Password-based protection of clustered segments in distributed memory systems

With reference to a distributed system consisting of nodes connected by a local area network, we consider the problems related to the distribution, verification, review and revocation of access permissions. We propose the organization of a protection system that takes advantage of a form of protecte...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of parallel and distributed computing Jg. 115; S. 29 - 40
1. Verfasser: Lopriore, Lanfranco
Format: Journal Article
Sprache:Englisch
Veröffentlicht: Elsevier Inc 01.05.2018
Schlagworte:
Access right
Distributed system
Parametric one-way function
Protection
Revocation
Segment
Access right
Distributed system
Protection
Segment
Parametric one-way function
Revocation
ISSN:0743-7315, 1096-0848
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Abstract With reference to a distributed system consisting of nodes connected by a local area network, we consider the problems related to the distribution, verification, review and revocation of access permissions. We propose the organization of a protection system that takes advantage of a form of protected pointer, the handle, to reference clusters of segments allocated in the same node. A handle is expressed in terms of a selector and a password. The selector specifies the segments, the password specifies an access right, read or write. Two primary passwords are associated with each cluster, corresponding to an access permission for all the segments in that cluster. A handle weakening algorithm takes advantage of a parametric one-way function to generate secondary passwords corresponding to less segments. A small set of protection primitives makes it possible to allocate and delete segments in active clusters, and to use handles to access remote segments both to read and to write. The resulting protection environment is evaluated from a number of viewpoints, which include handle forging, review and revocation, the memory costs for handle storage, the execution times for handle validation and the network traffic generated by the execution of the protection primitives. An indication of the flexibility of the handle concept is given by applying handles to the solution of a variety of protection problems. •We refer to a distributed system consisting of nodes connected by a local area network.•We consider the distribution, verification, review and revocation of access permissions.•A form of protected pointer, the handle, is used to reference clusters of memory segments allocated in the same node.•A handle referencing a given cluster includes a password and a selector of the segments in that cluster.•We take advantage of a parametric one-way function for password generation.
AbstractList With reference to a distributed system consisting of nodes connected by a local area network, we consider the problems related to the distribution, verification, review and revocation of access permissions. We propose the organization of a protection system that takes advantage of a form of protected pointer, the handle, to reference clusters of segments allocated in the same node. A handle is expressed in terms of a selector and a password. The selector specifies the segments, the password specifies an access right, read or write. Two primary passwords are associated with each cluster, corresponding to an access permission for all the segments in that cluster. A handle weakening algorithm takes advantage of a parametric one-way function to generate secondary passwords corresponding to less segments. A small set of protection primitives makes it possible to allocate and delete segments in active clusters, and to use handles to access remote segments both to read and to write. The resulting protection environment is evaluated from a number of viewpoints, which include handle forging, review and revocation, the memory costs for handle storage, the execution times for handle validation and the network traffic generated by the execution of the protection primitives. An indication of the flexibility of the handle concept is given by applying handles to the solution of a variety of protection problems. •We refer to a distributed system consisting of nodes connected by a local area network.•We consider the distribution, verification, review and revocation of access permissions.•A form of protected pointer, the handle, is used to reference clusters of memory segments allocated in the same node.•A handle referencing a given cluster includes a password and a selector of the segments in that cluster.•We take advantage of a parametric one-way function for password generation.
Author Lopriore, Lanfranco
Author_xml – sequence: 1
  givenname: Lanfranco
  surname: Lopriore
  fullname: Lopriore, Lanfranco
  email: lanfranco.lopriore@unipi.it
  organization: Dipartimento di Ingegneria dell’Informazione, Università di Pisa, via G. Caruso 16, 56126 Pisa, Italy
BookMark eNp9kE1LAzEQhoMo2Fb_gKf9A7tOkv0EL1L8gooe9Bx2k4lk6W5KJlX6702pZ08DL_MM7zxLdj77GRm74VBw4PXtWIw7owsBvC2AFwDyjC04dHUObdmeswU0pcwbyatLtiQaATivmnbBXt97oh8fTD70hCbbBR9RR-fnzNtMb_cUMaSc8GvCOVLm5sw4isEN-5jyCScfDhkd0t5EV-zC9lvC67-5Yp-PDx_r53zz9vSyvt_kWnRVzPtalAC6tXwQUiLa1gAOXeoLkhtTitrytgZrOxDYNGhFaauqbkqLve2aTq6YON3VwRMFtGoX3NSHg-KgjkLUqI5C1FGIAq6SkATdnSBMzb4dBkXa4azRuJBeVsa7__BfE9ls5A
Cites_doi 10.1002/(SICI)1097-024X(19980725)28:9<901::AID-SPE181>3.0.CO;2-7
10.1145/208639.208641
10.1016/j.cose.2016.08.005
10.1145/964750.801834
10.1109/MSECP.2003.1236236
10.1002/spe.513
10.1109/35.312842
10.1016/0020-0190(88)90099-3
10.1109/PROC.1975.9939
10.1093/comjnl/bxr107
10.1145/635508.605429
10.1109/TMM.2003.813279
10.1145/195470.195579
10.1109/MM.2004.2
10.1145/346152.346191
10.1093/comjnl/bxm124
10.1145/141937.141969
10.1093/comjnl/bxt131
10.1145/358790.358797
10.1093/comjnl/bxu125
10.1109/TSE.1979.230193
ContentType Journal Article
Copyright 2018 Elsevier Inc.
