Fundamentals of computer security technology
Fundamentals of computer security technology
Protection and the control of information sharing in multics
Communications of the ACM
Kerberized credential translation: a solution to web access control
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Dos and don'ts of client authentication on the web
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Collusion attack on a multi-key secure video proxy scheme
Proceedings of the 12th annual ACM international conference on Multimedia
Improved client authentication using session authentication in the internet
HSI'03 Proceedings of the 2nd international conference on Human.society@internet
Security agent model using interactive authentication database
AIS'04 Proceedings of the 13th international conference on AI, Simulation, and Planning in High Autonomy Systems
Client authentication model using duplicated authentication server systems
AIS'04 Proceedings of the 13th international conference on AI, Simulation, and Planning in High Autonomy Systems
Hi-index | 0.00 |
We consider the problem of of floading secure access-controlled content from central origin servers to distributed caches so clients can access a proximal cache rather than the origin servers. Our security architecture enforces the access-control policies of the origin server without replicating the access-control databases to each of the caches. We describe the security mechanisms to affect such a system and perform an extensive security analysis of our implementation. Our system is an example of how less trustworthy systems can be integrated into a distributed system architecture; it provides mechanisms to preserve the whole distributed system security even in case less trustworthy subsystems are compromised. An application of our system is the cached distribution of access-controlled contents such as subscription-based electronic libraries.