mpm + integrity   68

Determining whether online users are authorized to access digital objects is central to preserving privacy. This paper presents the design, implementation, and deployment of Zanzibar, a global system for storing and evaluating access control lists. Zanzibar provides a uniform data model and configuration language for expressing a wide range of access control policies from hundreds of client services at Google, including Calendar, Cloud, Drive, Maps, Photos, and YouTube. Its authorization decisions respect causal ordering of user actions and thus provide external consistency amid changes to access control lists and object contents. Zanzibar scales to trillions of access control lists and millions of authorization requests per second to support services used by billions of people. It has maintained 95th-percentile latency of less than 10 milliseconds and availability of greater than 99.999% over 3 years of production use.
consistency  authorization  integrity 
7 weeks ago by mpm
Everything you should know about certificates and PKI but are too afraid to ask
This is the missing manual. I reckon most engineers can wrap their heads around all the most important concepts and common quirks in less than an hour. That’s our goal here. An hour is a pretty small investment to learn something you literally can’t do any other way.
confidentiality  integrity 
8 weeks ago by mpm
This is a security-focused general purpose memory allocator providing the malloc API along with various extensions. It provides substantial hardening against heap corruption vulnerabilities. The security-focused design also leads to much less metadata overhead and memory waste from fragmentation than a more traditional allocator design. It aims to provide decent overall performance with a focus on long-term performance and memory usage rather than allocator micro-benchmarks. It has relatively fine-grained locking and will offer good scalability once arenas are implemented.
memory  integrity 
february 2019 by mpm
step is a zero trust swiss army knife. It is an easy-to-use and hard-to-misuse utility that implements a broad set of useful zero trust primitives. The goal is to make it easier for developers, operators, and security professionals to experiment with, debug, and automate zero trust systems. Over time we plan to add infrastructure components and user-facing functionality that make building and using zero trust systems even easier.
integrity  confidentiality 
august 2018 by mpm
A modular, capability-based operating system

This “book” is a collection of topics describing the Fuchsia operating system. Sections will be populated over time
book  integrity 
june 2017 by mpm
Istio adds traffic management to microservices and creates a basis for value-add capabilities like security, monitoring, routing, connectivity management and policy. The software is built using the battle-tested Envoy proxy from Lyft, and gives visibility and control over traffic without requiring any changes to application code
discovery  monitoring  confidentiality  integrity 
may 2017 by mpm
Monocypher is a small, secure, auditable, easy to use crypto library. It is heavily inspired by libsodium and TweetNaCl. It uses state of the art cryptographic primitives (Chacha20, Poly1305, Blake2b, Argon2i, x25519, and ed25519), and provides easy constructions on top of them
confidentiality  integrity 
february 2017 by mpm
Strobe protocol framework
Strobe is a new framework for cryptographic protocols. It can also be used for regular encryption. Its goals are to make cryptographic protocols much simpler to develop, deploy and analyze; and to fit into even tiny IoT devices
protocol  confidentiality  integrity 
january 2017 by mpm
This is a header-only C++14 library implementing custom transport encryption using libsodium and Asio's stackless coroutines. It assumes pre-shared public keys and uses only the sealed box and crypto box constructs
c++  confidentiality  integrity  networking 
april 2016 by mpm
Generate and manage an internal CA for your company
confidentiality  integrity 
july 2015 by mpm
All File Systems Are Not Created Equal: On the Complexity of Crafting Crash-Consistent Applications
We present the first comprehensive study of applicationlevel crash-consistency protocols built atop modern file systems. We find that applications use complex update protocols to persist state, and that the correctness of these protocols is highly dependent on subtle behaviors of the underlying file system, which we term persistence properties. We develop a tool named BOB that empirically tests persistence properties, and use it to demonstrate that these properties vary widely among six popular Linux file systems. We build a framework named ALICE that analyzes application update protocols and finds crash vulnerabilities, i.e., update protocol code that requires specific persistence properties to hold for correctness. Using ALICE, we analyze eleven widely-used systems (including databases, key-value stores, version control systems, distributed systems, and virtualization software) and find a total of 60 vulnerabilities, many of which lead to severe consequences. We also show that ALICE can be used to evaluate the effect of new filesystem designs on application-level consistency.
