| Endorsements, licensing, and insurance for distributed system services |
| Full text |
 Pdf
(743 KB)
|
| Source
|
Conference on Computer and Communications Security
archive
Proceedings of the 2nd ACM Conference on Computer and communications security
table of contents
Fairfax, Virginia, United States
Pages: 170 - 175
Year of Publication: 1994
ISBN:0-89791-732-4
|
|
Authors
|
|
Gennady Medvinsky
|
Information Sciences Institute, University of Southern California
|
|
Charlie Lai
|
Information Sciences Institute, University of Southern California
|
|
B. Clifford Neuman
|
Information Sciences Institute, University of Southern California
|
|
| Sponsor |
|
| Publisher |
|
| Bibliometrics |
Downloads (6 Weeks): 1, Downloads (12 Months): 27, Citation Count: 7
|
|
|
 ABSTRACT
Clients in a distributed system place their confidence in many servers, and servers themselves rely on other servers for file storage, authentication, authorization, and payment. When a system spans administrative boundaries it becomes harder to assess the security and competence of potential service providers. This paper examines the issue of confidence in large distributed systems.When confidence is lacking in the “real world,” one relies on endorsements, licensing, insurance, and surety bonds to compensate. We show that by incorporating such assurances into a distributed system, users are better able to evaluate the risks incurred when using a particular server. This paper describes a method to electronically represent endorsements, licenses, and insurance policies, and discusses the means by which clients use such items when selecting service providers.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
Andrew D. Birrell, Butler W. Lampson, Roger M. Needham, and Michael D. Schroeder. A global authentication service without global trust. In Proceedings of the IEEE SympoJium on Securit~l and Pri~acy, pages 223-230, April 1986.
|
| |
2
|
|
| |
3
|
|
 |
4
|
|
| |
5
|
Rowland H. Long. The Law of Liability Insurance, volume 1 and 2, pages 1.2-13.7. Mathew Bender and Company, Inc., Oakland, California, 1992.
|
| |
6
|
|
| |
7
|
|
| |
8
|
B. Clifford Neuman. Proxy-based authorization and accounting for distributed systems. In Proceedings of the l$th International ConJerence on Distributed Computing Sltstems, pages 283-291, May 1993.
|
| |
9
|
B. Clifford Neuman, Steven Seger Augart, and Shantaprasad Upasani. Using prospero to support integrated locationindependent computing. In Proceedings o.f the Useniz Sllmposlum on Mobile and Location.Independent Computing, August 1993.
|
| |
10
|
B. Clifford Neuman and Theodore Ts'o. Kerberos: An authentication service for computer networks. IEEE Communications, 32(9), September 1994.
|
| |
11
|
David Porter. Fundamentals o} Bonding, a Manual o} Fidelity and Surety, pages 9-11. The Rough Notes Co., Inc., Indianapolis, Indiana, 1970.
|
| |
12
|
Joseph J. Tardo and Kannan Alagappan. SPX: Global authentication using public key certificates. In Proceedings of the IEEE Symposium on Security and P~i~~c~, May 1991.
|
| |
13
|
Philip Ziinmermann. PGP User's Guide, volume 1 and 2. 1994. Distributed with PGP 2.6.
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
D.4