CapNet: Security and Least Authority in a Capability-Enabled Cloud
Diversity and complexity of cloud applications creates an inherent need for collaboration among multiple cloud players: appliance vendors, providers of third-party cloud services, consumers and providers of proprietary and regulated datasets, etc. Collaboration in a cloud, however, is hindered by the lack of access control mechanisms that can provide security in a decentralized environment and in the face of multiple mistrusting parties.
CapNet is a capability-based network architecture designed to enable least authority and secure collaboration in the cloud. At its core, CapNet is an object capability system that represents the resources of a traditional network as a graph of objects that have unforgeable pointers (or capabilities) to other objects. Capabilities in CapNet allow principals to perform operations on objects: e.g., a capability to a “flow object” allows packets to be sent along the flow, and a capability to a “node object” can control a virtual or physical device in the cloud. Principals have no authority beyond capabilities: all network operations are accessible only through capability invocations. CapNet allows fine-grained management of rights, recursive delegation, hierarchical policies, and least privilege. To enable secure collaboration, CapNet extends a classical capability model with support for decentralized authority. We implement CapNet in the substrate of a software-defined network, integrate it with the OpenStack cloud, and develop protocols enabling secure multi-party collaboration.
Tue 24 OctDisplayed time zone: Tijuana, Baja California change
10:30 - 12:00 | |||
10:30 30mTalk | CapNet: Security and Least Authority in a Capability-Enabled Cloud OCAP Anton Burtsev University of California, Irvine, David Johnson University of Utah, Josh Kunz University of Utah, Eric Eide University of Utah, Jacobus Van der Merwe University of Utah | ||
11:00 30mTalk | Monte: A Spiritual Successor to E OCAP Corbin Simpson Matador Cloud LLC | ||
11:30 30mTalk | Using Object Capabilities and Effects to Build an Authority-Safe Module System OCAP Darya Melicher Carnegie Mellon University, Yangqingwei Shi Peking University, Valerie Zhao Wellesley College, Alex Potanin Victoria University of Wellington, Jonathan Aldrich Carnegie Mellon University |