Copyright_xml – notice: 2018 Elsevier Inc.
DBID AAYXX
CITATION
DOI 10.1016/j.jpdc.2018.01.003
DatabaseName CrossRef
DatabaseTitle CrossRef
DatabaseTitleList
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISSN 1096-0848
EndPage 40
ExternalDocumentID 10_1016_j_jpdc_2018_01_003
S0743731518300169
GroupedDBID --K
--M
-~X
.~1
0R~
1B1
1~.
1~5
29L
4.4
457
4G.
5GY
5VS
7-5
71M
8P~
9JN
AACTN
AAEDT
AAEDW
AAIAV
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAQXK
AAXUO
AAYFN
ABBOA
ABEFU
ABFNM
ABFSI
ABJNI
ABMAC
ABTAH
ABXDB
ABYKQ
ACDAQ
ACGFS
ACNNM
ACRLP
ACZNC
ADBBV
ADEZE
ADFGL
ADHUB
ADJOM
ADMUD
ADTZH
AEBSH
AECPX
AEKER
AENEX
AFKWA
AFTJW
AGHFR
AGUBO
AGYEJ
AHHHB
AHJVU
AHZHX
AIALX
AIEXJ
AIKHN
AITUG
AJBFU
AJOXV
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
ASPBG
AVWKF
AXJTR
AZFZN
BJAXD
BKOJK
BLXMC
CAG
COF
CS3
DM4
DU5
E.L
EBS
EFBJH
EFLBG
EJD
EO8
EO9
EP2
EP3
F5P
FDB
FEDTE
FGOYB
FIRID
FNPLU
FYGXN
G-2
G-Q
G8K
GBLVA
GBOLZ
HLZ
HVGLF
HZ~
H~9
IHE
J1W
JJJVA
K-O
KOM
LG5
LG9
LY7
M41
MO0
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
P2P
PC.
Q38
R2-
RIG
ROL
RPZ
SBC
SDF
SDG
SDP
SES
SET
SEW
SPC
SPCBC
SST
SSV
SSZ
T5K
TN5
TWZ
WUQ
XJT
XOL
XPP
ZMT
ZU3
ZY4
~G-
~G0
9DU
AATTM
AAXKI
AAYWO
AAYXX
ABDPE
ABWVN
ACLOT
ACRPL
ACVFH
ADCNI
ADNMO
ADVLN
AEIPS
AEUPX
AFJKZ
AFPUW
AGQPQ
AIGII
AIIUN
AKBMS
AKRWK
AKYEP
ANKPU
APXCP
CITATION
EFKBS
~HD
ID FETCH-LOGICAL-c295t-a62400c8f1b233eef8d0eb9109031dd426f1860ff902e77ef24f55674feaf9793
ISICitedReferencesCount 0
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000427809200003&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN 0743-7315
IngestDate Sat Nov 29 07:18:43 EST 2025
Fri Feb 23 02:31:22 EST 2024
IsDoiOpenAccess false
IsOpenAccess true
IsPeerReviewed true
IsScholarly true
Keywords Access right
Distributed system
Protection
Segment
Parametric one-way function
Revocation
Language English
LinkModel OpenURL
MergedId FETCHMERGED-LOGICAL-c295t-a62400c8f1b233eef8d0eb9109031dd426f1860ff902e77ef24f55674feaf9793
OpenAccessLink http://hdl.handle.net/11568/910347
PageCount 12
ParticipantIDs crossref_primary_10_1016_j_jpdc_2018_01_003
elsevier_sciencedirect_doi_10_1016_j_jpdc_2018_01_003
PublicationCentury 2000
PublicationDate May 2018
2018-05-00
PublicationDateYYYYMMDD 2018-05-01
PublicationDate_xml – month: 05
  year: 2018
  text: May 2018
PublicationDecade 2010
PublicationTitle Journal of parallel and distributed computing
PublicationYear 2018
Publisher Elsevier Inc
Publisher_xml – name: Elsevier Inc
References Lopriore (b18) 2015; 58
Saltzer, Schroeder (b23) 1975; 63
Trappe, Song, Poovendran, Liu (b30) 2003; 5
Heiser, Elphinstone, Vochteloo, Russell, Liedtke (b10) 1998; 28
Stamp (b29) 2011
Leung, Miller (b14) 2006
Witchel, Cates, Asanović (b33) 2002; 36
Levy (b15) 1984
Carter, Keckler, Dally (b1) 1994; 29
Klein, Elphinstone, Heiser, Andronick, Cock, Derrin, Elkaduwe, Engelhardt, Kolanski, Norrish (b12) 2009
Lamport (b13) 1981; 24
Gehringer (b7) 1979
