Chalmers Security Seminar

CLIO: Cryptographically Secure Information Flow Control on Key-Value Stores

Cryptography can in principle be used to protect users' data when stored or transmitted, but in practice is error-prone and can potentially result in a violation of a user's security concerns.

Who: Pablo Buiras, PhD from Chalmers, now PostDoc at Harvard university
When: 10:30 - 11:30 Friday05 May 2017
Where: room EDIT 3364
Title: CLIO: Cryptographically Secure Information Flow Control on Key-Value Stores

Abstract:
Cryptography can in principle be used to protect users’ data when stored or transmitted, but in practice is error-prone and can potentially result in a violation of a user’s security concerns. Information flow control (IFC) systems, on the other hand, can automatically enforce security policies on data with policy languages expressive enough to capture many desired confidentiality and integrity requirements. In this talk I will present CLIO, an Information flow control (IFC) system that transparently incorporates cryptography to enforce confidentiality and integrity policies on untrusted key-value storage. CLIO insulates developers from explicitly manipulating keys and cryptographic primitives by leveraging the policy language of the IFC system to automatically use the appropriate keys and correct cryptographic operations. Our system relies on a CPA-secure cryptosystem, and we show that CLIO is secure with a novel proof technique composing cryptographic proof techniques with standard programming language techniques.

Previous Talks