Abstract With the rapid growth of high-speed networking and microprocessing power, metasystems have become increasingly popular. The need for protection and security in such environments has never been greater. However, the conventional approach to security, that of enforcing a single system-wide policy, will not work for the large-scale distributed systems we envision. Our new model shifts the emphasis from ‘system as enforcer’ to user-definable policies, making users responsible for the security of their objects. This security model has been implemented as part of the Legion project. Legion is an object-oriented metacomputing system, with strong support for autonomy. This includes support for per-object, user-defined policies in many areas, including resource management and security. This paper briefly describes the Legion system, presents our security model, and discusses the realization of that model in Legion.
[1]
James C. French,et al.
Legion: The Next Logical Step Toward a Nationwide Virtual Computer
,
1994
.
[2]
Theodore Y. Ts'o,et al.
Kerberos: an authentication service for computer networks
,
1994,
IEEE Communications Magazine.
[3]
염흥렬,et al.
[서평]「Applied Cryptography」
,
1997
.
[4]
Benedict G. E. Wiedemann.
Protection?
,
1998,
Science.
[5]
William A. Wulf,et al.
A Distributed Key Generation Technique
,
1996
.
[6]
Adi Shamir,et al.
A method for obtaining digital signatures and public-key cryptosystems
,
1978,
CACM.
[7]
William A. Wulf,et al.
HYDRA/C.Mmp, An Experimental Computer System
,
1981
.
[8]
Jerome H. Saltzer,et al.
Protection and the control of information sharing in multics
,
1974,
CACM.
[9]
William Cheswick,et al.
Firewalls and Internet Security
,
1994
.