M. Gasser, A. Goldstein, C. Kaufman, B. Lampson. The Digital Distributed System Security Architecture. Proceedings of the 1989.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....by merely loading a new module the mobile system will be capable of participating in the new network. 1. 2 Related work Numerous solutions for providing authentication and key exchange exist in the literature, including Kerberos [SNS88] and the Distributed System Security Architecture (DSSA) [GGKL89] that we will analyze in detail later. Other examples include the ISO security architecture [iITT88] and privacy enhanced mail [KL89] None of these systems were designed to facilitate application development, and most are based on a specific authentication protocol. Delegation has only ....

....key. For an environment 22 where numerous delegations are issued, this may cause the authentication server to become a bottleneck. 4.1. 2 Delegation in DSSA The Distributed System Security Architecture (DSSA) is a system for managing authentication and security in large distributed systems [GGKL89]. To maximize scalability the system uses the asymmetric version of the Needham Schroeder key exchange protocol to establish secure and authenticated connections between principals. The certifying authorities may be structured hierarchically and the naming scheme used to identify each principal ....

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The Digital Distributed System Security Architecture. In National Computer Security Conference, pages 305--319, Baltimore, MD, October 1989.

....memory buffers between operating system modules, as well as user space appli cations. Security and Authentication Choices will provide a secure environment through the use of authentication, encryption, and delegation. The access control model of security [20] extended with compound principals[12] will be used throughout the system. As with other subsystems of y Choices, security is implemented through a customizable frame work [26] which provides for authentication and en cryption without requiring restructuring of applications. Implementation of the security framework of lChoices will ....

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The Digital Distributed System Security Architecture. In Proceedings of the 12th National Computer Security Conference, pages 305-319, 1989.

....for all services requested and delivered. These considerations give rise to the following problems: authentication, authorization, accounting and auditing. Authentication is the most basic, as well as the most studied among the four problems. Much work has recently been done on authentication [1, 3, 4, 10]. Its main issues are fairly well understood. In fact, several implementations of distributed authentication are available, e.g. Kerberos from MIT [2, 8] which has also been integrated as part of the OSF DCE Security Service [7] SPX [9] from DEC, and KryptoKnight [5] from IBM. On the other ....

M. Gasser, A. Goldstein, C. Kaufman, and B.W. Lampson. The Digital distributed system security architecture. In Proceedings of the lth National Computer Security Conference, pages 305-319, Oc- tober 1989.

....on the device is the one authorized to execute. Note that our threat model excludes compromise of the underlying tamper resistant hardware, which is possibly not beyond the reach of law enforcement agencies. 5 Related Work The basic mechanisms of attestation have been well studied. Gasser et al. [13] describes an architecture which performs a secure loading process with minimal hardware support to certify to a remote party the operating systems and applications on a platform. Work by Tygar et al. 18] describes host integrity checking with secure coprocessor. More recent work by Arbaugh [6] ....

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The digital distributed system security architecture. In Proc. 12th NISTNCSC National Computer Security Conference, pages 305--319, 1989.

....on these guarantees. This is the principle of integrity: there must be a way for # # to address # # and to establish a communication channel which can neither be corrupted nor eavesdropped by # . Provided hardware and kernel are trustworthy, further security services, like those described by [GGKL89], can be implemented by servers. Their integrity can be ensured by system administration or by user level boot servers. For illustration: a key server should deliver public secret RSA key pairs on demand. It should guarantee that each pair has the desired RSA property and that each pair is ....

M. Gasser, A. Goldstein, C. Kaufmann, and B. Lampson. The Digital distributed system security architecture. In 12th National Computer Security Conference (NIST/NCSC), pages 305--319, Baltimore, 1989.

....on these guarantees. This is the principle of integrity: there must be a way for S 1 to address S 2 and to establish a communication channel which can neither be corrupted nor eavesdropped by S . Provided hardware and kernel are trustworthy, further security services, like those described by [GGKL89], can be implemented by servers. Their integrity can be ensured by system administration or by user level boot servers. For illustration: a key server should deliver public secret RSA key pairs on demand. It should guarantee that each pair has the desired RSA property and that each pair is ....

M. Gasser, A. Goldstein, C. Kaufmann, and B. Lampson. The Digital distributed system security architecture. In 12th National Computer Security Conference (NIST/NCSC), pages 305--319, Baltimore, 1989.

....and has the potential of making operating systems more dependable. 1 Introduction In the last decade, several (operating) system projects were well underway to build platforms for applications with very high security requirements. Examples include DSSA (Digital Systems Security Architecture [5]) Trusted Mach [2] and BSA (BirliX Security Architecture [7] None of them was used in practice, at least not in notably large scale. One reason may be the (right or wrong) perception that such systems were and despite the events on September 11th are not needed. Another reason may be ....

....a user interface or a complete device that pretends to be something which it is not, hence prompting the user to unveil secrets involuntarily. A recent successful attack on PGP made use of exactly this phenomenon. The technique to solve this type of problem has been known for over 10 years [5, 7] as secure booting. Secure booting ensures that a specific hardware with a specific OS with a specific GUI and a specific application is indeed running in the identified device. Secure booting relies on hardware to establish the identity of a boot loader, on the boot loader of the operating ....

[Article contains additional citation context not shown here]

M. Gasser, A. Goldstein, C. Kaufmann, and B. Lampson. The Digital distributed system security architecture. In 12th National Computer Security Conference (NIST/NCSC), pages 305--319, Baltimore, 1989.

