networks |
| title_fullStr | Integrity and access control in untrusted content distribution networks |
| title_full_unstemmed | Integrity and access control in untrusted content distribution networks |
| title_short | Integrity and access control in untrusted content distribution networks |
| title_sort | integrity and access control in untrusted content distribution networks |
| topic | Electrical Engineering and Computer Science. |
| url | http://hdl.handle.net/1721.1/34464 |
| work_keys_str_mv | AT fukevinekevinedward1976 integrityandaccesscontrolinuntrustedcontentdistributionnetworks |