File repository transfer protocol. Version 1

This document presents and specifies the protocol that interfaces clients and servers in the File Repository (FR). The FR is a software system that supports sharing of files. The protocol is modelled after Smtp and Nntp and is encoded in Ascii. No details of server implementation is visible in the protocol description, but we state our intentions at several occasions

The Pesto project. Goals and motivation

Pesto is a storage system geared towards a computing model where private machines play a pivotal role. Sharing of data is crucial, both between partners, and between the many devices owned by individual users. Replication is the only sensible means to provide ubiquitous access to private data. However, without provisions, replication endangers privacy by enlarging the Trusted Computing Base. The Pesto project aims at investigating security and safety issues in concert, such that security and safety measures and mechanisms can be identified that strengthen each other and, when that is not possible, to identify tradeoffs between safety and security of data in distributed systems. This report introduces the Pesto project and system; the motivation behind it and its design goals

Private Computing: The Trusted Digital Assistant

This dissertation was typeset with L T E X in Charter and Euler, with symbols from A M

Secure communication in FRTP

To ensure privacy, users of the File Repository Transfer Protocol (Frtp) may require that communication partners are properly authenticated. If one partner wants the communication to be crypted, the other must honor the request. This report describes how authentication and privacy are realized. It is shown, by means of an authentication logic, that the protocol achives its goal in this respect

Some Hints on the Theory and Practice of Authentication in Distributed Systems

Authentication in Distributed Systems: Theory and Practice [Lampson92] provides considerable insight. However, it can be hard to read, as many details are left out, probably for brevity; it is still 45 pages long. We provide detailed explanations of tricky points. Introduction This document serves two purposes. First, it was written to ensure that we understand [Lampson92], by providing omitted calculations and arguments. Second, by making it available we hope that others may struggle less than we did. Since this is a paper explaining elements in another paper, we do not claim that any novel aspects can be found herein. On notation: "The paper" or "this paper" or "that paper" implies [Lampson92], and all references, such as "as described in section 7", refer to the relevant section in the paper. This also holds for figures and tables, where appropriate. Particularly, (PN; 1 N 12) refers to one of the 12 axioms and theorems about principals in section 3.2. We suggest that students wi..

Security in the PASTA project

This paper presents the system model for the work on security in the Pasta project. We present the objectives of the security effort, the threats we will consider, and those we will not consider. As such, the paper describes the environment which applications must be prepared to face, and still provide users with the desired degree of privacy

File repository transfer protocol. Version 1

This document presents and specifies the protocol that interfaces clients and servers in the File Repository (FR). The FR is a software system that supports sharing of files. The protocol is modelled after Smtp and Nntp and is encoded in Ascii. No details of server implementation is visible in the protocol description, but we state our intentions at several occasions

QoS applied to security in mobile computing

Hand-held mobile computers have the potential to become important communication tools for roaming users. As such, they will also become very personal. They will be used under a wide range of operating conditions, and tight user control will be enforced on issues like power consumption, consistency control, and trust management. Their ability to adapt will be the key to their success. In this paper we outline our notion and use of Quality of Service (QoS) to the design of adaptive software systems for mobile computers. They have been developed in the MobyDick and GDD projects. We do not emphasize on the provision of QoS guarantees. In stead, our notion of QoS is used to convey relevant and timely management information between service users and providers on the correct abstraction level. It structures adaptability management in the hand held machine, and it captures adaptability to changes both stemming from the hosting environment and user commands. As an example of how the architecture works, the importance of adaptivity of security services for personal companions are explained, and we show how our notion of QoS may realize adaptable security services