Twitter
Facebook
LinkedIn
Google+
YouTubeusenix conference policies
The CRISIS Wide Area Security Architecture
Website Maintenance Alert
Due to scheduled maintenance, the USENIX website may not be available on Monday, March 17, from 10:00 am–6:00 pm Pacific Daylight Time (UTC -7). We apologize for the inconvenience and thank you for your patience.
If you would like to register for NSDI '25, SREcon25 Americas, or PEPR '25, please complete your registration before or after this time period.
Eshwar Belani and Amin Vahdat, University of California, Berkeley; Thomas Anderson, University of Washington, Seattle; Michael Dahlin, University of Texas, Austin
This paper presents the design and implementation of a new authentication and access control system, called CRISIS. A goal of CRISIS is to explore the systematic application of a number of design principles to building highly secure systems, including: redundancy to eliminate single points of attack, caching to improve performance and availability over slow and unreliable wide area networks, fine-grained capabilities and roles to enable lightweight control of privilege, and complete local logging of all evidence used to make each access control decision. Measurements of a prototype CRISIS-enabled wide area file system show that in the common case CRISIS adds only marginal overhead relative to unprotected wide area accesses.
author = {Eshwar Belani and Amin Vahdat and Thomas E. Anderson and Michael Dahlin},
title = {The {CRISIS} Wide Area Security Architecture},
booktitle = {7th USENIX Security Symposium (USENIX Security 98)},
year = {1998},
address = {San Antonio, TX},
url = {https://www.usenix.org/conference/7th-usenix-security-symposium/crisis-wide-area-security-architecture},
publisher = {USENIX Association},
month = jan
}
connect with us