Transparent mistrust: OS support for cryptography-in-the-large
Blaze, M.
Workstation Operating Systems, 1993. Proceedings., Fourth Workshop on
Volume , Issue , 14-15 Oct 1993 Page(s):98 - 102
Digital Object Identifier 10.1109/WWOS.1993.348165
Summary:This position paper advocates the development of new mechanisms to
support cooperative computing requiring less than complete trust.
Traditional OS security mechanisms have assumed a monolithic or
hierarchical model for controlling and arbitrating access to local
resources. Operating systems authenticate users as they log in and
enforce controlled access to files, devices and memory. Distributed
systems change the picture somewhat, with less-trusted clients obtaining
some resources from centralized servers, but typically retain some
notion of central authority within a framework of global trust and
control. Boundaries of trust are going to become increasingly important
to future workstation operating systems. Cryptographic algorithms and
protocols can protect these boundaries, but the interfaces to them need
some attention first. Our experiences, which are admittedly within the
research environment, lead us to believe that cryptographic protection
can be quite practical across a variety of layers of the system;
importantly, no one layer emerges as a decisive winner as to where this
protection best belongs. (The application layer, however, does appear to
be the clear loser.)
View citation and abstract |
Cart
