A security architecture for object-based distributed systems

A security architecture for object-based distributed systems

Large-scale distributed systems present numerous security problems not present in local systems. We present a general security architecture for a large-scale object-based distributed system. Its main features include ways for servers to authenticate clients, clients to authenticate servers, new secu...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Popescu, B.C., van Steen, M., Tanenbaum, A.S.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Access control
Communication system traffic control
Cryptographic protocols
Cryptography
Large-scale systems
Manuals
Middleware
Operating systems
Protection
Security
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 171
container_issue
container_start_page 161
container_title
container_volume
creator Popescu, B.C.
van Steen, M.
Tanenbaum, A.S.
description Large-scale distributed systems present numerous security problems not present in local systems. We present a general security architecture for a large-scale object-based distributed system. Its main features include ways for servers to authenticate clients, clients to authenticate servers, new secure servers to be instantiated without manual intervention, and ways to restrict which client can perform which operation on which object. All of these features are done in a platform- and application-independent way, so the results are quite general. The basic idea behind the scheme is to have each object owner issue cryptographically sealed certificates to users to prove which operations they may request and to servers to prove which operations they are authorized to execute. These certificates are used to ensure secure binding and secure method invocation. The paper discusses the required certificates and security protocols for using them.
doi_str_mv 10.1109/CSAC.2002.1176288
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_1176288</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>1176288</ieee_id><sourcerecordid>1176288</sourcerecordid><originalsourceid>FETCH-LOGICAL-i218t-1341805451110518467d2bd783d65415bd523ca0171cb4baa4be66d542d42d143</originalsourceid><addsrcrecordid>eNotj01LAzEYhIMfYFv9AeJl_0Dq--Y74GVZrAoFD-q5JJsUUyyVJHvYf2_AwsDMcxlmCLlHWCOCfRw--mHNAFhDrZgxF2TBpFbUIvBLsgStrETDDF6RBYLi1Eqmb8iylAMAWqtxQZ76rsRxyqnOncvjd6pxrFOO3f6Uu5M_NKLelRi6kErNyU-15TKXGo_lllzv3U-Jd2dfka_N8-fwSrfvL29Dv6WJoakUuUADUkhsu9sioXRgPmjDg5ICpQ-S8dEBahy98M4JH5UKUrDQhIKvyMN_b4ox7n5zOro8786v-R-2iEh3</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>A security architecture for object-based distributed systems</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Popescu, B.C. ; van Steen, M. ; Tanenbaum, A.S.</creator><creatorcontrib>Popescu, B.C. ; van Steen, M. ; Tanenbaum, A.S.</creatorcontrib><description>Large-scale distributed systems present numerous security problems not present in local systems. We present a general security architecture for a large-scale object-based distributed system. Its main features include ways for servers to authenticate clients, clients to authenticate servers, new secure servers to be instantiated without manual intervention, and ways to restrict which client can perform which operation on which object. All of these features are done in a platform- and application-independent way, so the results are quite general. The basic idea behind the scheme is to have each object owner issue cryptographically sealed certificates to users to prove which operations they may request and to servers to prove which operations they are authorized to execute. These certificates are used to ensure secure binding and secure method invocation. The paper discusses the required certificates and security protocols for using them.</description><identifier>ISSN: 1063-9527</identifier><identifier>ISBN: 0769518281</identifier><identifier>ISBN: 9780769518282</identifier><identifier>EISSN: 2576-9103</identifier><identifier>DOI: 10.1109/CSAC.2002.1176288</identifier><language>eng</language><publisher>IEEE</publisher><subject>Access control ; Communication system traffic control ; Cryptographic protocols ; Cryptography ; Large-scale systems ; Manuals ; Middleware ; Operating systems ; Protection ; Security</subject><ispartof>18th Annual Computer Security Applications Conference, 2002. Proceedings, 2002, p.161-171</ispartof><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/1176288$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2058,4050,4051,27925,54920</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/1176288$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Popescu, B.C.</creatorcontrib><creatorcontrib>van Steen, M.</creatorcontrib><creatorcontrib>Tanenbaum, A.S.