Advanced Search
CS Search Google Search
Subscribers, please login

Published Articles >> Table of Contents >> Abstract

Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises   p. 269
Design and Implementation of Virtual Private Services
Sotiris Ioannidis, University of Pennsylvania
Steven M. Bellovin, AT&T Labs - Research
John Ioannidis, AT&T Labs - Research
Angelos D. Keromytis, Columbia University
Jonathan M. Smith, University of Pennsylvania
Full Article Text: Download PDF of full textBuy this articleGet full text from IEEE Xplore

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ENABL.2003.1231419
Send link to a friend

Abstract
Large scale distributed applications such as electronic commerce and online marketplaces combine network access with multiple storage and computational elements. The distributed responsibility for resource control creates new security and privacy issues, which are exacerbated by the complexity of the operating environment. In order to handle policies at multiple locations, the usual tools available (firewalls and compartmented file storage) get to be used in ways that are clumsy and prone to failure.
We propose a new approach, virtual private services. Our approach relies on two functional divisions. First, we split policy specification and policy enforcement, providing local autonomy within the constraints of the global security policy. Second, we create virtual security domains, each with its own security policy. Every domain has an associated set of privileges and permissions restricting it to the resources it needs to use and the services it must perform. Virtual private services ensure security and privacy policies are adhered to through coordinated policy enforcement points. We describe our architecture and a prototype implementation, and present a preliminary performance evaluation confirming that our overhead of policy enforcement using is small.
Additional Information

Citation:  Sotiris Ioannidis, Steven M. Bellovin, John Ioannidis, Angelos D. Keromytis, Jonathan M. Smith, "Design and Implementation of Virtual Private Services," wetice, p. 269,  Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises,  2003

Similar Articles

Abstract Contents
Abstract
Citation

Download Citation
Ascii Text
BibTex
RefWorks
Procite/RefMan/Endnote




Free access to

  • Abstracts
  • Selected PDFs

Electronic subscribers login to:

  • Access HTML/PDFs of full text articles

Subscription information

Get a Web account

PDFs require Adobe Acrobat Reader.

Peer Review Notice

Give us Feedback