Security architecture for a virtual heterogeneous machine

We describe security for a virtual heterogeneous machine (VHM). Our security architecture is based upon separation of services into four distinct domains. It is designed to take advantage of operating system support for domains, where available. We have chosen to use emerging public key technology as an interim solution to provide domain separation. A prototype demonstration of our architecture has been developed.

[1]  R. F. Freund,et al.  SmartNet: a scheduling framework for heterogeneous computing , 1996, Proceedings Second International Symposium on Parallel Architectures, Algorithms, and Networks (I-SPAN'96).

[2]  Cynthia E. Irvine,et al.  Building Trust Into A Multilevel File System , 1990 .

[3]  Wan-Sup Um,et al.  An Authentication System for Open Network Systems , 1998 .

[4]  Terry V. Benzel,et al.  SIGMA: security for distributed object interoperability between trusted and untrusted systems , 1996, Proceedings 12th Annual Computer Security Applications Conference.

[5]  Charles E. Catlett,et al.  From the I-WAY to the National Technology Grid , 1997, CACM.

[6]  Miron Livny,et al.  Checkpoint and Migration of UNIX Processes in the Condor Distributed Processing System , 1997 .

[7]  John P Kresho Quality Network Load Information Improves Performance of Adaptive Applications , 1997 .

[8]  Alan O. Freier,et al.  The SSL Protocol Version 3.0 , 1996 .

[9]  Ian T. Foster,et al.  A secure communications infrastructure for high-performance distributed computing , 1997, Proceedings. The Sixth IEEE International Symposium on High Performance Distributed Computing (Cat. No.97TB100183).

[10]  William A. Wulf,et al.  A new model of security for distributed systems , 1996, NSPW '96.

[11]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .