Shrink-Wrapped Optimism: The DODA Approach to Distributed Document Processing
In this paper we introduce a distributed object-based document architecture called DODA in order to illustrate a novel strategy for achieving both high availability and high integrity in the context of open processing distributed between mutually suspicious domains without a common management hierarchy.
Our approach to availability is to structure documents into small components called folios in such a way as to allow the maximum opportunity for concurrent processing, and to allow these components to be freely replicated and distributed. Integrity conflicts are resolved using an optimistic form of control called optimistic integrity control (OIC) applied to recoverable work units.
Our approach to security is to shrinkwrap the document components using cryptographic checksums, and to provide a set of building block components called functionaries which a group of users can combine in such a way as to provide each user with a means of ensuring that an agreed notion of integrity is enforced while relying upon a minimum of non-local trust.
In particular, we do not rely upon a trusted computing base or a shared system infrastructure. The local availability of document versions and of the resources to process them are completely under local user control. The lack of availability of the functionaries does not have severe consequences, and the presence of mutual suspicion makes it easier to ensure that users can trust the functionaries to provide the intended service.
A major benefit of using OIC is that it allows the integration of untrusted components such as filestores and directory servers into the system. In particular, an untrusted soft locking service can be used in order to reduce the number of concurrency conflicts, and untrusted security components can be used to screen out attempted access control violations.
Note. The text of this previously unpublished position paper is the March 1994 version.
KeywordsDirected Acyclic Graph Social Contract Security Policy Audit Trail Access Control List
Unable to display preview. Download preview PDF.
- 1.Gleeson, T.J.: Aspects of Abstraction in Computing, PhD thesis, University of Cambridge (1990)Google Scholar
- 2.Hu, P.: Extensions to DODA, University of Hertfordshire Computer Science Technical Note (1994)Google Scholar
- 3.Low, M.R.: The Notary, University of Hertfordshire Computer Science Technical Report 153 (1992)Google Scholar
- 4.Low, M.R.: Self-defence in Open Systems using Self-authenticating Proxies, University of Hertfordshire Computer Science Technical Report 161 (1993)Google Scholar
- 6.Low, M.R., Christianson, B.: A Technique for Authentication. Access Control and Resource Management in Open Distributed Systems, Electronics Letters 30(2), 124–125 (1994)Google Scholar
- 7.Mullender, S.J.: Principles of Distributed Operating System Design, PhD thesis, Vrije University, Amsterdam (1985)Google Scholar
- 10.Snook, J.F.: Towards Secure, Optimistic, Distributed Open Systems, University of Hertfordshire Computer Science Technical Report 151 (1992)Google Scholar
- 11.Yahalom, R.: Managing the Order of Transactions in Widely-distributed Data Systems, University of Cambridge Computer Laboratory Technical Report 231 (1991)Google Scholar
- 12.VMS Distributed Lock Manager, VAX Cluster Manual, Digital Equipment CorporationGoogle Scholar