research-article

Fabric: a platform for secure distributed computation and storage

Authors:
Jed Liu

Cornell University, Ithaca, NY, USA

Cornell University, Ithaca, NY, USA
View Profile

,
Michael D. George

Cornell University, Ithaca, NY, USA

Cornell University, Ithaca, NY, USA
View Profile

,
K. Vikram

Cornell University, Ithaca, NY, USA

Cornell University, Ithaca, NY, USA
View Profile

,
Xin Qi

Cornell University, Ithaca, NY, USA

Cornell University, Ithaca, NY, USA
View Profile

,
Lucas Waye

Cornell University, Ithaca, NY, USA

Cornell University, Ithaca, NY, USA
View Profile

,
Andrew C. Myers

Cornell University, Ithaca, NY, USA

Cornell University, Ithaca, NY, USA
View Profile

SOSP '09: Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principlesOctober 2009Pages 321–334https://doi.org/10.1145/1629575.1629606

Published:11 October 2009Publication History

SOSP '09: Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles

Pages 321–334

ABSTRACT

Fabric is a new system and language for building secure distributed information systems. It is a decentralized system that allows heterogeneous network nodes to securely share both information and computation resources despite mutual distrust. Its high-level programming language makes distribution and persistence largely transparent to programmers. Fabric supports data-shipping and function-shipping styles of computation: both computation and information can move between nodes to meet security requirements or to improve performance. Fabric provides a rich, Java-like object model, but data resources are labeled with confidentiality and integrity policies that are enforced through a combination of compile-time and run-time mechanisms. Optimistic, nested transactions ensure consistency across all objects and nodes. A peer-to-peer dissemination layer helps to increase availability and to balance load. Results from applications built using Fabric suggest that Fabric has a clean, concise programming model, offers good performance, and enforces security.

