CLIO: Cryptographically Secure Information Flow Control on Key-Value Stores

May 5, 2017 12:00 AM

Who: Pablo Buiras, PhD from Chalmers, now PostDoc at Harvard university\
When: 10:30 - 11:30 Friday{{ | date_to_long_string }}\
Where: room EDIT 3364\
Title: {{ page.title }}

Cryptography can in principle be used to protect users' data when stored or transmitted, but in practice is error-prone and can potentially result in a violation of a user’s security concerns. Information flow control (IFC) systems, on the other hand, can automatically enforce security policies on data with policy languages expressive enough to capture many desired confidentiality and integrity requirements. In this talk I will present CLIO, an Information flow control (IFC) system that transparently incorporates cryptography to enforce confidentiality and integrity policies on untrusted key-value storage. CLIO insulates developers from explicitly manipulating keys and cryptographic primitives by leveraging the policy language of the IFC system to automatically use the appropriate keys and correct cryptographic operations. Our system relies on a CPA-secure cryptosystem, and we show that CLIO is secure with a novel proof technique composing cryptographic proof techniques with standard programming language techniques.

Previous Talks

{: .t60 } {% include list-posts tag=‘csstalk’%}