The CRISIS Wide Area Security Architecture

Website Maintenance Alert

Due to scheduled maintenance on Wednesday, October 16, from 10:30 am to 4:30 pm Pacific Daylight Time (UTC -7), parts of the USENIX website (e.g., conference registration, user account changes) may not be available. We apologize for the inconvenience.

If you are trying to register for LISA19, please complete your registration before or after this time period.

Abstract:

This paper presents the design and implementation of a new authentication and access control system, called CRISIS. A goal of CRISIS is to explore the systematic application of a number of design principles to building highly secure systems, including: redundancy to eliminate single points of attack, caching to improve performance and availability over slow and unreliable wide area networks, fine-grained capabilities and roles to enable lightweight control of privilege, and complete local logging of all evidence used to make each access control decision. Measurements of a prototype CRISIS-enabled wide area file system show that in the common case CRISIS adds only marginal overhead relative to unprotected wide area accesses.

connect with us

twitter

usenix conference policies

The CRISIS Wide Area Security Architecture

Website Maintenance Alert

Eshwar Belani, University of California at Berkeley

Amin Vahdat, University of California at Berkeley

Thomas E. Anderson, University of California at Berkeley

Michael Dahlin, University of California at Berkeley

connect with us

twitter

usenix conference policies

You are here

connect with us

The CRISIS Wide Area Security Architecture

Website Maintenance Alert

Eshwar Belani, University of California at Berkeley

Amin Vahdat, University of California at Berkeley

Thomas E. Anderson, University of California at Berkeley

Michael Dahlin, University of California at Berkeley