Integrating Security in a Large Distributed System

120Citations
Citations of this article
69Readers
Mendeley users who have this article in their library.

Abstract

Andrew is a distributed computing environment that is a synthesis of the personal computing and timesharing paradigms. When mature, it is expected to encompass over 5,000 workstations spanning the Carnegie Mellon University campus. This paper examines the security issues that arise in such an environment and describes the mechanisms that have been developed to address them. These mechanisms include the logical and physical separation of servers and clients, support for secure communication at the remote procedure call level, a distributed authentication service, a file-protection scheme that combines access lists with UNIX mode bits, and the use of encryption as a basic building block. The paper also discusses the assumptions underlying security in Andrew and analyzes the vulnerability of the system. Usage experience reveals that resource control, particularly of workstation CPU cycles, is more important than originally anticipated and that the mechanisms available to address this issue are rudimentary. © 1989, ACM. All rights reserved.

Cite

CITATION STYLE

APA

Satyanarayanan, M. (1989). Integrating Security in a Large Distributed System. ACM Transactions on Computer Systems (TOCS), 7(3), 247–280. https://doi.org/10.1145/65000.65002

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free