Woodruff, Watson, Chisnall, Moore, Anderson, Davis, Laurie, Neumann, Norton, Roe (b34) 2014
Gligor (b8) 1979; SE-5
Grove, Murray, Owen, North, Jones, Beaumont, Hopkin (b9) 2007
Zhang, Li, Nalla (b35) 2005
Lopriore (b17) 2015; 58
Samarati, De Capitani Di Vimercati (b24) 2001
Lopriore (b19) 2016; 62
Sandhu (b25) 1988; 27
Castro, Pose, Kopp (b2) 2008; 51
Houdek, Soltis, Hoffman (b11) 1981
Lopriore (b16) 2012; 55
Sandhu, Samarati (b26) 1994; 32
Schneider (b27) 2003; 1
Shapiro, Smith, Farber (b28) 2000; 34
De Capitani di Vimercati, Paraboschi, Samarati (b4) 2003; 33
Wilkes (b32) 1982; 10
Meyer (b20) 2004; 24
England (b6) 1974
Newby, Grove, Murray, Owen, McCarthy, North (b22) 2015
Mossop, Pose (b21) 2006
Watson, Woodruff, Neumann, Moore, Anderson, Chisnall (b31) 2015
Chase, Levy, Lazowska, Baker-Harvey (b3) 1992; 27
de Vivo, de Vivo, Gonzalez (b5) 1995; 30
Wilkes (10.1016/j.jpdc.2018.01.003_b32) 1982; 10
Samarati (10.1016/j.jpdc.2018.01.003_b24) 2001
Houdek (10.1016/j.jpdc.2018.01.003_b11) 1981
Newby (10.1016/j.jpdc.2018.01.003_b22) 2015
Schneider (10.1016/j.jpdc.2018.01.003_b27) 2003; 1
Trappe (10.1016/j.jpdc.2018.01.003_b30) 2003; 5
Watson (10.1016/j.jpdc.2018.01.003_b31) 2015
Chase (10.1016/j.jpdc.2018.01.003_b3) 1992; 27
Carter (10.1016/j.jpdc.2018.01.003_b1) 1994; 29
England (10.1016/j.jpdc.2018.01.003_b6) 1974
Saltzer (10.1016/j.jpdc.2018.01.003_b23) 1975; 63
Stamp (10.1016/j.jpdc.2018.01.003_b29) 2011
Zhang (10.1016/j.jpdc.2018.01.003_b35) 2005
Lopriore (10.1016/j.jpdc.2018.01.003_b16) 2012; 55
Gehringer (10.1016/j.jpdc.2018.01.003_b7) 1979
De Capitani di Vimercati (10.1016/j.jpdc.2018.01.003_b4) 2003; 33
Lamport (10.1016/j.jpdc.2018.01.003_b13) 1981; 24
Lopriore (10.1016/j.jpdc.2018.01.003_b18) 2015; 58
Sandhu (10.1016/j.jpdc.2018.01.003_b25) 1988; 27
Gligor (10.1016/j.jpdc.2018.01.003_b8) 1979; SE-5
Mossop (10.1016/j.jpdc.2018.01.003_b21) 2006
Meyer (10.1016/j.jpdc.2018.01.003_b20) 2004; 24
Shapiro (10.1016/j.jpdc.2018.01.003_b28) 2000; 34
Leung (10.1016/j.jpdc.2018.01.003_b14) 2006
Witchel (10.1016/j.jpdc.2018.01.003_b33) 2002; 36
Woodruff (10.1016/j.jpdc.2018.01.003_b34) 2014
Grove (10.1016/j.jpdc.2018.01.003_b9) 2007
Heiser (10.1016/j.jpdc.2018.01.003_b10) 1998; 28
Lopriore (10.1016/j.jpdc.2018.01.003_b19) 2016; 62
Sandhu (10.1016/j.jpdc.2018.01.003_b26) 1994; 32
Castro (10.1016/j.jpdc.2018.01.003_b2) 2008; 51
de Vivo (10.1016/j.jpdc.2018.01.003_b5) 1995; 30
Levy (10.1016/j.jpdc.2018.01.003_b15) 1984
Klein (10.1016/j.jpdc.2018.01.003_b12) 2009
Lopriore (10.1016/j.jpdc.2018.01.003_b17) 2015; 58
References_xml – start-page: 359
  year: 2005
  end-page: 363
  ident: b35
  article-title: An attribute-based access matrix model
  publication-title: Proceedings of the 2005 ACM Symposium on Applied Computing
– volume: 58
  start-page: 782
  year: 2015
  end-page: 791
  ident: b17
  article-title: Password capabilities revisited
  publication-title: Comput. J.
– volume: 10
  start-page: 107