</creatorcontrib><title>A security architecture for object-based distributed systems</title><title>18th Annual Computer Security Applications Conference, 2002. Proceedings</title><addtitle>CSAC</addtitle><description>Large-scale distributed systems present numerous security problems not present in local systems. We present a general security architecture for a large-scale object-based distributed system. Its main features include ways for servers to authenticate clients, clients to authenticate servers, new secure servers to be instantiated without manual intervention, and ways to restrict which client can perform which operation on which object. All of these features are done in a platform- and application-independent way, so the results are quite general. The basic idea behind the scheme is to have each object owner issue cryptographically sealed certificates to users to prove which operations they may request and to servers to prove which operations they are authorized to execute. These certificates are used to ensure secure binding and secure method invocation. The paper discusses the required certificates and security protocols for using them.</description><subject>Access control</subject><subject>Communication system traffic control</subject><subject>Cryptographic protocols</subject><subject>Cryptography</subject><subject>Large-scale systems</subject><subject>Manuals</subject><subject>Middleware</subject><subject>Operating systems</subject><subject>Protection</subject><subject>Security</subject><issn>1063-9527</issn><issn>2576-9103</issn><isbn>0769518281</isbn><isbn>9780769518282</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2002</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotj01LAzEYhIMfYFv9AeJl_0Dq--Y74GVZrAoFD-q5JJsUUyyVJHvYf2_AwsDMcxlmCLlHWCOCfRw--mHNAFhDrZgxF2TBpFbUIvBLsgStrETDDF6RBYLi1Eqmb8iylAMAWqtxQZ76rsRxyqnOncvjd6pxrFOO3f6Uu5M_NKLelRi6kErNyU-15TKXGo_lllzv3U-Jd2dfka_N8-fwSrfvL29Dv6WJoakUuUADUkhsu9sioXRgPmjDg5ICpQ-S8dEBahy98M4JH5UKUrDQhIKvyMN_b4ox7n5zOro8786v-R-2iEh3</recordid><startdate>2002</startdate><enddate>2002</enddate><creator>Popescu, B.C.</creator><creator>van Steen, M.</creator><creator>Tanenbaum, A.S.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>2002</creationdate><title>A security architecture for object-based distributed systems</title><author>Popescu, B.C. ; van Steen, M. ; Tanenbaum, A.S.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i218t-1341805451110518467d2bd783d65415bd523ca0171cb4baa4be66d542d42d143</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2002</creationdate><topic>Access control</topic><topic>Communication system traffic control</topic><topic>Cryptographic protocols</topic><topic>Cryptography</topic><topic>Large-scale systems</topic><topic>Manuals</topic><topic>Middleware</topic><topic>Operating systems</topic><topic>Protection</topic><topic>Security</topic><toplevel>online_resources</toplevel><creatorcontrib>Popescu, B.C.</creatorcontrib><creatorcontrib>van Steen, M.</creatorcontrib><creatorcontrib>Tanenbaum, A.S.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Popescu, B.C.</au><au>van Steen, M.</au><au>Tanenbaum, A.S.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>A security architecture for object-based distributed systems</atitle><btitle>18th Annual Computer Security Applications Conference, 2002. Proceedings</btitle><stitle>CSAC</stitle><date>2002</date><risdate>2002</risdate><spage>161</spage><epage>171</epage><pages>161-171</pages><issn>1063-9527</issn><eissn>2576-9103</eissn><isbn>0769518281</isbn><isbn>9780769518282</isbn><abstract>Large-scale distributed systems present numerous security problems not present in local systems. We present a general security architecture for a large-scale object-based distributed system. Its main features include ways for servers to authenticate clients, clients to authenticate servers, new secure servers to be instantiated without manual intervention, and ways to restrict which client can perform which operation on which object. All of these features are done in a platform- and application-independent way, so the results are quite general. The basic idea behind the scheme is to have each object owner issue cryptographically sealed certificates to users to prove which operations they may request and to servers to prove which operations they are authorized to execute. These certificates are used to ensure secure binding and secure method invocation. The paper discusses the required certificates and security protocols for using them.</abstract><pub>IEEE</pub><doi>10.1109/CSAC.2002.1176288</doi><tpages>11</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1063-9527
ispartof 18th Annual Computer Security Applications Conference, 2002. Proceedings, 2002, p.161-171
issn 1063-9527
2576-9103
language eng
recordid cdi_ieee_primary_1176288
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Access control
Communication system traffic control
Cryptographic protocols
Cryptography
Large-scale systems
Manuals
Middleware
Operating systems
Protection
Security
title A security architecture for object-based distributed systems
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T02%3A39%3A37IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=A%20security%20architecture%20for%20object-based%20distributed%20systems&rft.btitle=18th%20Annual%20Computer%20Security%20Applications%20Conference,%202002.%20Proceedings&rft.au=Popescu,%20B.C.&rft.date=2002&rft.spage=161&rft.epage=171&rft.pages=161-171&rft.issn=1063-9527&rft.eissn=2576-9103&rft.isbn=0769518281&rft.isbn_list=9780769518282&rft_id=info:doi/10.1109/CSAC.2002.1176288&rft_dat=%3Cieee_6IE%3E1176288%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=1176288&rfr_iscdi=true