Domain-based access control for distributed computing systems

Abstract

Advances in communications technology allow the construction of very large distributed computing systems (VLDCSs) containing thousands of computers and spanning several organisational boundaries. Existing management tools and approaches are not appropriate to the size and multiple-organisation nature of these VLDCSs. This paper describes a new approach to the management of VLDCSs based on a domain model. While this model is applicable to most aspects of management, the paper describes an implementation of the domain model for management of access rights. Domains provide a flexible means for specifying access control policies, which reflect organisational structure, and permit secure inter-organisation interactions, while giving users transparent access to resources. The paper describes an implementation of domains in terms of capability-based access rights, which meets the flexibility and security requirements for managing VLDCSs. Security is enhanced by physically preventing programs from directly accessing capabilities.