• Size: Multiple authentication sources (2008)
Butler Lampson, Martin Abadi, Burrows Edward Wobber, Michael Burrows, Edward Wobber (compaq Src
– Butler Lampson (MSR)- He was one of the designers of the SDS 940 time-sharing system, the Alto personal distributed computing system, the Xerox 9700 laser printer, two-phase commit protocols, the...
Oct-21-03 CSE 542: Operating Systems 1 Encryption (2008)
Cryptosystems Ronald, L. Rivest, Adi Shamir, Leonard M, Butler Lampson, Martin Abadi, ...
– Butler Lampson (MSR)- He was one of the designers of the SDS 940 time-sharing system, the Alto personal distributed computing system, the Xerox 9700 laser printer, two-phase commit protocols, the...
Abstract Authentication in Distributed Systems: Theory and Practice (2008)
Butler Lampson, Martin Abadi, Michael Burrows, Edward Wobber
We describe a theory of authentication and a system that im-plements it. Our theory is based on the notion of principal and a “speaks for ” relation between principals. A simple principal either...
Assurance: Correctness of security (2008)
Computers are as secure as real world systems, and people believe it. This is hard because: – Computers can do a lot of damage fast. – There are many places for things to go wrong. – Networks...
1P Lookups using Multiway and Multicolurnn Search (2008)
Butler Lampson, V Srinivasan, George Varghese
Abstract — IP address lookup is becoming critical because of increasing routing table size, speed, and traffic in the Internet. Our paper shows how binary search can be adapted for best matching...
Abstract Authentication in the Taos Operating System (2008)
Edward Wobber, Martin Abadi, Michael Burrows, Butler Lampson
We describe a design and implementation of security for a distributed system. In our system, applications access security services through a narrow interface. This interface provides a notion of...
scheduled office hours at a time to be announced. In addition to holding regularly scheduled office hours, the TA will also be available by appointment. Lectures and handouts Lectures are held on...
LINKING ENGINEERING AND SOCIETY Editorial 3 The Future of Computing (2008)
Butler Lampson, Manuela Veloso, Chris Diorio, Thomas Daniel, Eric Grimson, Wm. A. Wulf, ...
Promoting the technological welfare of the nation by marshalling the knowledge and insights of eminent members of the engineering profession.
Computing Meets The, Butler Lampson, Manuela Veloso, Chris Diorio, Thomas Daniel, Eric Grimson, ...
or the last 50 years, new applications of computers have followed a pattern, as one manual activity after another has become automated. In the 1940s, it became possible to automate the calculation of...
Getting Computers to Understand (2008)
Butler Lampson Microsoft, Butler Lampson
neural connections, or radio. And it requires dealing with uncertainty, which is still poorly understood. Nonetheless, I have chosen two problems whose solution will make a big difference both to...
Butler Lampson, Inria Rocquencourt
We address the problem of dependency analysis and caching in the context of the-calculus. The dependencies of a-term are (roughly) the parts of the-term that contribute to the result of evaluating...
At-Most-Once Message Delivery A Case Study in Algorithm Verification (2007)
Butler Lampson, Nancy Lynch, Jcrgen Scgaard-andersen
Code] governs the making of photocopies or other reproductions of copyrighted material Under certain conditions specified in the law, libraries and archives are authorized to furnish a photocopy or...
Practical Principles for Computer Security (2006)
Introduction: what is security? Principals, the “speaks for ” relation, and chains of responsibility Secure channels and encryption Names and groups
Practical Principles for Computer Security 1 (2006)
What do we want from secure computer systems? Here is a reasonable goal: Computers are as secure as real world systems, and people believe it. Most real world systems are not very secure by the...
• It’s about risk, locks, and deterrence. � Risk management: cost of security < expected loss � Perfect security costs way too much � Locks good enough that bad guys break in rarely �...
It’s about value, locks, and punishment. − Locks good enough that bad guys don’t break in very often. − Police and courts good enough that bad guys that do break in get caught and punished...
Computer Security in the Real World (2004)
It’s about risk, locks, and deterrence. − Risk management: cost of security < expected value of loss − Perfect security costs way too much − Locks good enough that bad guys don’t break...