  year: 1982
  end-page: 116
  ident: b32
  article-title: Hardware support for memory protection: capability implementations
  publication-title: ACM SIGARCH Comput. Archit. News
– volume: 30
  start-page: 29
  year: 1995
  end-page: 36
  ident: b5
  article-title: A brief essay on capabilities
  publication-title: ACM Sigplan Not.
– volume: 34
  start-page: 170
  year: 2000
  end-page: 185
  ident: b28
  article-title: EROS: a fast capability system
  publication-title: ACM SIGOPS Oper. Syst. Rev.
– volume: 24
  start-page: 46
  year: 2004
  end-page: 55
  ident: b20
  article-title: A novel processor architecture with exact tag-free pointers
  publication-title: IEEE Micro
– start-page: 25
  year: 2015
  end-page: 34
  ident: b22
  article-title: Annex: a middleware for constructing high-assurance software systems
  publication-title: Proceedings of the 13th Australasian Information Security Conference
– start-page: 137
  year: 2001
  end-page: 196
  ident: b24
  article-title: Access control: policies, models, and mechanisms
  publication-title: Foundations of Security Analysis and Design
– start-page: 341
  year: 2007
  end-page: 352
  ident: b9
  article-title: An overview of the Annex system
  publication-title: Proceedings of the Twenty-Third Annual Computer Security Applications Conference
– year: 2015
  ident: b31
  article-title: CHERI: a hybrid capability-system architecture for scalable software compartmentalization
  publication-title: Proceedings of the 36th IEEE Symposium on Security and Privacy
– volume: 51
  start-page: 595
  year: 2008
  end-page: 607
  ident: b2
  article-title: Password-capabilities and the Walnut kernel
  publication-title: Comput. J.
– volume: 29
  start-page: 319
  year: 1994
  end-page: 327
  ident: b1
  article-title: Hardware support for fast capability-based addressing
  publication-title: ACM Sigplan Not.
– volume: 24
  start-page: 770
  year: 1981
  end-page: 772
  ident: b13
  article-title: Password authentication with insecure communication
  publication-title: Commun. ACM
– volume: 33
  start-page: 397
  year: 2003
  end-page: 421
  ident: b4
  article-title: Access control: principles and solutions
  publication-title: Softw - Pract. Exp.
– volume: 32
  start-page: 40
  year: 1994
  end-page: 48
  ident: b26
  article-title: Access control: principles and practice
  publication-title: IEEE Commun. Mag.
– volume: 1
  start-page: 55
  year: 2003
  end-page: 59
  ident: b27
  article-title: Least privilege and more
  publication-title: IEEE Secur. Privacy
– volume: SE-5
  start-page: 575
  year: 1979
  end-page: 586
  ident: b8
  article-title: Review and revocation of access privileges distributed through capabilities
  publication-title: IEEE Trans. Softw. Eng.
– volume: 28
  start-page: 901
  year: 1998
  end-page: 928
  ident: b10
  article-title: The Mungi single-address-space operating system
  publication-title: Softw. Pract. Exp.
– start-page: 207
  year: 2009
  end-page: 220
  ident: b12
  article-title: SeL4: Formal verification of an OS Kernel
  publication-title: Proceedings of the 22nd ACM Symposium on Operating Systems Principles
– volume: 55
  start-page: 497
  year: 2012
  end-page: 507
  ident: b16
  article-title: Encrypted pointers in protection system design
  publication-title: Comput. J.
– start-page: 63
  year: 1974
  end-page: 82
  ident: b6
  article-title: Capability concept mechanism and structure in System 250
  publication-title: Proceedings of the International Workshop on Protection in Operating Systems
– volume: 27
  start-page: 397
  year: 1992
  end-page: 413
  ident: b3
  article-title: Lightweight shared objects in a 64-bit operating system
  publication-title: ACM Sigplan Not.
– start-page: 131
  year: 1979
  end-page: 142
  ident: b7
  article-title: Variable-length capabilities as a solution to the small-object problem
  publication-title: Proceedings of the Seventh ACM Symposium on Operating Systems Principles
– volume: 63
  start-page: 1278
  year: 1975
  end-page: 1308
  ident: b23
  article-title: The protection of information in computer systems
  publication-title: Proc. IEEE
– start-page: 517
  year: 2006
  end-page: 526
  ident: b21
  article-title: Information leakage and capability forgery in a capability-based operating system kernel
  publication-title: Proceedings of the OTM Confederated International Conferences “on the Move To Meaningful Internet Systems”
– year: 1984
  ident: b15
  article-title: Capability-Based Computer Systems
– volume: 27
  start-page: 95
  year: 1988
  end-page: 98
  ident: b25
  article-title: Cryptographic implementation of a tree hierarchy for access control
  publication-title: Inform. Process. Lett.
– volume: 36
  start-page: 304
  year: 2002
  end-page: 316
  ident: b33
  article-title: Mondrian memory protection
  publication-title: Oper. Syst. Rev.
– start-page: 341
  year: 1981
  end-page: 348
  ident: b11
  article-title: IBM System/38 support for capability-based addressing
  publication-title: Proceedings of the 8th Annual Symposium on Computer Architecture
– start-page: 29
  year: 2006
  end-page: 40
  ident: b14
  article-title: Scalable security for large, high performance storage systems
  publication-title: Proceedings of the Second ACM Workshop on Storage Security and Survivability
– year: 2011
  ident: b29
  article-title: Information Security: Principles and Practice
– volume: 5
  start-page: 544
  year: 2003
  end-page: 557
  ident: b30
  article-title: Key management and distribution for secure multimedia multicast
  publication-title: IEEE Trans. Multimedia
– start-page: 457
  year: 2014
  end-page: 468
  ident: b34
  article-title: The CHERI capability model: revisiting RISC in an age of risk
  publication-title: Proceedings of the 41st ACM/IEEE International Symposium on Computer Architecture
– volume: 58
  start-page: 2557
  year: 2015
  end-page: 2566
  ident: b18
  article-title: Password management: distribution, review and revocation
  publication-title: Comput. J.
– volume: 62
  start-page: 317
  year: 2016
  end-page: 327
  ident: b19
  article-title: Access control lists in password capability environments
  publication-title: Comput. Secur.
– volume: 28
  start-page: 901
  issue: 9
  year: 1998
  ident: 10.1016/j.jpdc.2018.01.003_b10
  article-title: The Mungi single-address-space operating system
  publication-title: Softw. Pract. Exp.
  doi: 10.1002/(SICI)1097-024X(19980725)28:9<901::AID-SPE181>3.0.CO;2-7
– year: 2011
  ident: 10.1016/j.jpdc.2018.01.003_b29
– volume: 30
  start-page: 29
  issue: 7
  year: 1995
  ident: 10.1016/j.jpdc.2018.01.003_b5
  article-title: A brief essay on capabilities
  publication-title: ACM Sigplan Not.
  doi: 10.1145/208639.208641
– start-page: 207
  year: 2009
  ident: 10.1016/j.jpdc.2018.01.003_b12
  article-title: SeL4: Formal verification of an OS Kernel
– start-page: 29
  year: 2006
  ident: 10.1016/j.jpdc.2018.01.003_b14
  article-title: Scalable security for large, high performance storage systems
– volume: 62
  start-page: 317
  year: 2016
  ident: 10.1016/j.jpdc.2018.01.003_b19
  article-title: Access control lists in password capability environments
  publication-title: Comput. Secur.
