Trust Management and Whether to Delegate
A colleague in UCC, John Morrison, has been working on the development of an architecture for mobile code, WebCom1, and in the last year or so we’ve been looking at using trust management systems to control the secure scheduling or dissemination of this mobile code. The main components to the architecture are masters and clients. A master schedules out operations to clients (the scheduling can be done in a push or in a pull fashion) and the clients use KeyNote to determine whether or not a master is authorised to schedule mobile code to a particular client. The code could be a COM object, for example, and the client wants to make sure that it’s coming from a trustworthy source with trustworthy parameters. On the other side the master is also using KeyNote to determine whether clients are authorised to execute. So it’s a very straightforward application of KeyNote.
Unable to display preview. Download preview PDF.