Now showing items 1-19 of 19

    • Achieving Reliability Through Distributed Data Flows and Recursive Delegation 

      Ostrowski, Krzysztof; Birman, Ken; Dolev, Danny; Sakoda, Chuck (2009-03-15)
      Strong reliability properties, such as state machine replication or virtual synchrony, are hard to implement in a scalable manner. They are typically expressed in terms of global membership views. As we argue, global ...
    • The Boehm-Jacopini Theorem is False, Propositionally 

      Kozen, Dexter; Tseng, Wei-Lung (Dustin) (2008-01-23)
      The Boehm-Jacopini theorem (Boehm and Jacopini, 1966) is a classical result of program schematology. It states that any deterministic flowchart program is equivalent to a while program. The theorem is usually formulated ...
    • Church-Rosser Made Easy 

      Kozen, Dexter (2010-02-05)
      The Church-Rosser theorem states that the lambda-calculus is confluent under alpha- and beta-reductions. The standard proof of this result is due to Tait and Martin-Loef. In this note, we present an alternative proof ...
    • Community Structure in Large Complex Networks 

      Wang, Liaoruo; Hopcroft, John (2010-03-28)
      In this paper, we establish the definition of community fundamentally different from what was commonly accepted in previous studies, where communities were typically assumed to be densely connected internally but sparsely ...
    • Computational Election Verifiability: Definitions and an Analysis of Helios and JCJ 

      Smyth, Ben; Frink, Steven; Clarkson, Michael R. (2015-04-13)
      Definitions of election verifiability in the computational model of cryptography are proposed. The definitions formalize notions of voters verifying their own votes, auditors verifying the tally of votes, and auditors ...
    • Costs of Security in the PFS File System 

      Walsh, Kevin; Schneider, Fred (2012-07-25)
      Various principles have been proposed for the design of trustworthy systems. But there is little data about their impact on system performance. A filesystem that pervasively instantiates a number of well-known security ...
    • A Data-Acquisition Model for Learning and Cognitive Development and Its Implications for Autism 

      Lotem, Arnon; Halpern, Joseph Y. (2008-03-19)
      A data-driven model of learning is proposed, where a network of nodes and links is constructed that represents what has been heard and observed. Autism is viewed as the consequence of a disorder in the data-acquisit ...
    • Full-Processor Timing Channel Protection with Applications to Secure Hardware Compartments 

      Ferraiuolo, Andrew; Wang, Yao; Xu, Rui; Zhang, Danfeng; Myers, Andrew; Suh, Edward (2017-04-25)
      This paper presents timing compartments, a hardware architecture abstraction that eliminates microarchitectural timing channels between groups of processes of VMs running on shared hardware. When coupled ...
    • Limits of Security Reductions from Standard Assumptions 

      Pass, Rafael (2010-12-27)
      We show that the security of some well-known cryptographic protocols, primitives and assumptions (e.g., the Schnorr identification scheme, commitments secure under adaptive selective-decommitment, the ``one-more'' discrete ...
    • NetKAT: Semantic Foundations for Networks 

      Anderson, Carolyn Jane; Foster, Nate; Guha, Arjun; Jeannin, Jean-Baptiste; Kozen, Dexter; Schlesinger, Cole; Walker, David (2013-10-11)
      Recent years have seen growing interest in high-level languages for programming networks. But the design of these languages has been largely ad hoc, driven more by the needs of applications and the capabilities of network ...
    • On the Internet Delay Space Dimensionality 

      Abrahao, Bruno; Kleinberg, Robert (2008-03-14)
      We investigate the dimensionality properties of the Internet delay space, i.e., the matrix of measured round-trip latencies between Internet hosts. Previous work on network coordinates has indicated that this matrix can ...
    • Optimal Coin Flipping 

      Kozen, Dexter (2009-06-02)
      This paper studies the problem of simulating a coin of arbitrary real bias q with a coin of arbitrary real bias p with minimum loss of entropy. We establish a lower bound that is strictly greater than the information-theoretic ...
    • Prefiltered Cross-Section Occluders 

      Condon, Timothy; Walter, Bruce; Bala, Kavita; Greenberg, Donald (IEEE Computer Society, 2010-09)
      We introduce an impostor-based visibility technique to provide approximate, average visibility for point-to-cluster and cluster-to-cluster visibility queries. Processing each object in a view-independent manner allows us ...
    • Proactive Obfuscation 

      Roeder, Tom; Schneider, Fred B. (2009-03-28)
      Proactive obfuscation is a new method for creating server replicas that are likely to have fewer shared vulnerabilities. It uses semantics-preserving code transformations to generate diverse executables, periodically ...
    • Programming Live Distributed Objects with Distributed Data Flows 

      Ostrowski, Krzysztof; Birman, Ken; Dolev, Danny (2009-05-20)
      This paper presents a new object-oriented approach to modeling the semantics of distributed multi-party protocols such as leader election, distributed locking, or reliable multicast, and a programming language that supports ...
    • Quantification of Integrity 

      Clarkson, Michael; Schneider, Fred (2010-02-12)
      Two information-flow integrity measures are introduced: contamination and suppression. The former is dual to information-flow confidentiality, and the latter is analogous to the standard model of channel reliability from ...
    • Quantification of Integrity 

      Clarkson, Michael R.; Schneider, Fred B. (2011-01-12)
      Three integrity measures are introduced: contamination, channel suppression, and program suppression. Contamination is a measure of how much untrusted information reaches trusted outputs; it is the dual of leakage, which ...
    • Safe Serializable Secure Scheduling: Transactions and the Trade-Off Between Security and Consistency (Technical Report) 

      Sheff, Isaac; Magrino, Tom; Liu, Jed; Myers, Andrew C.; van Renesse, Robbert (2016-08-16)
      Modern applications often operate on data in multiple administrative domains. In this federated setting, participants may not fully trust each other. These distributed applications use transactions as a core mechanism ...
    • Scalable Network Management with Merlin 

      Soulé, Robert; Basu, Shrutarshi; Sirer, Emin Gün; Foster, Nate (2013-06-13)
      This paper presents the Merlin network management framework. With Merlin, network administrators express functionality such as accounting, bandwidth provisioning, and traffic filtering in a high-level policy language, and ...