Skip to main content
Article thumbnail
Location of Repository

Secure program partitioning

By Steve Zdancewic, Lantian Zheng, Nathaniel Nystrom and Andrew C. Myers


This paper presents secure program partitioning, a language-based technique for protecting confidential data during computation in distributed systems containing mutually untrusted hosts. Confidentiality and integrity policies can be expressed by annotating programs with security types that constrain information flow; these programs can then be partitioned automatically to run securely on heterogeneously trusted hosts. The resulting communicating subprograms collectively implement the original program, yet the system as a whole satisfies the security requirements of participating principals without requiring a universally trusted host machine. The experience in applying this methodology and the performance of the resulting distributed code suggest that this is a promising way to obtain secure distributed computation

Topics: Categories and Subject Descriptors, D.4.6 [Operating Systems, Security and Protection—Information flow controls, D.4.7 [Operating Systems, Organization and Design—Distributed systems, D.3.4 [Programming Languages, Processors—Compilers, Run-time environments, D.3.3 [Programming Languages, Language Constructs and Features General Terms, Security, Languages Additional Key Words and Phrases, Confidentiality, declassification, distributed systems, downgrading, integrity
Year: 2002
OAI identifier: oai:CiteSeerX.psu:
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.