A Security Infrastructure for Distributed Java Applications

Authors:
Dirk Balfanz;Drew Dean;Mike Spreitzer
Affiliations:
-;-;-
Venue:
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Year:
2000

Citing 0
Cited 11

A General and Flexible Access-Control System for the Web

Proceedings of the 11th USENIX Security Symposium
Validating a Web service security abstraction by typing

Proceedings of the 2002 ACM workshop on XML security
SAFE-OPS: An approach to embedded software security

ACM Transactions on Embedded Computing Systems (TECS)
xDomain: cross-border proofs of access

Proceedings of the 14th ACM symposium on Access control models and technologies
Type based adaptation: an adaptation approach for dynamic distributed systems

SEM'02 Proceedings of the 3rd international conference on Software engineering and middleware
A generic framework for context-based distributed authorizations

CONTEXT'03 Proceedings of the 4th international and interdisciplinary conference on Modeling and using context
Design and implementation of access control system for smart office environment

ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Dissection of the internal workings of the RMI, possible enhancements and implementing authentication in standard Java RMI

International Journal of Networking and Virtual Organisations
Device-enabled authorization in the grey system

ISC'05 Proceedings of the 8th international conference on Information Security
Instant matchmaking: simple and secure integrated ubiquitous computing environments

UbiComp'06 Proceedings of the 8th international conference on Ubiquitous Computing
Efficient proving for practical distributed access-control systems

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We describe the design and implementation of a security infrastructure for a distributed Java application. This work is inspired by SDSI/SPKI, but has a few twists of its own. We define logic for access control, such that access is granted if a proof that it should be granted is derivable in the logic. Our logic supports linked local name spaces, privilege delegation across administrative domains, and attribute certificates. We use SSL to establish secure channels through which principals can 驴speak驴, and have implemented our access control system in Java. While we implemented our infrastructure for the Placeless Documents System, our design is applicable to other applications as well. We discuss general issues related to building secure, distributed Java applications that we discovered.