You are here:
(02 Sep 2010,
Date: 2005-10-20 Time: 11:45 Room: BBL room 471 ----+++ Speaker: Eelco Dolstra ----+++ Title: Secure Sharing Between Untrusted Users in a Transparent Source/Binary Deployment Model ----+++ Abstract The Nix software deployment system is based on the paradigm of _transparent source/binary deployment_: distributors deploy descriptors that build components from source, while client machines can transparently optimise such source builds by downloading pre-built binaries from remote repositories. This model combines the simplicity and flexibility of source deployment with the efficiency of binary deployment. A desirable property is _sharing_ of components: if multiple users install from the same source descriptors, ideally only one remotely built binary should be installed. The problem is that users must trust that remotely downloaded binaries were built from the sources they are claimed to have been built from, while users in general do not have a trust relation with each other or with the same remote repositories. This paper presents three models that enable sharing: the _extensional model_ that requires that all users on a system have the same remote trust relations, the _intensional model_ that does not have this requirement but may be suboptimal in terms of space use, and the _mixed model_ that merges the best properties of both. The latter two models are achieved through a novel technique of _hash rewriting_ in content-addressable component stores, and were implemented in the context of the Nix system. This is a paper to be presented at ASE-2005 (http://www.ase-conference.org/) <!-- * Set PREV_SKIN = customtitle * Set CUSTOMTOPICTITLE = Secure Sharing Between Untrusted Users in a Transparent Source/Binary Deployment Model * Set CUSTOMHEADTITLE = Stc / Secure Sharing Between Untrusted Users in a Transparent Source/Binary Deployment Model -->
ore topic actions
Topic revision: r3 - 02 Sep 2010,
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding UUCS?