The views and conclusions in this document are those of the authors and do not necessarily represent the official policies or endorsements of any of the research sponsors. How do we build distributed systems that are secure? Cryptographic techniques can be used to secure the communications between physically separated systems, but this is not enough: we must be able to guarantee the privacy of the cryptographic keys and the integrity of the cryptographic functions, in addition to the integrity of the security kernel and access control databases we have on the machines. Physical security is a central assumption upon which secure distributed systems are built; without this foundation even the best cryptosystem or the most secure kernel will crumble. In this thesis, I address the distributed security problem by proposing the addition of a small, physically secure hardware module, a secure coprocessor, to standard workstations and PCs. My central axiom is that secure coprocessors are able to maintain the privacy of the data they process. This thesis attacks the distributed security problem from multiple sides. First, I analyze the security properties of existing system components, both at the hardware and

The Dyad project at Carnegie Mellon University is using physically secure coprocessors to achieve new protocols and systems addressing a number of perplexing security problems. These coprocessors can be produced as boards or integrated circuit chips and can be directly inserted in standard workstations or PC-style computers. This paper presents a set of security problems and easily implementable solutions that exploit the power of physically secure coprocessors: (1) protecting the integrity of publicly accessible workstations, (2) tamper-proof accounting/audit trails, (3) copy protection, and (4) electronic currency without centralized servers. We outline the architectural requirements for the use of secure coprocessors. 1 Introduction and Motivation The Dyad project at Carnegie Mellon University is using physically secure coprocessors to achieve new protocols and systems addressing a number of perplexing security problems. These coprocessors can be produced as boards or integrated ...

Many researchers believe electronic wallets (secure storage devices that maintain account balances) are the solution to electronic commerce challenges. This paper argues for a more powerful model --- a secure coprocessor --- that can run a small operating system, run application programs, and also keep secure storage for cryptographic keys and balance information. We have built a system called Dyad, on top of a port of the Mach 3.0 microkernel to the IBM Citadel secure coprocessor. This paper describes the abstract architecture of Dyad and a general discussion of secure coprocessor implementations of a variety of electronic commerce applications: ffl Copy protection for software ffl Electronic cash (including a critique of proposed solutions for point-of-sale electronic wallet systems) ffl Electronic contracts ffl Secure postage 1 Introduction Many researchers believe electronic wallets (secure storage devices that maintain account balances) are the solution to electronic commerc...

A workflow is a long-duration multi-step activity. The task of the workflow manager is to automate the execution and the control of the workflow activities. In this paper we are interested in workflows that execute under the control of various processing stations that may be located at different nodes of a distributed system. The stations may be autonomous and only partially automated. We present the design and a proposed implementation of a new model for workflow management. The model presented is modular in the sense that modification of a subactivities of the workflow does not necessarily require changes to the workflow specification. Furthermore, the model preserves the autonomy of the individual office environments and does not require them to modify the means they use to process the individual steps of the activity.

Introduction Security is a pressing problem for distributed systems. Distributed systems exchange data among a variety of users over a variety of sites, which may be geographically separated. A user who stores important data on processor A must trust not just processor A but also the processors B; C;D; . . . with which A communicates. The distributed security problem is difficult, and few major distributed systems attempt to address it. In fact, conventional approaches to computer security are so complex that they actually discourage designers from trying to build a secure distributed system: A software engineer who wishes to build a secure distributed data application finds that he or she must depend on the security of a distributed database which depends on the security of a distributed file system which depends on the security of a distributed operating system kernel, etc. Under

The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the US Government or Motorola Inc. Keywords: cryptography, franking, electroniccurrency, mail, postage, stamps, We extend cryptographic techniques to the protection of the application of stamps for mail. We show how to provide electronic stamps (using off-the-shelf bar code technology to represent a cryptographic message) to use in a fully integrated franking system that provides protection against: 1. Tampering with postage meter to given the user additional credit; 2. Forged or copied electronic stamps; 3. Unauthorized use of a postage meter; and 4. Stolen postage meters. We relate the question of electronic stamps to broader issues in electronic currency While cryptographic methods have long been associated with mail (dating back

In this paper, we present a new approach to mobile computing based on an all-silicon computer. It facilitates application and data migration as a user moves between heterogeneous, disconnected machines. General-purpose applications permanently run on a removable processor card, called an AppCard. An AppCard connects to a host computer through a standard interface, such as a PCMCIA slot. The card has its own operating system which provides basic services, but it relies on the host for many resources, such as a user interface and a network connection. This paper discusses the design and implementation of an initial AppCard prototype. It includes early performance measurements and presents ideas on further development in this area.