Towards security in an open systems federation

  • John A Bull
  • Li Gong
  • Karen R Sollins
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 648)


This paper argues that security design for Open Distributed Processing (ODP) would benefit from a shift of focus from the infrastructure to individual servers as the owners and enforcers of security policy. It debates the policy nuances, mechanisms, and protocol design consequences, that would follow from such a change of emphasis. In ODP, physically separate systems federate into heterogeneous networks of unlimited scale, so there can be no central authority, nor ubiquitous security infrastructure. Servers that offer, trade, supply and consume services must maintain their own security policies and defend themselves. For servers to take security policy and enforcement decisions, design is concerned with how they might seek advice and guidance from higher authority. This contrasts with an administrator imposed policy on a closed homogeneous network, where an infrastructure enforces administrator declared access rights to potential clients, including rights to delegate rights.


Smart Card Security Policy Authentication Protocol Authentication Service Defense Advance Research Project Agency 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M. Abadi, M. Burrows, C. Kaufman, and B. Lampson Authentication and Delegation with Smart-Cards DEC Systems Research Center, Report No.67, Oct 1990.Google Scholar
  2. 2.
    Architecture Projects Management Ltd (ANSA) The Application Programmers' Introduction to the Architecture Technical Reports TR 017.00, 1991.Google Scholar
  3. 3.
    R J. van der Linden and J. Sventek The ANSA Trading Service IEEE Distributed Processing Committee Newsletter, Vol. 13, No. 4, 1991.Google Scholar
  4. 4.
    J.A. Bull Object Request Broker RFP Response OMG: 91.1.2, to the Object Management Group. Architecture Projects Management Ltd, CO.059.00, 08 Jan 1991.Google Scholar
  5. 5.
    M. Burrows, M. Abadi, R.M. Needham A Logic for Authentication ACM Trans. on Computer Systems, Vol.8, No.1, Feb 1990, pp.18–36.CrossRefGoogle Scholar
  6. 6.
    ECMA Security in Open Systems: A Security Framework. ECMA TR 46, Jul 1988.Google Scholar
  7. 7.
    ECMA Security in Open Systems: Data Elements and Service Definitions ECMA TR 138, Dec 1989.Google Scholar
  8. 8.
    M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson The Digital Distributed System Security Architecture Proc. of the 12th National Computer Security Conference NIST/NCSC, Oct 1989, pages 305–319.Google Scholar
  9. 9.
    L. Gong A Secure Identity-Based Capability System Proc. of the IEEE Symp. on Security and Privacy Oakland, California, May 1989, pp 56–63Google Scholar
  10. 10.
    L. Gong Using One-Way Functions for Authentication ACM Computer Comms Review, Vol.19, No.5, Oct 1989, pp.8–11.CrossRefGoogle Scholar
  11. 11.
    L. Gong, R. Needham, and R. Yahalom Reasoning about Belief in Cryptographic Protocols Proc. of the IEEE 1990 Symp. on Security and Privacy Oakland, California, May 1990, pp.234–248.Google Scholar
  12. 12.
    J.Y. Halpern and Y. Moses Knowledge and Common Knowledge in a Distributed Environment Proc. of the 3rd ACM Symp. on Principles of Distributed Computing Vancouver, British Columbia, Aug 1984, pp.50–61.Google Scholar
  13. 13.
    ISO ODP Basic Reference Model of Open Distributed Processing Part 2: Descriptive Model ISO/TEC JTC1/SC21/WG7 N315, Mar 1991 (and later revisions) and ISO/EEC JTC1/SC21 N6079 (draft), May 1991 (and later revisions) Part 3: Prescriptive Model ISO/TEC JTC1/SC21 N6080 (draft). May 1991 (and later revisions).Google Scholar
