TY - GEN
T1 - Preserving integrity in remote file location and retrieval
AU - Jaeger, T.
AU - Rubin, A. D.
PY - 1996/1/1
Y1 - 1996/1/1
N2 - We present a service for locating and retrieving files from an untrusted network such that the integrity of the retrieved files can be verified. This service enables groups of people in geographically remote locations to share files using an untrusted network. For example, distribution, of an organization's software to all the organization's sites can be accomplished using this service. Distribution of files in an untrusted network is complicated by two issues: (1) location of files and (2) verification of file integrity. ftp and World-wide Web (WWW) services require some user intervention to locate a file, so they cannot be embedded in automated systems. Distributed systems have mechanisms for automated file location and retrieval, but they require trust in all system principals and do not provide an appropriate balance between availability of files and retrieval cost for our applications. Verification of the integrity of a file retrieved from an untrusted network is necessary because the file is subject to malicious modification attacks. Our service provides the capability to automatically locate, retrieve, and verify files specified by a client using a single trusted principal. We demonstrate our service by building a system shell that automatically downloads remote software when needed.
AB - We present a service for locating and retrieving files from an untrusted network such that the integrity of the retrieved files can be verified. This service enables groups of people in geographically remote locations to share files using an untrusted network. For example, distribution, of an organization's software to all the organization's sites can be accomplished using this service. Distribution of files in an untrusted network is complicated by two issues: (1) location of files and (2) verification of file integrity. ftp and World-wide Web (WWW) services require some user intervention to locate a file, so they cannot be embedded in automated systems. Distributed systems have mechanisms for automated file location and retrieval, but they require trust in all system principals and do not provide an appropriate balance between availability of files and retrieval cost for our applications. Verification of the integrity of a file retrieved from an untrusted network is necessary because the file is subject to malicious modification attacks. Our service provides the capability to automatically locate, retrieve, and verify files specified by a client using a single trusted principal. We demonstrate our service by building a system shell that automatically downloads remote software when needed.
UR - http://www.scopus.com/inward/record.url?scp=67649833161&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=67649833161&partnerID=8YFLogxK
U2 - 10.1109/NDSS.1996.492413
DO - 10.1109/NDSS.1996.492413
M3 - Conference contribution
T3 - Proceedings of Internet Society Symposium on Network and Distributed Systems Security, NDSS 1996
SP - 53
EP - 63
BT - Proceedings of Internet Society Symposium on Network and Distributed Systems Security, NDSS 1996
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 1997 Internet Society Symposium on Network and Distributed Systems Security, SNDSS 1996
Y2 - 22 February 1996 through 23 February 1996
ER -