Cryptology ePrint Archive: Report 2010/213

Composable Security Analysis of OS Services

Ran Canetti and Suresh Chari and Shai Halevi and Birgit Pfitzmann and Arnab Roy and Michael Steiner and Wietse Venema

Abstract: We provide an analytical framework for analyzing basic integrity properties of file systems, namely the binding of files to filenames and writing capabilities. A salient feature of our modeling and analysis is that it is *composable*: In spite of the fact that we analyze the filesystem in isolation, security is guaranteed even when the file system operates as a component within an arbitrary, and potentially adversarial system. Such secure composability properties seem essential when trying to assert the security of large systems.

Our results are obtained by adapting the *Universally Composable* (UC) security framework to the analysis of software systems. Originally developed for cryptographic protocols, the UC framework allows the analysis of simple components in isolation, and provides assurance that these components maintain their behavior when combined in a large system, potentially under adversarial conditions.

Category / Keywords: applications / Composable Security, File-System Security, Formal Models, Software Security

Date: received 15 Apr 2010, last revised 27 Apr 2011

Contact author: shaih at alum mit edu

Available format(s): PDF | BibTeX Citation

Version: 20110427:163753 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]