Departmental Seminar: "Secure Content Distribution Using Untrusted Servers"
Kevin Fu
MIT
Computer Science and Artificial Intelligence Laboratory
Faculty Host:Brian Levine
"Secure Content Distribution Using Untrusted Servers"
A publisher can make content available to many readers through replication on remote, untrusted computers. Yet a reader should have confidence that content is authentic, and publishers should be able to control access to content. This talk presents the design and implementation of the SFS read-only file system (SFSRO) for secure, scalable distribution of public and private content replicated using untrusted servers.
SFSRO provides authenticity of single-writer, many-reader content. A publisher creates a digitally-signed database out of the contents of a source file system. Untrusted servers replicate the content, accessed by readers through a file system interface. A reader accepts only verified, authentic content --- eliminating the need to trust the distribution infrastructure.
To control access to private content, a publisher encrypts content for confidentiality. This talk introduces lazy revocation and key regression to cope with the cost of distributing keys to readers. These techniques allow a publisher on a low-bandwidth connection to support many readers accessing private content.
Refreshments at 3:30 PM in the atrium, outside the presentation room.
