A technique for implementing authentication schemes in distributed systems, based on capability list protection mechanisms, is described in this paper. Capabilities are generally supported by the hardware in the network nodes where client authentication is required by a server in order to perform the invoked service correctly. High efficiency can then be achieved by suitably mapping the access list check, required when services are requested by remote users, into a capability list check. This is performed by means of "interlocutor" processes belonging to the node where the service provider resides. In this paper an implementation of the proposed scheme based on the Intel iAPX-432 microprocessor is introduced. The hardware support in the iAPX-432 can be used to enforce object protection as well as to minimize the overhead introduced in checking the client's identity.
Efficient Authentication Mechanisms Using the iAPX-432
A Valenzano
1985
Abstract
A technique for implementing authentication schemes in distributed systems, based on capability list protection mechanisms, is described in this paper. Capabilities are generally supported by the hardware in the network nodes where client authentication is required by a server in order to perform the invoked service correctly. High efficiency can then be achieved by suitably mapping the access list check, required when services are requested by remote users, into a capability list check. This is performed by means of "interlocutor" processes belonging to the node where the service provider resides. In this paper an implementation of the proposed scheme based on the Intel iAPX-432 microprocessor is introduced. The hardware support in the iAPX-432 can be used to enforce object protection as well as to minimize the overhead introduced in checking the client's identity.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