.... Fair Links and Asynchrony assumptions hold, it was necessary to design new protocols for COCA [86, 85] Implementations of threshold cryptography and proactive secret sharing schemes for stronger system models are reported in [3, 81, 25, 15] Most previous work on public key infrastructure (e.g. [34, 80, 55, 48]) advocates o# line CAs, which issue certificates and certificate revocation lists (CRLs) Trade o#s associated with CRLs and related mechanisms are discussed in [77, 64, 51, 28, 59] Stubblebine [79] compares di#erent mechanisms to deal with revoked certificates and argues that a single on line ....

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The digital distributed systems security architecture. In Proceedings of the 12th National Computer Security Conference, pages 305--319, Baltimore, MD USA, October 10--13, 1989. National Institute of Standards and Technology (NIST), National Computer Security Center (NCSC).

....overload processors or clog the network can invalidate these assumptions and cause protocols to fail. Like with COCA, clients of e vault communicate with the system through a single server (there called a gateway) Public Key Infrastructure. Most previous work on public key infrastructure (e.g. [42, 104, 68, 60]) advocates an o# line CA, which issues certificates and certificate revocation lists (CRLs) Trade o#s associated with CRLs and related mechanisms are discussed in [95, 78, 63, 35, 71] Stubblebine [103] compares di#erent mechanisms to deal with revoked certificates and argues that a single ....

....the feasibility and the impact of these proposals. 104 Table 4.4: Breakdown of Costs for COCA over the Internet. Query Update PSS Partial Signature 8.0 8.7 Message Signing 3.2 2.5 2.6 One Way Function 7.8 SSL 1.6 Idle 88 87.7 87.4 Other 0.8 1.1 0.6 Hierarchy. As proposed in [42], we can construct a hierarchy, where each node in the hierarchy is a CA. Each CA at the lowest level is in charge of a small subset of clients, and each CA is a client of its parent CA which is located at the next higher level. COCA could be used to implement any CA in the hierarchy. To decide ....

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The digital distributed systems security architecture. In Proceedings of the 12th National Computer Security Conference, pages 305--319, Baltimore, MD USA, October 10--13, 1989. National Institute of Standards and Technology (NIST), National Computer Security Center (NCSC).

....checking#these# rights. #The#general#need#for# delegation# is# exemplified#by#the#Digital Distributed# System# Security# Architecture,# a# comprehensive# collection# of# security services#and#mechanisms#for#general purpose# distributed# systems#[7].#The#designers of# this# system# note# that# this# form# of# delegation# is# unrestricted# and# that,# while restricted#delegation# seems#desirable ,#the#useful#types#of#restrictions#are#specific#to each# application# and# thus# difficult# to# generalize.# Erdos# and# Pato# present# an ....

Gasser, Morrie, Andy Goldstein , Charlie Kaufman, and Butler Lampson. "The Digital Distributed System Security Architecture." In Proceedings of

No context found.

M. Gasser, A. Goldstein, C. Kaufman, B. Lampson. The Digital Distributed System Security Architecture. Proceedings of the 1989.

No context found.

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The Digital Distributed System Security Architecture. Proceedings of the 1989.

No context found.

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson, "The Digital Distributed Systems Security Architecture," Proc. of the 12th National Computer Security Conference, pp. 305--319, 1989.

No context found.

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The digital distributed system security architecture. In Proc. 12th NIST-NCSC National Computer Security Conference, pages 305--319, 1989.

No context found.

Morrie Gasser, Andy Goldstein, Charlie Kaufman, and Butler Lampson. The Digital distributed system security architecture. In Proceedings of the 12th NIST-NCSC National Computer Security Conference, pages 305--319, Baltimore, MD, October 1989.

No context found.

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The digital distributed systems security architecture. In Proceedings of the 12th National Computer Security Conference, pages 305319, Baltimore, MD USA, October 1013, 1989. National Institute of Standards and Technology (NIST), National Computer Security Center (NCSC).

No context found.

Morrie Gasser, Andy Goldstein, Charlie Kaufman, and Butler Lampson. The Digital distributed system security architecture. In Proceedings of the 12th NIST-NCSC National Computer Security Conference, pages 305--319, Baltimore, MD, October 1989. URL citeseer.nj.nec. com/gasser89digital.html.

No context found.

Morrie Gasser, Andy Goldstein, Charlie Kaufman, and Butler Lampson. The Digital Distributed System Security Architecture. In Proceedings of the 1989.

No context found.

Morrie Gasser, Andy Goldstein, Charlie Kaufman, and Butler Lampson. The Digital distributed system security architecture. In Proceedings of the 12th NIST-NCSC National Computer Security Conference, pages 305--319, Baltimore, MD, October 1989. URL citeseer.nj.nec. com/gasser89digital.html.

No context found.

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson, "The Digital Distributed Systems Security Architecture," Proc. of the 12th National Computer Security Conference, pp. 305--319, 1989.

No context found.

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The Digital distributed system security architecture. In Proceedings of the Twelfth National Computer Security Conference, pages 305-319, Baltimore, Maryland, 10-13 October 1989. NIST/NCSC.

No context found.

M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The digital distributed system security architecture. In Proceedings of the 12th NIST-NCSC National Computer Security Conference, pages 305--319, 1989.

No context found.

M. Gasser, A. Goldstein, C. Kaufman, and B.W. Lampson. The Digital Distributed System Security Architecture. In Proc. Of the 1989 National Computer Security Conference, pages 305--319, October 1989.

No context found.

M. Gasser, A. Goldstein, C. Kaufman and B. Lampson, The Digital distributed system security architecture, Proc. 12th National Computer Security Conference, NIST/NCSC, Baltimore, 1989, pp. 305--319.

No context found.

M. Gasser, A. Goldstein, C. Kaufman, B. Lampson, The Digital Distributed System Security Architecture, Proceedings of the 1989.

First 50 documents  Next 50

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC