Protected data paths: delivering sensitive data via untrusted proxies


The ability to share sensitive information is a key necessity for today's distributed enterprise applications. This paper presents a kernel-level mechanism for controlling the exchanges of sensitive data, termed Protected Data Paths. The mechanism permits only machines with suitable credentials to cache and manipulate protected data, and it gives protection domains access to such data only as per their rights specified in the capabilities they possess. Our implementation of Protected Data Paths in Linux operates by creating protected communication channels between participating machines. Path establishment requires such machines' kernel domains to have suitable credentials. Data transferred via such paths is made available to application-level domains only as per their current data access capabilities, guaranteed by kernellevel supervision of such data accesses.

DOI: 10.1145/1501434.1501452

Extracted Key Phrases

12 Figures and Tables

Cite this paper

@inproceedings{Kong2006ProtectedDP, title={Protected data paths: delivering sensitive data via untrusted proxies}, author={Jiantao Kong and Karsten Schwan and Patrick M. Widener}, booktitle={PST}, year={2006} }