Advertisement

A flexible security system for metacomputing environments

  • Adam Ferrari
  • Frederick Knabe
  • Marty Humphrey
  • Steve Chapin
  • Andrew Grimshaw
Track C2: Computational Science
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1593)

Abstract

A metacomputing environment is a collection of geographically distributed resources (people, computers, devices, databases) connected by one or more high-speed networks, and potentially spanning multiple administrative domains. Security is an essential part of metasystem design—high-level resources and services defined by the metacomputer must be protected from one another and from corrupted underlying resources, and underlying resources must minimize their vulnerability to attacks from the metacomputer level. We present the Legion security architecture, a flexible, adaptable framework for solving the metacomputing security problem. We demonstrate that this framework is sufficiently flexible to implement a wide range of security mechanisms and high-level policies.

Keywords

Access Control Security Policy Access Control Policy File Object Security Architecture 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    E. Belani, A. Vahdat, T. Anderson, and M. Dahlin. CRISIS: A wide area security architecture. In Seventh USENIX Security Symposium, Jan. 1998.Google Scholar
  2. 2.
    A. Ferrari, F. Knabe, M. Humphrey, S. Chapin, and A. Grimshaw. A flexible security system for metacomputing environments Technical Report CS-98-36, Department of Computer Science, University of Virginia, Charlottesville, Virginia, Dec. 1998.Google Scholar
  3. 3.
    I. Foster, C. Kesselman, G. Tsudik, and S. Tuecke. A security architecture for computational grids. In Fifth ACM Conference on Computers and Communications Security, Nov. 1998.Google Scholar
  4. 4.
    L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers. Going beyond the sandbox: An overview of the new security architecture in the Java development kit 1.2. In USENIX Symposium on Internet Technologies and Systems, pagas 103–112, Dec. 1997.Google Scholar
  5. 5.
    A. S. Grimshaw and W. A. Wulf. Legion: A view from 50,000 feet. In Fifth IEEE Symposium on High Performance Distributed Computing, Aug. 1996.Google Scholar
  6. 6.
    A. S. Grimshaw, and W. A. Wulf. The Legion vision of a worldwide virtual computer. Communications of the ACM, 40(1):39–45, Jan. 1997.CrossRefGoogle Scholar
  7. 7.
    M. Lewis and A. Grimshaw. The core Legion object model. In Fifth IEEE Symposium on High Performance Distributed Computing, Aug. 1996.Google Scholar
  8. 8.
    Object Management Group. CORBAservices: Common object services specification, security service specification. Version 97-12-12, 1998.Google Scholar
  9. 9.
    C. Viles, M. Lewis, A. Ferrari, A. Nguyen-Tuong, and A. Grimshaw. Enabling flexibility in the legion run-time library. In International Conference on Parallel and Distributed Processing Techniques and Applications, pages 265–274, June 1997.Google Scholar
  10. 10.
    W. A. Wulf, C. Wang, and D. Kienzle. A new model of security for distributed systems. Technical Report CS-95-34, Department of Computer Science, University of Virginia, Charlottesville, Virginia, Aug. 1995.Google Scholar

Copyright information

© Springer-Verlag 1999

Authors and Affiliations

  • Adam Ferrari
    • 1
  • Frederick Knabe
    • 1
  • Marty Humphrey
    • 1
  • Steve Chapin
    • 1
  • Andrew Grimshaw
    • 1
  1. 1.Department of Computer ScienceUniversity of VirginiaUSA

Personalised recommendations