Name
Abstract | ||
|---|---|---|
Increasingly, scalable distributed applications are being constructed by integrating reusable components spanning multiple administrative domains. Dynamic composition and deployment of such applications enables flexible QoS-aware adaptation to changing client and network characteristics. However, dynamic deployment across multiple administrative domains needs to perform cross-domain authentication and authorization, and satisfy various network and application-level constraints that may only be expressed in terms meaningful within a particular domain. Our solution to these problems, developed as part of the partitionable services framework, integrates a decentralized trust management and access control system (dRBAC) with a programming and run-time abstraction (object views). dRBAC encodes statements within and across domains using cryptographically signed credentials, providing a unifying and powerful mechanism for cross-domain authorization and expression of network and application constraints. Views define multiple implementations of a reusable component, thus enriching the set of components available for dynamic deployment and enabling fine-grained, customizable access control. We describe the runtime support for views, which consists of a view generator (VIG) and a host-level communication resource (Switchboard) for creating secure channels between pairs of components. We present a simple mail application to illustrate how dRBAC, views, and Switchboard can be used to customize reusable components and securely deploy them in heterogeneous environments. |
Year | DOI | Venue |
|---|---|---|
2003 | 10.1109/HPDC.2003.1210029 | HPDC |
Keywords | Field | DocType |
grid computing,middleware,quality of service,wide area networks,workstation clusters,Switchboard,VIG,access control system,application-level constraints,component-based frameworks,cross-domain authentication,cross-domain authorization,customizable access control,dRBAC,decentralized trust management,dynamic deployment,fine-grained access control,flexible QoS-aware adaptation,host-level communication resource,multiple administrative domains,network constraints,partitionable services framework,programming abstraction,reusable components,run-time abstraction,scalable distributed applications,view generator | Middleware,Authentication,Software deployment,Grid computing,Computer science,Quality of service,Implementation,Real-time computing,Access control,Application software,Distributed computing | Conference |
ISSN | ISBN | Citations |
1082-8907 | 0-7695-1965-2 | 2 |
PageRank | References | Authors |
0.38 | 21 | 2 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Anca-andreea Ivan | 1 | 219 | 16.92 |
| Vijay Karamcheti | 2 | 646 | 67.03 |