References

Marcos K. Aguilera, Arif Merchant, Mehul Shah, Alistair Veitch, and Christos Karamanolis. Sinfonia: a new paradigm for building scalable distributed systems. In Proc. 21st ACM Symp. on Operating System Principles (SOSP), pages 159--174, October 2007. Google ScholarDigital Library
Siddhartha Annapureddy, Michael J. Freedman, and David Mazières. Shark: Scaling file servers via cooperative caching. In Proc. 2nd USENIX/ACM Symposium on Networked Systems Design and Implementation (NSDI), Boston, MA, May 2005. Google ScholarDigital Library
M. Atkinson et al. The object-oriented database manifesto. In Proc. International Conference on Deductive Object Oriented Databases, Kyoto, Japan, December 1989.Google Scholar
Andrew Black, Norman Hutchinson, Eric Jul, and Henry Levy. Object structure in the Emerald system. In Proc. 1st ACM Conference on Object-Oriented Programming Systems, Languages and Applications (OOPSLA), pages 78--86, November 1986. Google ScholarDigital Library
David Booth, Hugo Haas, Francis McCabe, Eric Newcomer, Michael Champion, Chris Ferris, and David Orchard. Web services architecture. http://www.w3.org/TR/2004/NOTE-ws-arch-20040211/, 2004.Google Scholar
Chavdar Botev et al. Supporting workflow in a course management system. In Proc. 36th ACM Technical Symposium on Computer Science Education (SIGCSE), pages 262--266, February 2005. Google ScholarDigital Library
Paul Butterworth, Allen Otis, and Jacob Stein. The GemStone Object Database Management System. Comm. of the ACM, 34(10):64--77, October 1991. Google ScholarDigital Library
M.J. Carey, D.J. DeWitt, and J.F. Naughton. The OO7 Benchmark. In Proc. ACM SIGMOD International Conference on Management of Data, pages 12--21, Washington D.C., May 1993. Google ScholarDigital Library
M. Castro, A. Adya, B. Liskov, and A.C. Myers. HAC: Hybrid Adaptive Caching for Distributed Storage Systems. In Proc. 17th ACM Symp. on Operating System Principles (SOSP), pages 102--115, St. Malo, France, October 1997. Google ScholarDigital Library
K. Mani Chandy, J. Misra, and Laura M. Haas. Distributed deadlock detection. ACM Transactions on Computer Systems, 1(2), 1983. Google ScholarDigital Library
Stephen Chong, Jed Liu, Andrew C. Myers, Xin Qi, K. Vikram, Lantian Zheng, and Xin Zheng. Secure web applications via automatic partitioning. In Proc. 21st ACM Symp. on Operating System Principles (SOSP), October 2007. Google ScholarDigital Library
Stephen Chong and Andrew C. Myers. Decentralized robustness. In Proc. 19th IEEE Computer Security Foundations Workshop, pages 242--253, July 2006. Google ScholarDigital Library
Stephen Chong, K. Vikram, and Andrew C. Myers. SIF: Enforcing confidentiality and integrity in web applications. In Proc. 16th USENIX Security Symposium, August 2007. Google ScholarDigital Library
Michael R. Clarkson, Stephen Chong, and Andrew C. Myers. Civitas: Toward a secure voting system. In Proc. IEEE Symposium on Security and Privacy, pages 354--368, May 2008. Google ScholarDigital Library
Frank Dabek, M. Frans Kaashoek, David Karger, Robert Morris, and Ion Stoica. Wide-area cooperative storage with CFS. In Proc. 18th ACM Symp. on Operating Systems Principles (SOSP), October 2001. Google ScholarDigital Library
Linda G. DeMichiel. Enterprise JavaBeans Specifications, Version 2.1. Sun Microsystems.Google Scholar
Dorothy E. Denning and Peter J. Denning. Certification of programs for secure information flow. Comm. of the ACM, 20(7):504--513, July 1977. Google ScholarDigital Library
J.B. Dennis and E.C. VanHorn. Programming semantics for multiprogrammed computations. Comm. of the ACM, 9(3):143--155, March 1966. Google ScholarDigital Library
P. Druschel and A. Rowstron. Past: A large-scale, persistent peer-to-peer storage utility. In In Proc. IEEE Workshop on Hot Topics in Operating Systems, Schoss Elmau, Germany, May 2001. Google ScholarDigital Library
M. Herlihy and J. Wing. Avalon: Language support for reliable distributed systems. In Proc. 17th International Symposium on Fault-Tolerant Computing, pages 89--94. IEEE, July 1987.Google Scholar
Boniface Hicks, Kiyan Ahmadizadeh, and Patrick McDaniel. Understanding practical application development in security-typed languages. In 22nd Annual Computer Security Applications Conference (ACSAC), December 2006. Google ScholarDigital Library
Health insurance portability and privacy act of 1996. Public Law 104--191, 1996.Google Scholar
R. Housley, W. Polk, W. Ford, and D. Solo. Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. Internet RFC-3280, April 2002.Google Scholar
JavaSoft. Java Remote Method Invocation. http://java.sun.com/products/jdk/rmi, 1999.Google Scholar
Linda T. Kohn, Janet M. Corrigan, and Molla S. Donaldson, editors. To Err is Human: Building a Safer Health System. The National Academies Press, Washington, D.C., April 2000.Google Scholar
Maxwell Krohn, Alexander Yip, Micah Brodsky, Natan Cliffer, M. Frans Kaashoek, Eddie Kohler, and Robert Morris. Information flow control for standard OS abstractions. In Proc. 21st ACM Symp. on Operating System Principles (SOSP), 2007. Google ScholarDigital Library
John Kubiatowicz, David Bindel, Yan Chen, Steven Czerwinski, Patrick Eaton, Dennis Geels, Ramakrishna Gummadi, Sean Rhea, Hakim Weatherspoon, Westley Weimer, Chris Wells, and Ben Zhao. OceanStore: An architecture for global-scale persistent storage. In Proc. 9th international Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2000), November 2000. Google ScholarDigital Library
C. Lamb, G. Landis, J. Orenstein, and D. Weinreb. The ObjectStore Database System. Comm. of the ACM, 34(10):50--63, October 1991. Google ScholarDigital Library
B. Liskov, A. Adya, M. Castro, M. Day, S. Ghemawat, R. Gruber, U. Maheshwari, A. C. Myers, and L. Shrira. Safe and Efficient Sharing of Persistent Objects in Thor. In Proc. ACM SIGMOD International Conference on Management of Data, pages 318--329, Montreal, Canada, June 1996. Google ScholarDigital Library