filesystem  fault-tolerance  integrity 
november 2014 by mpm
Sodium is a portable, cross-compilable, installable, packageable, API-compatible version of NaCl
confidentiality  integrity 
march 2013 by mpm
NaCl: Networking and Cryptography Library
NaCl (pronounced "salt") is a new easy-to-use high-speed software library for network communication, encryption, decryption, signatures, etc. NaCl's goal is to provide all of the core operations needed to build higher-level cryptographic tools
confidentiality  integrity  networking 
march 2013 by mpm
Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities, like root certificate authorities. It also aims to hide "non-content" data, like the sender and receiver of messages, from eavesdroppers
networking  confidentiality  integrity  p2p 
december 2012 by mpm
Using simple seccomp filters
In the simplest terms, it allows a program to declare ahead of time which system calls it expects to use, so that if an attacker gains arbitrary code execution, they cannot poke at any unexpected system calls.
integrity  linux 
march 2012 by mpm
Password Authenticated Key Exchange by Juggling
Password Authenticated Key Exchange by Juggling (J-PAKE), achieves mutual au-thentication in two steps: first, two parties send ephemeral public keys to each other; second, they encrypt the shared password by juggling the public keys in a verifiable way
confidentiality  integrity  protocol  networking 
august 2011 by mpm
Google+ Gets a “+1″ for Browser Security
Do these security measures make Google+ impervious to malicious activities? Absolutely not. Is it a good start? Yes, it is.
http  browser  integrity  confidentiality 
august 2011 by mpm
Data Management for Internet-Scale Single-Sign-On
We describe the data management requirements and architecture for this service, the problems we encountered, and the experience we’ve had running it. In doing so we provide perspective on “where theory meets practice.”
authentication  confidentiality  integrity 
february 2011 by mpm
Alfredo is a Java library consisting of a client and a server components to enable Kerberos SPNEGO authentication for HTTP.
java  integrity  confidentiality  authentication 
january 2011 by mpm
This package allows a package to be started as non-root but still bind to low ports, without any changes to the application.
integrity  linux  unix 
july 2010 by mpm
Keyczar is an open source cryptographic toolkit designed to make it easier and safer for devlopers to use cryptography in their applications. Keyczar supports authentication and encryption with both symmetric and asymmetric keys
confidentiality  integrity 
june 2009 by mpm
The scrypt key derivation function
In the context of hardware brute-force attacks, scrypt is thousands of times more secure than existing "best practice" solutions such as bcrypt
integrity  confidentiality 
may 2009 by mpm
Lamport's one-time password algorithm
The Lamport algorithm for generating and applying one-time passwords (OTPs) is a simple solution that provides great value in the right context. Not only can the Lamport OTP scheme provide effective security for distributed client/service interactions, but it's also simple to comprehend and implement
integrity  distributed 
april 2009 by mpm
Jespa is a Java software library that provides advanced integration between Microsoft Active Directory and Java applications
authentication  authorization  java  windows  integrity 
march 2009 by mpm
The OpenId Sequence Diagram
It is a complex protocol though as the following sequence diagram illustrates, and this may be a problem for automated agents that need to jump around the web from hyperlink to hyperlink, as hyperdata agents tend to do.
authentication  integrity  web  identity 
february 2009 by mpm
SELinux HowTo
Security-Enhanced Linux (SELinux) is a mandatory access control (MAC) security mechanism implemented in the kernel
linux  integrity  confidentiality 
december 2008 by mpm
Building on Quicksand
Reliable systems have always been built out of unreliable components. Early on, the reliable components were small such as mirrored disks or ECC (Error Correcting Codes) in core memory. These systems were designed such that failures of these small components were transparent to the application. Later, the size of the unreliable components grew larger and semantic challenges crept into the application when failures occurred.
reliability  safety  availability  integrity 
december 2008 by mpm
A netstring is a self-delimiting encoding of a string. Netstrings are very easy to generate and to parse.
integrity  protocol  networking 
october 2008 by mpm
Security Maxims
Engineers don’t understand security. They think nature is the adversary, not people. They tend to work in solution space, not problem space. They think systems fail stochastically, not through deliberate, intelligent, malicious intent.
