Preserving integrity in remote file location and retrieval

T. Jaeger, A.D. Rubin
Proceedings of Internet Society Symposium on Network and Distributed Systems Security  
We present a service for locating and retrieving les from an untrusted network such that the integrity of the retrieved les can be veri ed. This service enables groups of people in geographically remote locations to share les using an untrusted network. For example, distribution of an organization's software to all the organization's sites can be a c complished using this service. Distribution of les in an untrusted network is complicated by two issues: 1 location of les and 2 veri cation of le
more » ... integrity. ftp and World-wide Web WWW services require some user intervention to locate a le, so they cannot be embedded in automated systems. Distributed systems have mechanisms for automated le location and retrieval, but they require trust in all system principals and do not provide an appropriate balance b etween availability of les and retrieval cost for our applications. Veri cation of the integrity of a le retrieved f r om an untrusted network is necessary because the le is subject to malicious modi cation attacks. Our service p r ovides the capability to automatically locate, retrieve, and verify les speci ed by a client using a single trusted principal. We demonstrate our service by building a system shell that automatically downloads remote software when needed.
doi:10.1109/ndss.1996.492413 dblp:conf/ndss/JaegerR96 fatcat:swmlvdvgvzfddbojq3sn4hxghu