DisCo: middleware for securely deploying decomposable services in partly trusted environments

24th International Conference on Distributed Computing Systems, 2004. Proceedings. Pub Date : 2004-03-24 DOI:10.1109/ICDCS.2004.1281616

E. Freudenthal, V. Karamcheti

{"title":"DisCo: middleware for securely deploying decomposable services in partly trusted environments","authors":"E. Freudenthal, V. Karamcheti","doi":"10.1109/ICDCS.2004.1281616","DOIUrl":null,"url":null,"abstract":"The DisCo middleware infrastructure facilitates the construction and deployment of decomposable applications for environments with dynamic network connectivity properties and unstable trust relationships spanning multiple administrative domains. Consumers of these services, who are mutually anonymous, must be able to discover, securely acquire the code for, and install service components over the network with only minimal a priori knowledge of their locations. Once installed, these components must be able to intemperate securely and reliably across the network. Solutions exist that address individual challenges posed by such an environment, but they rely upon mutually incompatible authorization models that are frequently insufficiently expressive. The primary contributions of DisCo are (1) a middleware toolkit for constructing such applications, (2) a unifying authorization abstraction, and (3) a realization of this authorization well suited for expressing partial trust relationships typical of such environments. We focus on the first two of these contributions, [E. Freudenthal et al., (2002)] presents the third.","PeriodicalId":348300,"journal":{"name":"24th International Conference on Distributed Computing Systems, 2004. Proceedings.","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"24th International Conference on Distributed Computing Systems, 2004. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICDCS.2004.1281616","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

The DisCo middleware infrastructure facilitates the construction and deployment of decomposable applications for environments with dynamic network connectivity properties and unstable trust relationships spanning multiple administrative domains. Consumers of these services, who are mutually anonymous, must be able to discover, securely acquire the code for, and install service components over the network with only minimal a priori knowledge of their locations. Once installed, these components must be able to intemperate securely and reliably across the network. Solutions exist that address individual challenges posed by such an environment, but they rely upon mutually incompatible authorization models that are frequently insufficiently expressive. The primary contributions of DisCo are (1) a middleware toolkit for constructing such applications, (2) a unifying authorization abstraction, and (3) a realization of this authorization well suited for expressing partial trust relationships typical of such environments. We focus on the first two of these contributions, [E. Freudenthal et al., (2002)] presents the third.

查看原文本刊更多论文

DisCo:用于在部分可信环境中安全部署可分解服务的中间件

DisCo中间件基础设施有助于为具有动态网络连接属性和跨多个管理域的不稳定信任关系的环境构建和部署可分解应用程序。这些服务的消费者是相互匿名的，他们必须能够发现、安全地获取服务组件的代码，并在网络上安装服务组件，而只需要对其位置有最低限度的先验知识。安装后，这些组件必须能够安全可靠地跨网络传输。现有的解决方案可以解决这种环境所带来的单个挑战，但它们依赖于相互不兼容的授权模型，这些模型往往表现力不足。DisCo的主要贡献是(1)一个用于构造此类应用程序的中间件工具包，(2)一个统一的授权抽象，以及(3)这种授权的实现非常适合于表达此类环境中典型的部分信任关系。我们主要关注前两个贡献，[E。Freudenthal et al.，(2002)]提出了第三种。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

24th International Conference on Distributed Computing Systems, 2004. Proceedings.

自引率

0.00%

发文量