ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Cryptographic sealing for information secrecy and authentication
Full text PdfPdf (1.29 MB)
Source
Communications of the ACM archive
Volume 25 ,  Issue 4  (April 1982) table of contents
Pages: 274 - 286  
Year of Publication: 1982
ISSN:0001-0782
Author
David K. Gifford  Stanford Univ., Stanford, CA, and Xerox Palo Alto Research Center, Palo Alto, CA
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 15,   Downloads (12 Months): 56,   Citation Count: 7
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/358468.358493
What is a DOI?

ABSTRACT

A new protection mechanism is described that provides general primitives for protection and authentication. The mechanism is based on the idea of sealing an object with a key. Sealed objects are self-authenticating, and in the absence of an appropriate set of keys, only provide information about the size of their contents. New keys can be freely created at any time, and keys can also be derived from existing keys with operators that include Key-And and Key-Or. This flexibility allows the protection mechanism to implement common protection mechanisms such as capabilities, access control lists, and information flow control. The mechanism is enforced with a synthesis of conventional cryptography, public-key cryptography, and a threshold scheme.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Blakely, G.R. Safeguarding cryptographic keys. Proc. 1979 National Comp. Conf., New York, New York, June 4-7, 1979, Vol 48, AFIPS Press, 313-317.
 
2
Chaum, D. and Fabry, R. Implementing capability-based protection using encryption. Rept. UCB/ERL M78/46,/Electronics Research Laboratory, University of CA, Berkeley, July 1978.
3
Dorothy E. Denning, A lattice model of secure information flow, Communications of the ACM, v.19 n.5, p.236-243, May 1976  [doi>10.1145/360051.360056]
4
Jack B. Dennis , Earl C. Van Horn, Programming semantics for multiprogrammed computations, Communications of the ACM, v.9 n.3, p.143-155, March 1966  [doi>10.1145/365230.365252]
 
5
Diffie, W., and Hellman, M.E. New directions in cryptography. IEEE Trans. on Inf. Thy. IT-22, 6 (Nov. 1976), 644-654.
 
6
Diffie, W., and Hellman, M.E. Exhaustive cryptanalysis of the NBS data encryption standard. Computer, 10, 6 (June 1977), 74-84.
 
7
Diffie, W., and Hellman, M.E. Privacy and authentication: An introduction to cryptography. Proc. of the IEEE 67, 3 (March 1979), 397-427.
 
8
David Kenneth Gifford, Information storage in a decentralized computer system, 1981
 
9
Gudes, E. The design of a cryptography based secure file system. IEEE Trans. on Soft. Eng. SE-6, 5 (Sept. 1980), 411-420.
 
10
Kenheim, A.G., et al, The IPS cryptographic programs. IBM Sys. J. 19, 2 (1980), 253-283.
 
11
Lindsay, B., and Gligor, V. Migration and authentication of protected objects, IEEE Trans. Soft. Eng. SE-5, 6 (Nov. 1979), 607-611.
 
12
John McCarthy, LISP 1.5 Programmer's Manual, The MIT Press, 1962
13
James H. Morris, Jr., Protection in programming languages, Communications of the ACM, v.16 n.1, p.15-21, Jan. 1973  [doi>10.1145/361932.361937]
14
Roger M. Needham, Adding capability access to conventional file servers, ACM SIGOPS Operating Systems Review, v.13 n.1, p.3-4, January 1979  [doi>10.1145/850652.850653]
15
Roger M. Needham , Michael D. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM, v.21 n.12, p.993-999, Dec. 1978  [doi>10.1145/359657.359659]
 
16
Peterson, W.W., and Weldon, E.J. Error-Correcting Codes. 2nd Ed. MIT Press, Cambridge, MA, 1972.
 
17
D. D. Redell. , David D. Redell, NAMING AND PROTECTION IN EXTENDABLE OPERATING SYSTEMS, Massachusetts Institute of Technology, Cambridge, MA, 1974
18
R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978  [doi>10.1145/359340.359342]
 
19
Saltzer, J.H., and Schroeder, M.D. The protection of information in computer systems. Proc. of the IEEE 63, 9 (Sept. 1975), 1278-1308.
20
Adi Shamir, How to share a secret, Communications of the ACM, v.22 n.11, p.612-613, Nov. 1979  [doi>10.1145/359168.359176]
 
21
Shannon, C.E. Communication theory of secrecy systems. Bell Sys. Tech. Journal 28, (Oct. 1949), 656-715.

CITED BY  7
R. S. Sandhu, On some cryptographic solutions for access control in a tree hierarchy, Proceedings of the 1987 Fall Joint Computer Conference on Exploring technology: today and tomorrow, p.405-410, December 1987, Dallas, Texas, United States
Steven M. Bellovin , Michael Merritt, Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise, Proceedings of the 1st ACM conference on Computer and communications security, p.244-250, November 03-05, 1993, Fairfax, Virginia, United States
Martín Abadi , Bogdan Warinschi, Security analysis of cryptographically controlled access to XML documents, Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, June 13-15, 2005, Baltimore, Maryland
Jan Vitek , Ciarán Bryce , Manuel Oriol, Coordinating processes with secure spaces, Science of Computer Programming, v.46 n.1-2, p.163-193, January/February 2003
Christian Payne, A cryptographic access control architecture secure against privileged attackers, Proceedings of the 2007 ACM workshop on Computer security architecture, November 02-02, 2007, Fairfax, Virginia, USA
Wai Gen Yee , Brett Trockman, Bridging a gap in the proposed personal health record, Proceedings of the international workshop on Healthcare information and knowledge management, November 11-11, 2006, Arlington, Virginia, USA
Martín Abadi , Bogdan Warinschi, Security analysis of cryptographically controlled access to XML documents, Journal of the ACM (JACM), v.55 n.2, p.1-29, May 2008

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls

Additional Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Cryptographic controls; Authentication; Information flow controls

  E. Data
  E.3 DATA ENCRYPTION
      Subjects: Public key cryptosystems


General Terms:
Security


Keywords:
conentional crypto-systems, cryptographic sealing, key, seal, secrecy, unseal

Collaborative Colleagues:
David K. Gifford: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player