  14. 14.
    Working draft Security Frameworks Overview ISO/IEC JTC1/SC21N6166 and N6080, Jul 1991.Google Scholar
  15. 15.
    P.A. Karger New Methods for Immediate Revocation Proc. of the IEEE Symp. on Security and Privacy Oakland, California, May 1989, pp.48–55.Google Scholar
  16. 16.
    B.W. Lampson Protection Proc. of the 5th Princeton Symp. on Info. Sciences and Systems, March, 1971. Reprinted in ACM Operating. Systems Review, Vol.8, No.1, Jan 1974, pp.18–24.Google Scholar
  17. 17.
    B. Lampson, M. Abadi, M. Burrows, and E. Wobber Authentication in Distributed Systems: Theory and Practice Proc. of the 13th ACM Symp. on Operating Systems Principles, Oct 1991 Publ. as ACM Op. Systems Review, Vol 25, No.5, pp.165–182. Also as, DEC Systems Research Center, Report No.83, Feb 1992.CrossRefGoogle Scholar
  18. 18.
    H.M. Levy Capability-Based Computer Systems Digital Press, 1984.Google Scholar
  19. 19.
    R.C. Merkte Protocols for Public Key Crypto-systems Proc. of the IEEE Symp. on Security and Privacy Oakland, California, May 1980, pp.122–134.Google Scholar
  20. 20.
    N.H. Minsky Selective and Locally Controlled Transport of Privilege ACM Trans on Prog Langs and Systs, Vol.6, No.4, Oct 1984, pp.573–602.zbMATHCrossRefGoogle Scholar
  21. 21.
    R.M. Needham and M.D. Schroeder Using Encryption for Authentication in Large Networks of Computers Communications of the ACM, Vol.21, No.12, Dec 1978, pp.993–999.zbMATHCrossRefGoogle Scholar
  22. 22.
    D.J. Otway and O. Rees Efficient and Timely Mutual Authentication ACM Op. System Review. Vol.21, No.1, Jan 1987, pp.8–10.CrossRefGoogle Scholar
  23. 23.
    R.L. Rivest Cryptography In J. van Leeuwen, editor: Handbook of Theoretical Computer Science Volume A, Algorithms and Complexity, chapter 13, pages 717–755. Elsevier Science Publishers B. V., 1990.Google Scholar
  24. 24.
    A. Shamir Identity Based Crypto-systems and Signature Schemes Proc. of Crypto'84, Aug 1984, pp.47–53.Google Scholar
  25. 25.
    A. Snyder Inheritance and the Development of Encapsulated Software Components In B. Shriver and P. Wegner ed.: Research Directions in Object-Oriented Programming MIT Press, 1987,pp.l65–188.Google Scholar
  26. 26.
    K. Sollins Cascaded Authentication Proc. of the IEEE Symp. on Security and Privacy Oakland, California, Apr 1988, pp.156–163.Google Scholar
  27. 27.
    J.G. Steiner, C. Neuman, and J.I. Schiller Kerberos: An Authentication Service for Open Network Systems Proc. of the USENIX Winter Conference, Feb 1988, pp.191–202.Google Scholar
  28. 28.
    S.T. Vintner Extended Discretionary Access Controls Proc. of the IEEE Symp. on Security and Privacy Oakland, California, Apr 1988, pp.39–49.Google Scholar
  29. 29.
    V.L. Vodyock and S.T. Kent Security Mechanisms in High-Level Network Protocols ACM Computing Surveys, Vol.15, No.2, Jun 1983, pp.135–171.CrossRefGoogle Scholar
  30. 30.
    Simon Wiseman A Secure Capability Computer System Proc. of the IEEE Symp. on Security and Privacy Oakland, California, Apr 1986, pp.86–94.Google Scholar

Copyright information

© Springer-Verlag 1992

Authors and Affiliations

  • John A Bull
    • 1
  • Li Gong
    • 2
  • Karen R Sollins
    • 3
  1. 1.Architecture Projects Management Ltd, (APM/ANSA)Castle ParkUK
  2. 2.ORA CorporationIthacaUSA
  3. 3.M.I.T. Laboratory for Computer ScienceCambridgeUSA

Personalised recommendations