Barbara H. Liskov. The Argus language and system. In Distributed Systems: Methods and Tools for Specification, volume 150 of Lecture Notes in Computer Science, pages 343--430. Springer-Verlag Berlin, 1985. Google ScholarDigital Library
John MacCormick, Nick Murph, Marc Najor, Chandramohan A. Thekkat, and Lidong Zhou. Boxwood: Abstractions as the foundation for storage infrastructure. In Proc. USENIX Symp. on Operating Systems Design and Implementation (OSDI), December 2004. Google ScholarDigital Library
J.E.B. Moss. Design of the Mneme Persistent Object Store. ACM Transactions on Office Information Systems, 8(2):103--139, March 1990. Google ScholarDigital Library
Andrew C. Myers. JFlow: Practical mostly-static information flow control. In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL), pages 228--241, January 1999. Google ScholarDigital Library
Andrew C. Myers. Mostly-static decentralized information flow control. Technical Report MIT/LCS/TR-783, Massachusetts Institute of Technology, Cambridge, MA, January 1999. Ph.D. thesis.Google ScholarDigital Library
Andrew C. Myers and Barbara Liskov. Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodology, 9(4):410--442, October 2000. Google ScholarDigital Library
Andrew C. Myers, Lantian Zheng, Steve Zdancewic, Stephen Chong, and Nathaniel Nystrom. Jif 3.0: Java information flow. Software release, http://www.cs.cornell.edu/jif, July 2006.Google Scholar
Daniel Myers, Jennifer Carlisle, James Cowling, and Barbara Liskov. Mapjax: Data structure abstractions for asynchronous web applications. In Proc. 2007 USENIX Annual Technical Conference, Santa Clara, CA, June 2007. Google ScholarDigital Library
George C. Necula and Peter Lee. The design and implementation of a certifying compiler. In Proc. SIGPLAN 1998 Conference on Programming Language Design and Implementation, pages 333--344, 1998. Google ScholarDigital Library
Nathaniel Nystrom, Michael R. Clarkson, and Andrew C. Myers. Polyglot: An extensible compiler framework for Java. In Proc. 12th International Compiler Construction Conference (CC'03), pages 138--152, April 2003. LNCS 2622. Google ScholarDigital Library
Michael A. Olson, Keith Bostic, and Margo Seltzer. Berkeley DB. In Proc. USENIX Annual Technical Conference, 1999. Google ScholarDigital Library
OMG. The Common Object Request Broker: Architecture and Specification, December 1991. OMG TC Document Number 91.12.1, Revision 1.1.Google Scholar
Krzysztof Ostrowski, Ken Birman, Danny Dolev, and Jong Hoon Ahnn. Programming with live distributed objects. In Proc. 22nd European Conference on Object-Oriented Programming (ECOOP), 2008. Google ScholarDigital Library
Venugopalan Ramasubramanian and Emin Gün Sirer. Beehive: O(1) lookup performance for power-law query distributions in peer-to-peer overlays. In USENIX Symposium on Networked Systems Design and Implementation (NSDI), March 2004. Google ScholarDigital Library
Sean Rhea, Brighten Dodfrey, Brad Karp, John Kubiatowicz, Sylvia Ratnasamy, Scott Shenker, Ion Stoica, and Harlan Yu. OpenDHT: A public DHT service and its uses. In Proceedings of ACM SIGCOMM '05 Symposium, 2005. Google ScholarDigital Library
Sean Rhea, Patrick Eaton, Dennis Geels, Hakim Weatherspoon, Ben Zhao, and John Kubiatowicz. Pond: the OceanStore prototype. In 2nd USENIX Conference on File and Storage Technologies, pages 1--14, 2003. Google ScholarDigital Library
A. Rowstron and P. Druschel. Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility. In Proc. 18th ACM Symp. on Operating System Principles (SOSP), October 2001. Google ScholarDigital Library
Antony Rowstron and Peter Druschel. Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In IFIP/ACM International Conference on Distributed Systems Platforms (Middleware), pages 329--350, November 2001. Google ScholarDigital Library
Vijay A. Saraswat, Vivek Sarkar, and Christoph von Praun. X10: concurrent programming for modern architectures. In Proc. 12th ACM Symposium on Principles and Practice of Parallel Programming (PPoPP), 2007. Google ScholarDigital Library
Liuba Shrira, Hong Tian, and Doug Terry. Exo-leasing: Escrow synchronization for mobile clients of commodity storage servers. In Proc. ACM/IFIP/Usenix International Middleware Conference (Middleware 2008), December 2008. Google ScholarDigital Library
Sun Microsystems. Java Language Specification, version 1.0 beta edition, October 1995. Available at ftp://ftp.javasoft.com/docs/javaspec.ps.zip.Google Scholar
Chunqiang Tang, DeQing Chen, Sandhya Dwarjadas, and Michael L. Scott. Integrating remote invocation and distributed shared state. In Proc. 18th International Parallel and Distributed Processing Symposium, April 2004.Google Scholar
W3C. SOAP version 1.2, June 2003. W3C Recommendation, at http://www.w3.org/TR/soap12.Google Scholar
Dan S. Wallach and Edward W. Felten. Understanding Java stack inspection. In Proc. IEEE Symposium on Security and Privacy, pages 52--63, Oakland, California, USA, May 1998.Google Scholar
Fan Yang, Nitin Gupta, Nicholas Gerner, Xin Qi, Alan Demers, Johannes Gehrke, and Jayavel Shanmugasundaram. A unified platform for data driven web applictions with automatic client-server partitioning. In Proc. 16th International World Wide Web Conference (WWW'07), pages 341--350, 2007. Google ScholarDigital Library
Steve Zdancewic, Lantian Zheng, Nathaniel Nystrom, and Andrew C. Myers. Secure program partitioning. ACM Transactions on Computer Systems, 20(3):283--328, August 2002. Google ScholarDigital Library
Nickolai Zeldovich, Silas Boyd, and David Mazières. Securing distributed systems with information flow control. In Proc. 5th USENIX Symposium on Networked Systems Design and Implementation (NSDI), pages 293--308, 2008. Google ScholarDigital Library
Lantian Zheng, Stephen Chong, Andrew C. Myers, and Steve Zdancewic. Using replication and partitioning to build secure distributed systems. In Proc. IEEE Symposium on Security and Privacy, pages 236--250, Oakland, California, May 2003. Google ScholarDigital Library

