A Course Module on Authentication in Distributed Systems
UNC Chapel Hill
Below is a course module on authentication in distributed systems,
based on material that I have refined over a few course offerings.
The module is based on the treatment of the subject in
This paper has highly influenced the course module and is, in my
view, mandatory reading for anyone who is going to study access
control in distributed systems. That said, the course module adapts
and extends the treatment in the above paper in a few ways.
- The "theory" developed in this paper for explaining authentication
is what is today sometimes called an authentication (or authorization)
logic. Very simply, by an "authorization logic" I mean a
definition of formulas and inference rules to derive new formulas from
previous ones, where the formulas describe principals and their
delegations of authority from one to another. The logic presented in
the paper is pretty complex for undergraduate students, and so the
module tries to simplify the logic part quite a bit (e.g., omitting
quantifiers, simplifying notation, and, in places, frankly just
playing it fast and loose). The resulting module definitely cuts
corners on the logic part but hopefully is more accessible because of
- The paper, owing to when it was written, contains a somewhat dated
discussion of cryptographic primitives, both in terms of things like
key sizes and performance and, more fundamentally, in the terminology
it uses. For example, sometimes it uses "encryption" to describe
techniques that have nothing to do with protecting confidentiality (a
pet peeve of mine). For this reason, I've tried to use more modernly
accepted terminology in the cryptologic community, for example.
- The module uses more modern examples for illustration purposes.
Specifically, the module explains the basics of trusted platforms
(à la TCG), website authentication in support of SSL/TLS, and
DNSSEC. (More precisely, the module covers these technologies at a
level of abstraction that can be described in the logic; many details
of these technologies are outside the scope of what the logic
captures.) My hope is to eventually update the module to cover
BGPSEC, as well.
The course module is targeted at upper-level undergraduates in a
computer science program, and typically consumes about four to five
hours of class time. The module does not presume that the
students have a background in cryptography, and I tend to cover this
material in my own classes before any discussion of cryptography. It
also does not assume previous familiarity with any details of trusted
platforms, SSL/TLS or DNS/DNSSEC. For what it's worth, several
students have expressed to me the usefulness of the way of thinking
about authentication and access-control advocated in this module,
though this feedback typically comes from students after they have
left the classroom and had to face complicated distributed systems
security problems in their jobs.
- Powerpoint with speaker notes
- To obtain example quiz/homework problems and solutions, please
email me your request and a URL on your department's web site showing
me that you are faculty.
You are free to modify the module to suit your needs, and I'd be
grateful to receive any improvements, adaptations or extensions of
these materials in return.
Authorization logics have proven to be quite useful for reasoning
about authentication and access-control in distributed systems and,
more recently, for implementing authentication and
access-control in such systems using automated proof verification
techniques. To my knowledge, the first paper to advocate for using
such logics to enforce access-control policy in distributed systems
- A. W. Appel and E. W. Felten.
authentication. In Proceedings of the 6th ACM Conference on
Computer and Communications Security, November 1999.
Some examples of research projects in which I've been involved that
implement authentication in this way are described in the following
- L. Bauer, S. Garriss and M. K. Reiter. Distributed
proving in access-control systems. In Proceedings of the 2005
IEEE Symposium on Security and Privacy, pages 81–95, May
- L. Bauer, S. Garriss, J. M. McCune, M. K. Reiter, J. Rouse and
P. Rutenbar. Device-enabled
authorization in the Grey system. In Information Security: 8th
International Conference, ISC 2005 (Lecture Notes in Computer
Science 3650), pages 431–445, 2005.
- L. Bauer, S. Garriss and M. K. Reiter. Efficient
proving for practical distributed access-control systems.
Computer Security — ESORICS 2007: 12th European Symposium on
Research in Computer Security (Lecture Notes in Computer Science
4734), pages 19–37, September 2007.
- M. L. Mazurek, Y. Liang, W. Melicher, M. Sleeper, L. Bauer,
G. R. Ganger, N. Gupta, and M. K. Reiter.
strong, usable access control for shared distributed data. In
Proceedings of the 12th USENIX Conference on File and Storage
Technologies, pages 89–103, February 2014.
Comments and corrections are welcomed and appreciated. I am very
grateful for support from Intel for producing this module.