25th USENIX Security Symposium has ended
Back To Schedule
Thursday, August 11 • 3:00pm - 3:30pm
Thoth: Comprehensive Policy Compliance in Data Retrieval Systems

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Data retrieval systems process data from many sources, each subject to its own data use policy. Ensuring compliance with these policies despite bugs, misconfiguration, or operator error in a large, complex, and fast evolving system is a major challenge. Thoth provides an efficient, kernel-level compliance layer for data use policies. Declarative policies are attached to the systems’ input and output files, key-value tuples, and network connections, and specify the data’s integrity and confidentiality requirements. Thoth tracks the flow of data through the system, and enforces policy regardless of bugs, misconfigurations, compromises in application code, or actions by unprivileged operators. Thoth requires minimal changes to an existing system and has modest overhead, as we show using a prototype Thoth-enabled data retrieval system based on the popular Apache Lucene.


Peter Druschel

Max Planck Institute for Software Systems (MPI-SWS)

Eslam Elnikety

Max Planck Institute for Software Systems (MPI-SWS)

Deepak Garg

Max Planck Institute for Software Systems (MPI-SWS)

Aastha Mehta

Max Planck Institute for Software Systems (MPI-SWS)
avatar for Anjo Vahldiek-Oberwagner

Anjo Vahldiek-Oberwagner

PhD-Student, Max Planck Institute for Software Systems

Thursday August 11, 2016 3:00pm - 3:30pm PDT
Zilker Ballroom 3

Attendees (4)