Differential Data Protection for Dynamic Distributed Applications
Patrick Widener, and Karsten Schwan and Fabián E. Bustamante
In Proc. of the 19th Annual Computer Security Applications Conference, December 2003.
College of Computing
Georgia Institute of Technology
Atlanta, GA 30332, USA
This email address is being protected from spambots. You need JavaScript enabled to view it.
, This email address is being protected from spambots. You need JavaScript enabled to view it.
, This email address is being protected from spambots. You need JavaScript enabled to view it.
Abstract
We present a mechanism for providing differential data protection to publish/subscribe distributed systems, such as those used in peer-to-peer computing, grid environments, and others. This mechamism, termed "security overlays," incorporates credential-based communication channel creation, subscription and extension. We describe a conceptual model of publish/subscribe services that is made concrete by our mechanism. We also present an application, Active Video Streams, whose reimplementation using security overlays allows it to react to high-level security policies specified in XML without significant performance loss or the necessity for embedding policy-specific code into the application.