Bill Frantz, Butler Lampson, Ron Rivest, Brian M. Thomas, Tatu Ylonen
This draft supersedes the draft filed under the name draft-ietf-spkicert-theory-02.txt. It has been completely rewritten from that previous version. This document is one of four. SPKI structure...
IP lookups using multiway and multicolumn search (1998)
Butler Lampson, Venkatachary Srinivasan, George Varghese, Associate Member
Abstract- IP address lookup is becoming critical because of increasing routing table sizes, speed, and traffic in the Internet. Given a set S of prefixes and an IP address D, the IP address lookup...
IP lookups using multiway and multicolumn search (1998)
Butler Lampson, V Srinivasan, George Varghese
Abstract | IP address lookup is becoming critical because of increasing routing table size, speed, and tra c in the Internet. Our paper shows how binary search can be adapted for best matching pre x...
Revisiting the Paxos algorithm (1997)
Roberto De Prisco, Butler Lampson
. This paper develops a new I/O automaton model called the Clock General Timed Automaton (Clock GTA) model. The Clock GTA is based on the General Timed Automaton (GTA) of Lynch and Vaandrager. The...
IP Lookups Using Multiway and Multicolumn Search (1997)
B. Lampson, Butler Lampson, V. Srinivasan, V. Srinivasan, G. Varghese, G. Varghese, ...
IP address lookup is becoming critical because of increasing routing table size, speed, and traffic in the Internet. Our paper shows how binary search can be adapted for best matching prefix using...
Revisiting the Paxos Algorithm (1997)
Roberto De Prisco, Butler Lampson, Nancy Lynch
This paper develops a new I/O automaton model called the Clock General Timed Automaton (Clock GTA) model. The Clock GTA is based on the General Timed Automaton (GTA) of Lynch and Vaandrager. The...
Ronald L. Rivest, Butler Lampson
We propose a new distributed security infrastructure, called SDSI (pronounced \Sudsy"). SDSI combines a simple public-key infrastructure design with a means of de ning groups and issuing...
Analysis and Caching of Dependencies (1996)
Martin Abadi, Butler Lampson, Jean-Jacques Lévy, Inria Rocquencourt
We address the problem of dependency analysis and caching in the context of the -calculus. The dependencies of a - term are (roughly) the parts of the -term that contribute to the result of...
SDSI - A Simple Distributed Security Infrastructure (1996)
Ronald L. Rivest, Butler Lampson
We propose a new distributed security infrastructure, called SDSI (pronounced "Sudsy"). SDSI combines a simple public-key infrastructure design with a means of defining groups and issuing...
SDSI - A Simple Distributed Security Infrastructure (1996)
We propose a new distributed security infrastructure, called SDSI (pronounced "Sudsy"). SDSI combines a simple public-key infrastructure design with a means of defining groups and issuing...
SDSI - A Simple Distributed Security Infrastructure (1996)
Ronald Rivest Laboratory, Ronald L. Rivest, Butler Lampson
We propose a new distributed security infrastructure, called SDSI (pronounced "Sudsy"). SDSI combines a simple public-key infrastructure design with a means of defining groups and issuing...
How to Build a Highly Available System Without a Toolkit (1995)
: In this talk I will describe the general recipe for building a highly available system and show how to do it efficiently in practice. The idea is to build a replicated state machine. The tricky...
Virtual Infrastructure: (1995)
Putting Information Infrastructure, David Tennenhouse, Butler Lampson, Jennifer Steiner Klein
this paper, we offer a vision of what it would mean for the National Information Infrastructure to be a Virtual Infrastructure that takes full advantage of the digital paradigm. We begin by examining...
Virtual Infrastructure: Putting Information Infrastructure on the Technology Curve, MIT RPCP (1995)
David Tennenhouse, Butler Lampson, Jennifer Steiner Klein
The present debate concerning the National Information Infrastructure (NII)[1] has focused primarily on the introduction of competitive markets for the supply and distribution of information....
Authentication in the Taos Operating System (1994)
Edward Wobber, Martín Abadi, Michael Burrows, Butler Lampson
this paper we do not describe any formal notations or rules for propositional connectives. Instead, we use English keywords, like "if" and "then", and informal reasoning. 4 \Delta...