Index Terms

Fabric: a platform for secure distributed computation and storage
1. Security and privacy
  1. Systems security
    1. Information flow control
    2. Operating systems security
2. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language types
        Concurrent programming languages
        Distributed programming languages
        Parallel programming languages

Recommendations

Fabric: Building open distributed systems securely by construction
Verified information flow security

Distributed information systems are prevalent in modern computing but difficult to build securely. Because systems commonly span domains of trust, host nodes share data and code of varying degrees of trustworthiness. Modern systems are often open and ...
Read More
Safe Serializable Secure Scheduling: Transactions and the Trade-Off Between Security and Consistency
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Modern applications often operate on data in multiple administrative domains. In this federated setting, participants may not fully trust each other. These distributed applications use transactions as a core mechanism for ensuring reliability and ...
Read More
Arrows for secure information flow

This paper presents an embedded security sublanguage for enforcing information-flow policies in the standard Haskell programming language. The sublanguage provides useful information-flow control mechanisms including dynamic security lattices, run-time ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SOSP '09: Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
October 2009
346 pages
ISBN:9781605587523
DOI:10.1145/1629575
General Chair:
Jeanna Neefe Matthews
Clarkson University
,
Program Chair:
Thomas Anderson
University of Washington
Copyright © 2009 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 11 October 2009
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
distributed systems
information flow
security
transactions
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate131of716submissions,18%
Upcoming Conference
SOSP '24

Sponsor:

sigops

ACM SIGOPS 29th Symposium on Operating Systems Principles

November 5 - 8, 2024

Austin , TX , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 102
  Total Citations
  View Citations
- 962
  Total Downloads
- Downloads (Last 12 months)31
- Downloads (Last 6 weeks)12
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Fabric: a platform for secure distributed computation and storage

SOSP '09: Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles

ABSTRACT

References

Cited By

Index Terms

Recommendations

Fabric: Building open distributed systems securely by construction

Safe Serializable Secure Scheduling: Transactions and the Trade-Off Between Security and Consistency

Arrows for secure information flow