Design and implementation of a secure wide-area object middleware

摘要

Wide-area service replication is becoming increasingly common, with the emergence of new operational models such as content delivery networks and computational grids. This paper describes the security architecture for Globe, an object-based middleware specifically designed to support dynamic replication of services over wide-area networks. Replication introduces a series of new security issues, including the need to restrict replica privileges with respect to method execution, and protection of distributed objects against malicious hosts running instances of their code. Our modular security design addresses these new threats, as well as a broad range of traditional ones, and is validated through a series of performance measurements. Additional contributions include a novel authentication mechanism specifically designed for wide-area deployment, which combines some of the best features of public key authentication protocols (reliance on an offline trusted third party in particular) with the computational efficiency characteristic to symmetric key schemes.