The CRISIS wide area security architecture

被引:0
|
作者
Belani, E [1 ]
Vahdat, A [1 ]
Anderson, T [1 ]
Dahlin, M [1 ]
机构
[1] Univ Calif Berkeley, Div Comp Sci, Berkeley, CA 94720 USA
来源
PROCEEDINGS OF THE SEVENTH USENIX SECURITY SYMPOSIUM | 1998年
关键词
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper presents the design and implementation of a new authentication and access control system, called CRISIS. A goal of CRISIS is to explore the systematic application of a number of design principles to building highly secure systems, including: redundancy to eliminate single points of attack, caching to improve performance and availability over slow and unreliable wide area networks, fine-grained capabilities and roles to enable lightweight control of privilege, and complete local logging of all evidence used to make each access control decision. Measurements of a prototype CRISIS-enabled wide area file system show that in the common case CRISIS adds only marginal overhead relative to unprotected wide area accesses.
引用
收藏
页码:15 / 29
页数:15
相关论文
共 50 条
  • [1] A Security Architecture for Intranet Based on Security Area Division
    Gao Fuxiang
    Li Sha
    Wang Xiaolu
    Yao Lan
    2010 THIRD INTERNATIONAL SYMPOSIUM ON INTELLIGENT INFORMATION TECHNOLOGY AND SECURITY INFORMATICS (IITSI 2010), 2010, : 539 - 543
  • [2] Secure System Architecture for Wide Area Surveillance Using Security, Trust and Privacy (STP) Framework
    Isa, Mohd Anuar Mat
    Hashim, Habibah
    Ab Manan, Jamalul-lail
    Mahmod, Ramlan
    Rohmad, Mohd Saufy
    Hamzah, Abdul Hafiz
    Hamzah, Meor Mohd Azreen Meor
    Mazalan, Lucyantie
    Othman, Hanunah
    Adnan, Lukman
    INTERNATIONAL SYMPOSIUM ON ROBOTICS AND INTELLIGENT SENSORS 2012 (IRIS 2012), 2012, 41 : 480 - 485
  • [3] Architecture for Wide Area Appliance Management
    Koike, Arata
    Ishibashi, Ryota
    SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING 2015, 2016, 612 : 143 - 157
  • [4] An architecture for wide area network load balancing
    He, JS
    ICC 2000: IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, CONFERENCE RECORD, VOLS 1-3: GLOBAL CONVERGENCE THROUGH COMMUNICATIONS, 2000, : 1169 - 1173
  • [5] Security aspects of an enterprise-wide network architecture
    Loew, R
    Stengel, I
    Bleimann, U
    McDonald, A
    INTERNET RESEARCH-ELECTRONIC NETWORKING APPLICATIONS AND POLICY, 1999, 9 (01): : 8 - 15
  • [6] Analysis of Wide Area Network Security Technology System
    Luo, Yiyue
    PROCEEDINGS OF THE 2017 5TH INTERNATIONAL CONFERENCE ON MECHATRONICS, MATERIALS, CHEMISTRY AND COMPUTER ENGINEERING (ICMMCCE 2017), 2017, 141 : 204 - 208
  • [7] A security design for a wide-area distributed system
    Leiwo, J
    Hänle, C
    Homburg, P
    Gamage, C
    Tanenbaum, AS
    INFORMATION SECURITY AND CRYPTOLOGY - ICISC'99, 2000, 1787 : 236 - 256
  • [8] Wide-Area Frequency Security Event Detection
    Lai, Chao-Yuan
    Liu, Chih-Wen
    Chao, Chia-Cheng
    2017 INTERNATIONAL CONFERENCE ON HIGH VOLTAGE ENGINEERING AND POWER SYSTEMS (ICHVEPS), 2017, : 414 - 417
  • [9] Security Challenges for Wide Area Monitoring in Smart Grids
    Zseby, T.
    Fabini, J.
    ELEKTROTECHNIK UND INFORMATIONSTECHNIK, 2014, 131 (03): : 105 - 111
  • [10] Security architecture for field area networks connected to Internet
    Gordeev, M
    FIELDBUS TECHNOLOGY: SYSTEMS INTEGRATION, NETWORKING, AND ENGINEERING, 1999, : 69 - 75
12345