Title :
On inter-realm authentication in large distributed systems
Author :
Gilgor, V.D. ; Luan, Shyh-Wei ; Pato, Joseph N.
Author_Institution :
Dept. of Electr. Eng., Maryland Univ., College Park, MD, USA
Abstract :
A policy for propagation of authentication trust across realm boundaries is defined and rationalized. This policy helps limit global security exposures that ensue whenever an authentication service is compromised. The policy is based on a hierarchical model of inter-realm authentication and can be supported by both public key and secret key systems. As an example, a simple protocol which selects inter-realm authentication paths that satisfy the policy are presented. The protocol is part of a design which provides application transparency for inter-realm authentication path selection and acceptance as the default mode of operation. This design can be integrated with the security services of existing systems; e.g., of the Open Software Foundation´s Distributed Computing Environment (DCE). DCE implementation issues are also discussed
Keywords :
distributed processing; message authentication; public key cryptography; Distributed Computing Environment; Open Software Foundation; global security; inter-realm authentication; protocol; public key systems; secret key systems; Access control; Application software; Authentication; Costs; Distributed computing; Ice; Protocols; Public key; Scalability; Security;
Conference_Titel :
Research in Security and Privacy, 1992. Proceedings., 1992 IEEE Computer Society Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-2825-1
DOI :
10.1109/RISP.1992.213274
