A file system design for the Aeolus security platform
Author(s)
McKee, Francis Peter
DownloadFull printable version (2.403Mb)
Other Contributors
Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.
Advisor
Barbara H. Liskov.
Terms of use
Metadata
Show full item recordAbstract
This thesis presents the design and implementation of a file system for Aeolus, a distributed security platform based on information flow control. An information flow control system regulates the use of sensitive information as it flows through an application. An important part of such a platform is files, since applications use files to store sensitive information. This thesis presents an implementation of a file system that enforces information flow rules on the use of files and generates valuable audit trails of an application's interaction with the file system. My results show that the file system supports information flow control with auditing while performing nearly as well as a native file system.
Description
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2011. Cataloged from PDF version of thesis. Includes bibliographical references (p. 51).
Date issued
2011Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.