A Calculus for Access Control in Distributed Systems (1993)
Abadi, Martin, Burrows, Michael, Lampson, Butler, Plotkin, Gordon
We study some of the concepts, protocols, and algorithms for access control in distributed systems, from a logical perspective. We account for how a principal may come to believe that another...
A Calculus for Access Control in Distributed Systems (1993)
Abadi, Martin, Burrows, Michael, Lampson, Butler, Plotkin, Gordon
We study some of the concepts, protocols, and algorithms for access control in distributed systems, from a logical perspective. We account for how a principal may come to believe that another...
Butler Lampson, Bob Taylor, Charles Simonyi, Bravo Wysiwyg, Nancy Lynch Reliable Messages, Martin Abadi Security, ...
We have learned depressingly little in the last ten years about how to build computer systems. But we have learned something about how to do the job more precisely, by writing more precise...
A New Presumed Commit Optimization for Two Phase Commit (1993)
Butler Lampson, David Lomet, Butler Lampson, David Lomet
The Cambridge laboratory became operational in 1988 and is located at One Kendall Square, near MIT. CRL engages in computing research to extend the state of the computing art in areas likely to be...
A New Presumed Commit Optimization for Two Phase Commit (1993)
Two phase commit (2PC) is used to coordinate the commitment of transactions in distributed systems. The standard 2PC optimization is the presumed abort variant, which uses fewer messages when...
Authentication in the Taos Operating System (1993)
Edward Wobber, Martín Abadi, Mike Burrows, Butler Lampson, Robert W. Taylor
We describe a design for security in a distributed system and its implementation. In our design, applications gain access to security services through a narrow interface. This interface provides a...
A New Presumed Commit Optimization for Two Phase Commit (1993)
Two phase commit (2PC) is used to coordinate the commitment of transactions in distributed systems. The standard 2PC optimization is the presumed abort variant, which uses fewer messages when...
A New Presumed Commit Optimization for Two Phase Commit (1993)
Two phase commit (2PC) is used for coordinating the commitment of transactions in distributed systems. The preferred 2PC optimization is the presumed abort variant, which reduces the number of...
Authentication in the Taos (1993)
Operating System Edward, Edward Wobber, Mike Burrows, Butler Lampson
We describe a design for security in a distributed system and its implementation. In our design, applications gain access to security services through a narrowinterface. This interface provides a...
A calculus for access control in distributed systems (1993)
Martín Abadi, Michael Burrows, Butler Lampson, Gordon Plotkin
We study some of the concepts, protocols, and algorithms for access control in distributed systems, from a logical perspective. We account for how a principal may come to believe that another...
117 Authentication in the Taos Operating System (1993)
Edward Wobber, Mike Burrows, Butler Lampson
The charter of SRC is to advance both the state of knowledge and the state of the art in computer systems. From our establishment in 1984, we have performed basic and applied research to support...
117 Authentication in the Taos Operating System (1993)
Edward Wobber, Mike Burrows, Butler Lampson
The charter of SRC is to advance both the state of knowledge and the state of the art in computer systems. From our establishment in 1984, we have performed basic and applied research to support...
ªA New Presumed Commit Optimization for Two Phase Commit,º (1993)
Two phase commit (ZPC) ia used to coordinate the commitment of trunsactiom in distributed systems. The standard 2PC optimization is the presumed abort variant, which wea fewer messages when...
Authentication in distributed systems: Theory and practice (1992)
Butler Lampson, Martín Abadi, Michael Burrows, Edward Wobber
Authentication in distributed systems: Theory and practice (1992)
Butler Lampson, Martin Abadi, Michael Burrows, Edward Wobber
Digital Equipment Corporation We describe a theory of authentication and a system that implements it. Our theory is based on the notion of principal and a ‘speaks for ’ relation between...
Authentication in distributed systems: Theory and practice (1992)
Butler Lampson, Martín Abadi, Michael Burrows, Edward Wobber
Digital Equipment Corporation We describe a theory of authentication and a system that implements it. Our theory is based on the notion of principal and a ‘speaks for ’ relation between...
Authentication in Distributed Systems: Theory and Practice (1992)
Butler Lampson, Martín Abadi, Michael Burrows, Edward Wobber
This paper appeared in ACM Trans. Computer Systems 10, 4 (Nov. 1992), pp 265-310. A preliminary version appeared in the Proceedings of the Thirteenth ACM Symposium on Operating Systems Principles.
Authentication in Distributed Systems: Theory and Practice (1992)
Butler Lampson, Martin Abadi, Martn Abadi, Michael Burrows, Edward Wobber
this paper appeared in the Proceedings of the Thirteenth ACM Sympos - ium on Operating Systems Principles.
Lampson et al, Authentication in Distributed Systems 1 (1992)
Preliminary Version Of, Butler Lampson, Michael Burrows, Edward Wobber
this paper appeared in the Proceedings of the Thirteenth ACM Sympos - ium on Operating Systems Principles.
On-line Data Compression in a Log-structured File System (1992)
Robert W. Taylor, Michael Burrows, Michael Burrows, Charles Jerian, Charles Jerian, Butler Lampson, ...
We have incorporated on-line data compression into the low levels of a log-structured file system (Rosenblum's Sprite LFS). Each block of data or meta-data is compressed as it is written to the...
Authentication in Distributed Systems: (1992)
Theory And Practice, Butler Lampson, Martín Abadi, Michael Burrows, Edward Wobber
This paper appeared in ACM Trans. Computer Systems 10, 4 (Nov. 1992), pp 265-310. A preliminary version appeared in the Proceedings of the Thirteenth ACM Symposium on Operating Systems Principles
On-line Data Compression (1992)
In Log-Structured File, Michael Burrows, Charles Jerian, Butler Lampson, Timothy Mann
We have incorporated on-line data compression into the low levels of a log-structured file system (Rosenblum's Sprite LFS). Each block of data or meta-data is compressed as it is written to the...
On-line Data Compression (1992)
In Log-Structured File, Michael Burrows, Charles Jerian, Butler Lampson, Timothy Mann
We have incorporated on-line data compression into the low levels of a log-structured file system (Rosenblum's Sprite LFS). Each block of data or meta-data is compressed as it is written to the...
Authentication in distributed systems: Theory and practice (1992)
Butler Lampson, Martín Abadi, Michael Burrows, Edward Wobber
Digital Equipment Corporation We describe a theory of authentication and a system that implements it. Our theory is based on the notion of principal and a ‘speaks for ’ relation between...
in a Log-structured File System (1992)
Michael Burrows, Charles Jerian, Butler Lampson, Timothy Mann, Michael Burrows, Charles Jerian, ...
DEC’s business and technology objectives require a strong research program. The Systems Research Center (SRC) and three other research laboratories are committed to filling that need. SRC began...
Authentication in distributed systems: Theory and practice (1992)
Butler Lampson, Martín Abadi, Michael Burrows, Edward Wobber
Digital Equipment Corporation We describe a theory of authentication and a system that implements it. Our theory is based on the notion of principal and a ‘speaks for ’ relation between...
A Calculus for Access Control in Distributed Systems (1991)
Martín Abadi, Michael Burrows, Butler Lampson, Gordon Plotkin
This paper is a study of some of the concepts, protocols, and algorithms for security in distributed systems, with a focus on access control. Our treatment is fairly formal, as it is based on logics....
The digital distributed system security architecture (1989)
Morrie Gasser, Andy Goldstein, Charlie Kaufman, Butler Lampson
The digital distributed system security architecture (1989)
Morrie Gasser, Andy Goldstein, Charlie Kaufman, Butler Lampson
The Digital Distributed System Security Architecture is a comprehensive speci cation for security ina distributed system that employs state-of-the-art concepts to address the needs of both commercial...
Experience with Processes and Monitors in Mesa (1980)
The use of monitors for describing concurrency has been much discussed in the literature. When monitors are used in real systems of any size, however, a number of problems arise which have not been...
Abstract models are given which reflect the properties of most existing mechanisms for enforcing protection or access control, together with some possible implementations. The properties of existing...