A Trusted Execution Platform for Multiparty Computation

Download: pdf, ps.

``A Trusted Execution Platform for Multiparty Computation'' by Sameer Ajmani. Masters thesis, MIT, Sep. 2000. Also available as MIT technical report MIT-LCS-TR-846.

Abstract

The value of data used in computation is increasing more rapidly than the security of the computation environment. Users are submitting private personal and financial information to untrusted programs, even though the programs cannot guarantee the privacy of that information. This problem is even more pronounced for programs that are provided through the Internet, such as servlets and applets. Sandboxing and runtime policy mechanisms are designed to prevent such programs from leaking information, but these techniques are either too weak or too restrictive to support useful information sharing. Myers' decentralized label model addresses this problem by tracking privacy policies on individual pieces of data as they flow through a program. This thesis presents a system that enforces these policies and allows mutually-distrusting parties to share data in computation. The Simple Public Key Infrastructure (SPKI) provides name resolution and authorization services without depending on a central authority. This thesis describes a system that combines SPKI with Myers' label model to connect the names and policies in programs with real-world users and permissions. Users must trust the system with their private data; in return, the system protects their data from release to untrusted parties. The system is called the Trusted Execution Platform (TEP). This thesis presents the design and implementation of TEP and analyzes its performance. TEP ensures that the applications it runs protect the privacy of classified data used in computation.

Download: pdf, ps.

BibTeX entry:

@mastersthesis{ajmani00trusted,
   author = {Sameer Ajmani},
   title = {A Trusted Execution Platform for Multiparty Computation},
   school = {MIT},
   month = sep,
   year = {2000},
   note = {Also available as MIT technical report MIT-LCS-TR-846}
}

Also see all publications by date.