[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Inferno security presentation abstract

>From <http://jya.com/dimacs.txt>: "DIMACS Workshop on Trust Management in 
Networks, September 30 - October 2, 1996, South Plainfield, NJ"

  Inferno Security

   David Presotto, Bell Labs, Lucent Technologies

   Abstract: As telecommunications, entertainment, and
   computing networks merge, a wide variety of services will
   be offered on a diverse array of hardware, software, and
   networks. Inferno provides a uniform execution
   environment for applications and services in this chaotic
   world. Inferno comprises a networked operating system
   that can run native or above a commercial operating
   system, a virtual machine, a programming language,
   protocols, and standard interfaces for networks,
   graphics, and other system services. This talk describes
   both the security features currently in Inferno and those
   we intend to move to.

   Inferno currently uses public key cryptography only for
   authentication. The Station to Station protocol (STS)
   using Elgamal certificates provides mutual authentication
   between parties. Authentication also yields a mutually
   held secret that can be used to encrypt the conversation
   or to add a cryptographic hash to each message sent.
   Rather than reinvent the wheel, we use the same line
   format as SSL.

   Two methods are used for certificate creation: a one time
   registration procedure and a login procedure. The
   registration procedure requires a conversation between
   the CA and user during each registration. The login
   procedure requires one only when a password is assigned.
   Login uses a Bellovin-like encrypted key exchange.

   Our trust relations are currently too simplistic;
   communicating parties must have keys signed by the same
   certifying authority. There are no attributes attached to
   certificates. This is sufficient for authentication but
   not for anything more advanced such as signing code,
   passing trust to third parties, etc. We are currently
   trying to build extensible certificates in the same vein
   as PolicyMaker and SDSI so that we can embed more
   semantics into them and reason on it.

   For more information, see <http://inferno.lucent.com/>.