Portunus - Re-imagining Access Control in Distributed Systems

Explore a groundbreaking approach to access control in distributed systems through this conference talk from USENIX ATC '23. Delve into Portunus, an innovative cryptographic storage and access control system that leverages attribute-based encryption (ABE) to address the challenges of TLS termination in network and security infrastructure. Learn how this system balances the need for low-latency operations with increasing regulatory demands for sophisticated key access controls. Discover how Portunus enables customer-defined policies for TLS key protection, allows servers to decrypt only authorized keys based on their attributes, and eliminates the need for a centralized coordinator. Gain insights into the system's implementation across Cloudflare's global network, handling millions of requests per second and representing one of the largest deployments of ABE to date.

USENIX ATC '23 - Portunus: Re-imagining Access Control in Distributed Systems