availability  integrity 
september 2008 by mpm
Confidence in the Cloud
# Some Observations about Reliable Process Pairs, # Less Is More, # N-Version Programming, # Availability Over Consistency, # Eventual Consistency,
distributed  base  integrity  availability 
september 2008 by mpm
A semi-automated, largely passive web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns
fault-prevention  integrity  confidentiality  testing 
july 2008 by mpm
Security as a System-Level Constraint
The essence of system-level design is the need to concurrently consider information from multiple engineering domains across multiple subsystems to assess holistic system properties
integrity  confidentiality  availability 
june 2008 by mpm
On Secure Distributed Implementations of Dynamic Access Control
Distributed implementations of access control abound in distributed storage protocols. While such implementations are often accompanied by informal justifications of their correctness, our formal analysis reveals that their correctness can be tricky.
authorization  integrity 
june 2008 by mpm
Active Directory integration in Java
Since people still seem to be rather clueless and waste a lot of time by trying to configure general-purpose LDAP or JNDI authentication mechanism to talk to Active Directory, here's how your program can talk to Active Directory from domain name:
authentication  authorization  integrity  java 
june 2008 by mpm
Chunkfs is a new file system architecture that divides file systems up into chunks that are invidually and incrementally checked and repaired, with only occasional references to metadata in other chunks
integrity  filesystem 
may 2008 by mpm
Defense in Depth, Reconsidered: Is Information Security Anything Like War?
Despite repeated assertion, I am dubious about the standing of “defense in depth” as a core principle for security design.
integrity  confidentiality  availability 
april 2008 by mpm
Basic Principles Of Information Protection
As computers become better understood and more economical, every day brings new applications. Many of these new applications involve both storing information and simultaneous use by several individuals. The key concern in this paper is multiple use. For those applications in which all users should not have identical authority, some scheme is needed to ensure that the computer system implements the desired authority structure.
integrity  confidentiality 
april 2008 by mpm
Smack for simplified access control
Smack implements Mandatory Access Control (MAC), but it purposely leaves out the role based access control and type enforcement that are major parts of SELinux.
linux  authorization  integrity 
april 2008 by mpm
The role of trust management in distributed systems security
we examine existing authorization mechanisms and their inadequacies. We introduce the concept of trust management, explain its basic principles, and describe some existing trust-management engines
distributed  integrity  confidentiality 
march 2008 by mpm
The Cactus Project
integrated design and implementation framework for supporting customizable dynamic fine-grain Quality of Service (QoS) attributes related to dependability, real time, and security in distributed systems
gcs  reliability  confidentiality  integrity  availability 
march 2008 by mpm
Lasso - Liberty Alliance Single Sign On
a free software C library aiming to implement the Liberty Alliance standards; it defines processes for federated identities, single sign-on and related protocols
identity  authentication  integrity 
february 2008 by mpm
Bugtraq: [linux-security] Things NOT to put in root's crontab
Folks, do NOT use 'find' on a public directory with '-exec rm -f' as root. Period. Ever. Delete it from your crontab *now* and finish reading the rest of this message later.
integrity  unix  linux 
january 2008 by mpm
a swiss-army-knife tool for web application hacking
http  integrity  confidentiality 
october 2007 by mpm
Scapy is a powerful interactive packet manipulation program
python  integrity  networking  testing 
october 2007 by mpm
Neat tricks with iptables
The result of this research has been the ongoing creation of a firewall to protect my laptop against open networks, and my Internet server from port scanning and DoS attacks. I’m pretty certain I haven’t even scratched the surface yet, but I have found some settings to protect against the most common attacks. Below I’ll summarize the major pieces of my new firewall, and the logic behind it.
linux  networking  integrity  availability 
october 2007 by mpm
Thoughts on Threat Modeling...
