CT-IS: Shamon: Systems Approaches for Constructing Distributed Trust

Project: Research project

Project Details


Existing distributed authorization systems focus on the formulation of

policy, but enforcement remains a per-host issue. Failure of any

component to faithfully enforce policy can lead to vulnerabilities,

and in the extreme, renders authorization impotent. Without greater

assurance in the integrity of authorization enforcement, that scales

to Internet-wide applications, reliable, distributed authorization

cannot be built.

The Shared Reference Monitor (Shamon) project leverages advances in

integrity measurement and virtual machines to compose a coherent

authorization system for distributed applications. A Shamon consists

of a set of reference monitors on multiple, physical machines that are

integrity-verified to enforce a consistent security policy across

virtual machines that define an application. The use of virtual

machines provides coarse-grained isolation that simplifies security

policy for large-scale distributed systems, and the integrity

measurement ensures that each member of the Shamon can verify that the

others are enforcing this policy.

The Shamon project focuses on building the services to

compose and maintain such shared reference monitors. First, a

logic-based approach is defined that enables composition of trust in

the enforcement of a consistent policy by the Shamon reference

monitors. Such trust composition will be robust in the presence of

system dynamics including the joining, leaving and migration of

virtual machines. Second, the Xen hypervisor system is augmented with

these trust composition services. In this way, monitored applications

will only communicate with systems whose regulation is consistent with

its Shamon policy.

Effective start/end date9/1/068/31/10


  • National Science Foundation: $400,000.00


Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.