Distributed System Security Architecture

Distributed System Security Architecture

Distributed System Security Architecture or (DSSA) is a computer security architecture that provides a suite of functions including login, authentication, and access control in a distributed system. To differ from other similar architectures, the DSSA architecture offers the ability to access all these functions without the trusted server (known as a certificate authority) being active.

In DSSA, security objects are handled by owners and access is controlled by the central, universally trusted, certificate authority.

DSSA/SPX

DSSA/SPX is the authentication protocol of DSSA. The CDC is a certificate granting server while the certificate is a ticket signed by CA which contains the public key of the party being certified. Since the CDC is merely distributing previously signed certificates, it is not necessary for it to be trusted.

A \rightarrow CDC: B

CDC \rightarrow A: certificate(B, CA)

A \rightarrow B: A, \{T_A, A\}K_{AB}, \{L, A, P'_A\}S_A, \{\{K_{AB}\}P_B\}S'_A

B \rightarrow CDC: A

CDC \rightarrow B: certificate(A, CA)

B \rightarrow A: \{T_A + 1\}K_{AB}

External links


Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • Domain Name System Security Extensions — Internet protocol suite Application layer BGP DHCP DNS FTP HTTP …   Wikipedia

  • Security engineering — is a specialized field of engineering that focuses on the security aspects in the design of systems that need to be able to deal robustly with possible sources of disruption, ranging from natural disasters to malicious acts. It is similar to… …   Wikipedia

  • Distributed operating system — A distributed operating system is the logical aggregation of operating system software over a collection of independent, networked, communicating, and spatially disseminated computational nodes.[1] Individual system nodes each hold a discrete… …   Wikipedia

  • Security-Enhanced Linux — The SELinux administrator in Fedora 8 Security Enhanced Linux (SELinux) is a Linux feature that provides a mechanism for supporting access control security policies, including United States Department of Defense style mandatory access controls,… …   Wikipedia

  • Distributed Component Object Model — (DCOM) is a proprietary Microsoft technology for communication among software components distributed across networked computers. DCOM, which originally was called Network OLE , extends Microsoft s COM, and provides the communication substrate… …   Wikipedia

  • Distributed Management Task Force — Abbreviation DMTF Formation 1992 Type Standards Development Organization Purpose/focus …   Wikipedia

  • Proof-of-work system — A Proof of work ( POW ) system (or protocol, or function) is an economic measure to deter denial of service attacks and other service abuses such as spams on a network by requiring some work from the service requester, usually meaning processing… …   Wikipedia

  • Distributed Split Multi-Link Trunking — (DSMLT) or Distributed SMLT is a computer networking technology designed by Avaya to enhance the Split Multi Link Trunking (SMLT) protocol. DSMLT allows the ports in a trunk to span multiple units of a stack of switches or to span multiple cards… …   Wikipedia

  • Security Support Provider Interface — (SSPI) программный интерфейс между приложениями и провайдерами безопасности. SSPI используется для отделения протоколов уровня приложения от деталей реализации сетевых протоколов безопасности и обеспечивает уровень абстракции для поддержки… …   Википедия

  • architecture — /ahr ki tek cheuhr/, n. 1. the profession of designing buildings, open areas, communities, and other artificial constructions and environments, usually with some regard to aesthetic effect. Architecture often includes design or selection of… …   Universalium

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”