Remember that threat modeling is an analysis tool. You threat model to identify threats to your component, which then lets you know where you need to concentrate your resources
confidentiality  integrity  availability 
october 2007 by mpm
Practical Principles for Computer Security
The key ideas are principals, a relation between principals called “speaks for”, a logic for reasoning about what resources a principal can speak for, and rules for abstracting from the bits exchanged among interacting parties to logical formulas. These ideas provide a way to reason formally about delegation, names, groups, computer systems, applications, and authorization policy.
authentication  authorization  integrity 
october 2007 by mpm
Threat Modeling: Uncover Security Design Flaws Using The STRIDE Approach
systematic approach to threat modeling developed in the Security Engineering and Communications group at Microsoft
confidentiality  integrity  availability 
october 2007 by mpm
Secure timestamping and confidential auditing
The purpose is to prove that a particular piece of content (i.e. some array of bits) existed at a particular period of time
integrity  confidentiality 
september 2007 by mpm
Advances in Distributed Security
The old view "proved" that the integrity properties of a wide variety of services on which civilization depends, whether synchronized clocks, public directories , censorship-proof file sharing and publication, or issuing money or securities were "impossible" on asynchronous networks like the Internet unless we put unlimited faith in a third party to enforce many of the rules of the service. We now know how to provide such services with a high degree of integrity and availability, yet far more resilient to the possibility that any party might act in a malicious manner.
integrity  confidentiality 
september 2007 by mpm
Securing the Python interpreter
Well, after many months of work I have finally managed to secure the Python interpreter
python  integrity 
may 2007 by mpm
Capability-Based Computer Systems
This book was published by Digital Press in 1984. It is still the most thorough survey and description of early capability-based and object-based hardware and software systems
book  integrity  confidentiality 
april 2007 by mpm
DMZ is an acronym that stands for De-Militarized Zone, and in the 'real' world it is the location between two hostile entities such as North and South Korea. In the Security community, however, it is a separate, untrusted network where boxes serving public services should be placed.
networking  integrity  confidentiality  availability 
january 2007 by mpm
Therefore, the task at hand is to define ways for taking such JAAS-based security services to the next level, to help in linking SOA services.
java  authentication  authorization  integrity 
september 2006 by mpm
Security Engineering - A Guide to Building Dependable Distributed Systems
When I wrote the first edition, we put the chapters online free after four years and found that this boosted sales of the paper edition. People would find a useful chapter online and then buy the book to have it as a reference. Wiley and I agreed to do the same with the second edition, and now, four years after publication, I am putting all the chapters online for free. Enjoy them – and I hope you'll buy the paper version to have as a conveient shelf reference
book  availability  confidentiality  integrity 
september 2006 by mpm
Tip: Configure SAX parsers for secure processing
Because XML systems often accept and process data from many different sources, it's important to consider the effect bad data may cause if it's intentionally or unintentionally injected into the system. Although validation and well-formedness checking provide a substantial amount of protection compared to traditional binary formats, you also need to consider some issues that are unique to XML. Fortunately, proper configuration of the parser and some reasonable intelligence about what to store can ameliorate most security concerns.
integrity  xml 
august 2006 by mpm
Seeking Scalable Web Authentication
The traditional J2EE approach to authentication sessions is placing identity information in the servlets Session object. The memory used by the Sessions, and potential need to replicate them, places a drag on scalability. In this article, I propose a different approach that is more scalable because it requires less shared state.
web  java  authentication  authorization  integrity 
may 2006 by mpm
The Structure of Authority: Why security is not a separable concern
Common programming practice grants excess authority for the sake of functionality; programming principles require least authority for the sake of security. If we practice our principles, we could have both security and functionality. Treating security as a separate concern has not succeeded in bridging the gap between principle and practice, because it operates without knowledge of what constitutes least authority
authorization  integrity 
may 2006 by mpm
Capability Theory by Sound Bytes
This is a collection of insights for designing capability based systems
may 2006 by mpm
Extend JAAS for class instance-level authorization
The Java Authentication and Authorization Service (JAAS) is an extension to the Java 2 SDK. Under JAAS, a user or service may be given specific permissions to execute code in a Java class. In this article, software engineer Carlos Fonseca shows you how to extend the JAAS framework for the enterprise. Adding class instance-level authorization and special relationships to the JAAS framework lets you build more dynamic, flexible, and scalable enterprise applications.
java  authorization  integrity 
may 2006 by mpm

Copy this bookmark: