|Full text||Click to download.|
|Citation||Stanford InfoLab Publication number 2005-41
Security configurations are introduced as a new model for the description and analysis of secure data systems. Both the longevity and privacy of sensitive data are considered. The model uses two basic operators: copy, which replicates data for preservation, and split, which decomposes data (e.g., into cyphertext and a key) for privacy. The operators can be recursively composed to describe how data and its associated keys are managed. Various classes of configurations are defined that have desirable properties with respect to physical realizability and semantic correctness. Formal techniques are provided to verify these properties for a given configuration.
Back to publications
Back to previous page