• DocumentCode
    2087865
  • Title

    A security infrastructure for distributed Java applications

  • Author

    Balfanz, Dirk ; Dean, Drew ; Spreitzer, Mike

  • Author_Institution
    Princeton Univ., NJ, USA
  • fYear
    2000
  • fDate
    2000
  • Firstpage
    15
  • Lastpage
    26
  • Abstract
    We describe the design and implementation of a security infrastructure for a distributed Java application. This work is inspired by SDSI/SPKI, but has a few twists of its own. We define a logic for access control, such that access is granted iff a proof that it should be granted is derivable in the logic. Our logic supports linked local name spaces, privilege delegation across administrative domains, and attribute certificates. We use SSL to establish secure channels through which principals can “speak”, and have implemented our access control system in Java. While we implemented our infrastructure for the Placeless Documents System, our design is applicable to other applications as well. We discuss general issues related to building secure, distributed Java applications that we discovered
  • Keywords
    Java; authorisation; cryptography; distributed processing; document handling; formal logic; message authentication; Placeless Documents System; SDSI/SPKI; access control logic; access control system; administrative domains; attribute certificates; distributed Java applications; linked local name spaces; privilege delegation; secure channels; security infrastructure; Access control; Buildings; Content addressable storage; Identity-based encryption; Java; Kernel; Logic; Packaging; Security; Software standards;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy, 2000. S&P 2000. Proceedings. 2000 IEEE Symposium on
  • Conference_Location
    Berkeley, CA
  • ISSN
    1081-6011
  • Print_ISBN
    0-7695-0665-8
  • Type

    conf

  • DOI
    10.1109/SECPRI.2000.848443
  • Filename
    848443