Authentication Mechanisms in Microprocessor-Based Local Area Networks

Authors:
L. Ciminiera;A. Valenzano
Affiliations:
Politecnico di Torino, Torino, Italy;Politecnico di Torino, Torino, Italy
Venue:
IEEE Transactions on Software Engineering
Year:
1989

Citing 11
Cited 0

Privilege transfer and revocation in a port-based system

IEEE Transactions on Software Engineering
Distributed operating systems

ACM Computing Surveys (CSUR) - The MIT Press scientific computation series
Fault Tolerant Operating Systems

ACM Computing Surveys (CSUR)
Operating System Structures to Support Security and Reliable Software

ACM Computing Surveys (CSUR)
Using encryption for authentication in large networks of computers

Communications of the ACM
HYDRA: the kernel of a multiprocessor operating system

Communications of the ACM
Protection

ACM SIGOPS Operating Systems Review
IBM System/38 support for capability-based addressing

ISCA '81 Proceedings of the 8th annual symposium on Computer Architecture
Protection in the Hydra Operating System

SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
StarOS, a multiprocessor operating system for the support of task forces

SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
The Cambridge CAP computer and its operating system (Operating and programming systems series)

The Cambridge CAP computer and its operating system (Operating and programming systems series)

Quantified Score

Hi-index	0.01

Visualization

Abstract

The problem of authenticating the users of a computer network in order to protect the shared resources against unauthorized use is discussed. Since intruders could enter the network and try to use services they have no right to access, the host implementing the service (or server) has to check the user's identity and access rights by searching in the relevant database. The author presents a method of carrying out such checks efficiently. The basic idea is that a suitable interface process is associated with each user-server connection in order to filter out unauthorized requests, thus implementing a sort of cache with parallel search where the working set of the whole database is stored and explored. The use of the interface process enables the system to exploit the hardware support for capability checking provided by new microprocessors. In particular, an implementation using iAPX432-based hosts is illustrated and performance issues are discussed.