Security architecture for heterogeneous distributed computing systems

Distributed systems face a proliferation of users, applications, networked devices, and their interactions on a scale never experienced before. The advent of reliable spontaneous networking technologies has ostensibly raised the stakes for the design of computing intensive environments using intelligent devices. As environmental intelligence grows, so will the number of heterogeneous devices connected to the environment. The creation of security and trust paradigms for such technology rich environments is today's great challenge. If the intelligent devices present in a smart environment act as gateways to some huge distributed computing system, then it is indispensable to sweep the threats out from these smart environments, so as to protect not only the local environment, but also the entire distributed system. This article proposes a design of consistent but fine-grained levels of trust and security in distributed systems, open to pervasive, mobile, heterogeneous networks featuring ambient intelligence by gradually virtualizing their security functions. These systems interact in various ways, with floating semantic interoperability between applications, interoperability of communications depending on shared links between those systems, and versatile interconnections. Threats and vulnerability vary according to different systems, objects, applications, and communication links. The salient features of this design include: consideration of duration and time factors in cryptographic protocols by introducing a trusted clock in the network; space for the security of distributed environments by context awareness in the system; mobility (security of mobile code, mobile agents and speed of movement); virtualization of security services.