[2224] in Info-AFS_Redistribution
Re: New solution for inter-cell authentication
daemon@ATHENA.MIT.EDU (Pau-Chen Cheng)
Thu Dec 2 12:11:44 1993
Date: Thu, 2 Dec 1993 09:55:10 -0500
From: pau@watson.ibm.com (Pau-Chen Cheng)
To: vv@hplb.hpl.hp.com
Cc: dce-tech@osf.org, dme-dce-security@osf.org, handel@watson.ibm.com,
> From: Vijay Varadharajan <vv@hplb.hpl.hp.com>
> Message-Id: <9312021222.AA22687@otter.hpl.hp.com>
> Subject: Re: New solution for inter-cell authentication
> To: pau@watson.ibm.com (Pau-Chen Cheng) (Pau-Chen Cheng)
> Date: Thu, 2 Dec 93 12:22:39 GMT
> Cc: vv@hplb.hpl.hp.com, dme-dce-security@osf.org, dce-tech@osf.org
> In-Reply-To: <9312012110.AA100561@yktpub.watson.ibm.com>; from "Pau-Chen Cheng" at Dec 1, 93 4:10 pm
> Mailer: Elm [revision: 66.25]
>
> The general case that we need to consider is when there is no
> imposed relationship between cells, i.e we have a federated
> distributed system. The general cases you mention are instances
> of this one.
Vijay, thank you.
Point 1 in my mail actually means this case. The solution I and Shyh-Wei
are working on is designed to cover this case. There may be many different
relations among cells. For inter-cell authentication, I think the one
relation to consider is a cell's trust on other cells' authentication
of foreign principals.
Regards, Pau-Chen
>
> I believe that this is an important issue that needs to be
> properly addressed.
>
> Vijay Varadharajan
>
|>
|> No solution is provided for the more general cases :
|>
|> 1. when there are no implied trust relation among cells,
|>
|> 2. when the cells are not arranged in hierarchies, or
|>
|> 3. when a client needs to traverse more than two independent organizations
|> to authenticate itself to a server (the O(M^2) complexity).
|>
|> We think such cases will become more and more common as DCE (or distributed
|> computing in general) gains popularity and as high-speed, high-bandwidth
|> digital network are put in place. Some possible examples are given below.
|> It should be noted that these examples do not assume any hierarchy among
|> cells.
|>
................
|>
|>
|> Pau-Chen Cheng
|> Shyh-Wei Luan
|>
|>
|>
|>
|>
|>
|>
|
|
