总机:客户端-服务器通信的安全、监控连接

Proceedings 22nd International Conference on Distributed Computing Systems Workshops Pub Date : 2002-07-02 DOI:10.1109/ICDCSW.2002.1030844

E. Freudenthal, Lawrence Port, Tracy Pesin, E. Keenan

{"title":"总机:客户端-服务器通信的安全、监控连接","authors":"E. Freudenthal, Lawrence Port, Tracy Pesin, E. Keenan","doi":"10.1109/ICDCSW.2002.1030844","DOIUrl":null,"url":null,"abstract":"Prolonged secure communication requires trust relationships that extend throughout a connection's life cycle. Current tools to establish secure connections such as SSL/TLS and SSH authenticate PKI identities, validate credentials and authorize a trust relationship at the time a connection is established, but do not monitor the trust relationship thereafter To maintain security over the duration of a prolonged connection, we extend the semantics of SSL to support continuous monitoring of a credential's liveness and the trust relationships that authorize it. Our implementation isolates trust management into a pluggable trust authorization module. We also present an initial design for a host-level secure communication resource that provides secure channels for multiple connections.","PeriodicalId":382808,"journal":{"name":"Proceedings 22nd International Conference on Distributed Computing Systems Workshops","volume":"35 4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2002-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Switchboard: secure, monitored connections for client-server communication\",\"authors\":\"E. Freudenthal, Lawrence Port, Tracy Pesin, E. Keenan\",\"doi\":\"10.1109/ICDCSW.2002.1030844\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Prolonged secure communication requires trust relationships that extend throughout a connection's life cycle. Current tools to establish secure connections such as SSL/TLS and SSH authenticate PKI identities, validate credentials and authorize a trust relationship at the time a connection is established, but do not monitor the trust relationship thereafter To maintain security over the duration of a prolonged connection, we extend the semantics of SSL to support continuous monitoring of a credential's liveness and the trust relationships that authorize it. Our implementation isolates trust management into a pluggable trust authorization module. We also present an initial design for a host-level secure communication resource that provides secure channels for multiple connections.\",\"PeriodicalId\":382808,\"journal\":{\"name\":\"Proceedings 22nd International Conference on Distributed Computing Systems Workshops\",\"volume\":\"35 4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2002-07-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 22nd International Conference on Distributed Computing Systems Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICDCSW.2002.1030844\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 22nd International Conference on Distributed Computing Systems Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICDCSW.2002.1030844","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

长时间的安全通信需要贯穿连接生命周期的信任关系。当前用于建立安全连接的工具(如SSL/TLS和SSH)在连接建立时验证PKI身份、验证凭据并授权信任关系，但不监控此后的信任关系。为了在长连接期间保持安全性，我们扩展了SSL的语义，以支持对凭据的有效性和授权它的信任关系的持续监控。我们的实现将信任管理隔离到可插拔的信任授权模块中。我们还提出了一个主机级安全通信资源的初步设计，该资源为多个连接提供安全通道。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Switchboard: secure, monitored connections for client-server communication

Prolonged secure communication requires trust relationships that extend throughout a connection's life cycle. Current tools to establish secure connections such as SSL/TLS and SSH authenticate PKI identities, validate credentials and authorize a trust relationship at the time a connection is established, but do not monitor the trust relationship thereafter To maintain security over the duration of a prolonged connection, we extend the semantics of SSL to support continuous monitoring of a credential's liveness and the trust relationships that authorize it. Our implementation isolates trust management into a pluggable trust authorization module. We also present an initial design for a host-level secure communication resource that provides secure channels for multiple connections.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings 22nd International Conference on Distributed Computing Systems Workshops

自引率

0.00%

发文量