A Security Architecture for Object-Based Distributed Systems

San Diego California December 09-December 13

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/CSAC.2002.1176288

18th Annual Computer Security Applica ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Bogdan C. Popescu Articles by Maarten van Steen Articles by Andrew S. Tanenbaum

	ASCII Text	x
	Bogdan C. Popescu, Maarten van Steen, Andrew S. Tanenbaum, "A Security Architecture for Object-Based Distributed Systems," Computer Security Applications Conference, Annual, pp. 161, 18th Annual Computer Security Applications Conference (ACSAC '02), 2002.

	BibTex	x
	@article{ 10.1109/CSAC.2002.1176288, author = {Bogdan C. Popescu and Maarten van Steen and Andrew S. Tanenbaum}, title = {A Security Architecture for Object-Based Distributed Systems}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2002}, issn = {1063-9527}, pages = {161}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2002.1176288}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - A Security Architecture for Object-Based Distributed Systems SN - 1063-9527 SP EP A1 - Bogdan C. Popescu, A1 - Maarten van Steen, A1 - Andrew S. Tanenbaum, PY - 2002 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Bogdan C. Popescu, Vrije Universiteit

Maarten van Steen, Vrije Universiteit

Andrew S. Tanenbaum, Vrije Universiteit

Large-scale distributed systems present numerous security problems not present in local systems. In this paper we present a general security architecture for a large-scale object-based distributed system. Its main features include ways for servers to authenticate clients, clients to authenticate servers, new secure servers to be instantiated without manual intervention, and ways to restrict which client can perform which operation on which object. All of these features are done in a platform- and application-independent way, so the results are quite general. The basic idea behind the scheme is to have each object owner issue cryptographically sealed certificates to users to prove which operations they may request and to servers to prove which operations they are authorized to execute. These certificates are used to ensure secure binding and secure method invocation. The paper discusses the required certificates and security protocols for using them.

Citation:

Bogdan C. Popescu, Maarten van Steen, Andrew S. Tanenbaum, "A Security Architecture for Object-Based Distributed Systems," acsac, pp.161, 18th Annual Computer Security Applications Conference (ACSAC '02), 2002

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.