Explore a groundbreaking approach to access control in distributed systems through this conference talk from USENIX ATC '23. Delve into Portunus, an innovative cryptographic storage and access control system that leverages attribute-based encryption (ABE) to address the challenges of TLS termination in network and security infrastructure. Learn how this system balances the need for low-latency operations with increasing regulatory demands for sophisticated key access controls. Discover how Portunus enables customer-defined policies for TLS key protection, allows servers to decrypt only authorized keys based on their attributes, and eliminates the need for a centralized coordinator. Gain insights into the system's implementation across Cloudflare's global network, handling millions of requests per second and representing one of the largest deployments of ABE to date.
Portunus - Re-imagining Access Control in Distributed Systems
Overview
Syllabus
USENIX ATC '23 - Portunus: Re-imagining Access Control in Distributed Systems
Taught by
USENIX
Related Courses
-
SingularFS - A Billion-Scale Distributed File System Using a Single Metadata Server
-
TimeCrypt - Encrypted Data Stream Processing at Scale with Cryptographic Access Control
-
LPNS - Scalable and Latency-Predictable Local Storage Virtualization for Unpredictable NVMe SSDs in Clouds
-
Reexamining Direct Cache Access to Optimize I-O Intensive Applications for Multi-hundred-gigabit Networks
