Secure Network Objects

  • Leendert van Doorn
  • Martín Abadi
  • Mike Burrows
  • Edward Wobber
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1603)


We describe the design and implementation of secure network objects, which provide security for object-oriented network communication. The design takes advantage of objects and subtyping to present a simple but expressive programming interface for security, supporting both access control lists and capabilities. The implementation of this design fits nicely within the structure of the existing network objects system; we discuss its internal components, its performance, and its use in some applications.


Identity Object Address Space Secure Channel Object Management Group Common Object Request Broker Architecture 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Jean Bacon, Richard Hayton, Sai Lai Lo, and Ken Moody. Extensible access control for a hierarchy of servers. ACM Operating Systems Review, 28(3):4–15, July 1994.CrossRefGoogle Scholar
  2. 2.
    Andrew Birrell, Greg Nelson, Susan Owicki, and Edward Wobber. Network objects. Software Practice and Experience, S4(25):87–130, December 1995.CrossRefGoogle Scholar
  3. 3.
    Luca Cardelli. A language with distributed scope. Computing Systems, 8(1):27–59, January 1995.Google Scholar
  4. 4.
    W.R. Cheswick. An evening with Berferd, in which a hacker is lured, endured, and studied. In Proceedings of the Usenix Winter’ 92 Conference, 1992.Google Scholar
  5. 5.
    R.H. Deng, S.K. Bhonsle, W. Wang, and A.A. Lazar. Integrating security in CORBA based object architectures. In Proceedings of the 1995 IEEE Symposium on Security and Privacy, pages 50–61, May 1995.Google Scholar
  6. 6.
    J.B. Dennis and E.C. van Horn. Programming semantics for multiprogrammed computation. Communications of the ACM, 9(3):143–155, March 1966.zbMATHCrossRefGoogle Scholar
  7. 7.
    Li Gong. A secure identity-based capability system. In Proceedings of the 1989 IEEE Symposium on Security and Privacy, pages 56–63, May 1989.Google Scholar
  8. 8.
    Graham Hamilton. Personal communication, 1994 and 1996.Google Scholar
  9. 9.
    Paul Ashley Karger. Improving Security and Performance for Capability Systems. PhD thesis, Cambridge University, October 1988.Google Scholar
  10. 10.
    Butler Lampson. A note on the confinement problem. Communications of the ACM, 16(10):613–615, October 1973.CrossRefGoogle Scholar
  11. 11.
    Butler Lampson. Protection. ACM Operating Systems Review, 1(8): 18–24, January 1974.CrossRefGoogle Scholar
  12. 12.
    Butler Lampson, Martín Abadi, Mike Burrows, and Edward Wobber. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10(4):265–310, November 1992.CrossRefGoogle Scholar
  13. 13.
    J. Mitchell, J. Gibbons, G. Hamilton, P. Kessler, Y. Khalidi, P. Kougiouris, P. Madany, M. Nelson, M. Powell, and S. Radia. An overview of the Spring system. In IEEE Compcon Spring 1994, February 1994.Google Scholar
  14. 14.
    R. Molva, G. Tsudik, E. van Herreweghen, and S. Zatti. Kryptoknight authentication and key distribution system. In Proceedings of the European Symposium on Research in Computer Security, November 1992.Google Scholar
  15. 15.
    Sape J. Mullender, Andrew S. Tanenbaum, and Robbert van Renesse. Using sparse capabilities in a distributed operating system. In Proceedings of the 6th IEEE conference on Distributed Computing Systems, June 1986.Google Scholar
  16. 16.
    National Bureau of Standards. Data encryption standard. FIPS 47, 1977.Google Scholar
  17. 17.
    Roger Needham. Names. In Sape Mullender, editor, Distributed Systems, chapter 12, pages 315–327. Addison-Wesley, second edition, 1993.Google Scholar
  18. 18.
    Greg Nelson, editor. Systems Programming with Modula-3. Prentice Hall, 1991.Google Scholar
  19. 19.
    Object Management Group. Common object request broker architecture and specification. OMG Document number 91.12.1.Google Scholar
  20. 20.
    Object Management Group. OMG documents. See URL:
  21. 21.
    Open Software Foundation. Introduction to OSF DCE. Revision 1.0, 1992.Google Scholar
  22. 22.
    R.L. Rivest and S. Dusse. RFC 1321: The MD5 message-digest function. Internet Activities Board, 1992.Google Scholar
  23. 23.
    Marc Shapiro. Structure and encapsulation in distributed systems: The proxy principle. In IEEE International Conference on Distributed Computer Systems, May 1986.Google Scholar
  24. 24.
    Eugene H. Spafford. The Internet worm program: An analysis. Computer Communication Review, 19(1):17–57, January 1989.CrossRefGoogle Scholar
  25. 25.
    J.G. Steiner, C. Neuman, and J.I. Schiller. Kerberos: An authentication service for open network systems. In Usenix 1987 Winter Conference, pages 191–202, January 1988.Google Scholar
  26. 26.
    Sun Microsystems. RFC 1057: RPC: Remote procedure call protocol specification: Version 2. Internet Activities Board, June 1988.Google Scholar
  27. 27.
    Edward Wobber, Martín Abadi, Michael Burrows, and Butler Lampson. Authentication in the Taos operating system. ACM Transactions on Computer Systems, 12(1):3–32, February 1994.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Leendert van Doorn
    • 1
  • Martín Abadi
    • 2
  • Mike Burrows
    • 2
  • Edward Wobber
    • 2
  1. 1.IBM Thomas J. Watson Research CenterHawthorneUSA
  2. 2.Systems Research CenterCompaqPalo AltoUSA

Personalised recommendations