Integrating security in a large distributed system
- 1 August 1989
- journal article
- Published by Association for Computing Machinery (ACM) in ACM Transactions on Computer Systems
- Vol. 7 (3), 247-280
- https://doi.org/10.1145/65000.65002
Abstract
Andrew is a distributed computing environment that is a synthesis of the personal computing and timesharing paradigms. When mature, it is expected to encompass over 5,000 workstations spanning the Carnegie Mellon University campus. This paper examines the security issues that arise in such an environment and describes the mechanisms that have been developed to address them. These mechanisms include the logical and physical separation of servers and clients, support for secure communication at the remote procedure call level, a distributed authentication service, a file-protection scheme that combines access lists with UNIX mode bits, and the use of encryption as a basic building block. The paper also discusses the assumptions underlying security in Andrew and analyzes the vulnerability of the system. Usage experience reveals that resource control, particularly of workstation CPU cycles, is more important than originally anticipated and that the mechanisms available to address this issue are rudimentary.Keywords
This publication has 11 references indexed in Scilit:
- Scale and performance in a distributed file systemACM Transactions on Computer Systems, 1988
- File access performance of diskless workstationsACM Transactions on Computer Systems, 1986
- Andrew: a distributed personal computing environmentCommunications of the ACM, 1986
- Secure communication using remote procedure callsACM Transactions on Computer Systems, 1985
- GrapevineCommunications of the ACM, 1982
- Privacy and authentication: An introduction to cryptographyProceedings of the IEEE, 1979
- Using encryption for authentication in large networks of computersCommunications of the ACM, 1978
- Towards the design of secure systemsSoftware: Practice and Experience, 1975
- Protection and the control of information sharing in multicsCommunications of the ACM, 1974
- A note on the confinement problemCommunications of the ACM, 1973