  doi: 10.1016/j.cose.2016.08.005
– volume: 10
  start-page: 107
  issue: 2
  year: 1982
  ident: 10.1016/j.jpdc.2018.01.003_b32
  article-title: Hardware support for memory protection: capability implementations
  publication-title: ACM SIGARCH Comput. Archit. News
  doi: 10.1145/964750.801834
– volume: 1
  start-page: 55
  issue: 5
  year: 2003
  ident: 10.1016/j.jpdc.2018.01.003_b27
  article-title: Least privilege and more
  publication-title: IEEE Secur. Privacy
  doi: 10.1109/MSECP.2003.1236236
– volume: 33
  start-page: 397
  issue: 5
  year: 2003
  ident: 10.1016/j.jpdc.2018.01.003_b4
  article-title: Access control: principles and solutions
  publication-title: Softw - Pract. Exp.
  doi: 10.1002/spe.513
– year: 2015
  ident: 10.1016/j.jpdc.2018.01.003_b31
  article-title: CHERI: a hybrid capability-system architecture for scalable software compartmentalization
– volume: 32
  start-page: 40
  issue: 9
  year: 1994
  ident: 10.1016/j.jpdc.2018.01.003_b26
  article-title: Access control: principles and practice
  publication-title: IEEE Commun. Mag.
  doi: 10.1109/35.312842
– start-page: 131
  year: 1979
  ident: 10.1016/j.jpdc.2018.01.003_b7
  article-title: Variable-length capabilities as a solution to the small-object problem
– volume: 27
  start-page: 95
  issue: 2
  year: 1988
  ident: 10.1016/j.jpdc.2018.01.003_b25
  article-title: Cryptographic implementation of a tree hierarchy for access control
  publication-title: Inform. Process. Lett.
  doi: 10.1016/0020-0190(88)90099-3
– volume: 63
  start-page: 1278
  issue: 9
  year: 1975
  ident: 10.1016/j.jpdc.2018.01.003_b23
  article-title: The protection of information in computer systems
  publication-title: Proc. IEEE
  doi: 10.1109/PROC.1975.9939
– volume: 55
  start-page: 497
  issue: 4
  year: 2012
  ident: 10.1016/j.jpdc.2018.01.003_b16
  article-title: Encrypted pointers in protection system design
  publication-title: Comput. J.
  doi: 10.1093/comjnl/bxr107
– volume: 36
  start-page: 304
  issue: 5
  year: 2002
  ident: 10.1016/j.jpdc.2018.01.003_b33
  article-title: Mondrian memory protection
  publication-title: Oper. Syst. Rev.
  doi: 10.1145/635508.605429
– volume: 5
  start-page: 544
  issue: 4
  year: 2003
  ident: 10.1016/j.jpdc.2018.01.003_b30
  article-title: Key management and distribution for secure multimedia multicast
  publication-title: IEEE Trans. Multimedia
  doi: 10.1109/TMM.2003.813279
– volume: 29
  start-page: 319
  issue: 11
  year: 1994
  ident: 10.1016/j.jpdc.2018.01.003_b1
  article-title: Hardware support for fast capability-based addressing
  publication-title: ACM Sigplan Not.
  doi: 10.1145/195470.195579
– year: 1984
  ident: 10.1016/j.jpdc.2018.01.003_b15
– volume: 24
  start-page: 46
  issue: 3
  year: 2004
  ident: 10.1016/j.jpdc.2018.01.003_b20
  article-title: A novel processor architecture with exact tag-free pointers
  publication-title: IEEE Micro
  doi: 10.1109/MM.2004.2
– start-page: 63
  year: 1974
  ident: 10.1016/j.jpdc.2018.01.003_b6
  article-title: Capability concept mechanism and structure in System 250
– start-page: 25
  year: 2015
  ident: 10.1016/j.jpdc.2018.01.003_b22
  article-title: Annex: a middleware for constructing high-assurance software systems
– volume: 34
  start-page: 170
  issue: 2
  year: 2000
  ident: 10.1016/j.jpdc.2018.01.003_b28
  article-title: EROS: a fast capability system
  publication-title: ACM SIGOPS Oper. Syst. Rev.
  doi: 10.1145/346152.346191
– start-page: 457
  year: 2014
  ident: 10.1016/j.jpdc.2018.01.003_b34
  article-title: The CHERI capability model: revisiting RISC in an age of risk
– volume: 51
  start-page: 595
  issue: 5
  year: 2008
  ident: 10.1016/j.jpdc.2018.01.003_b2
  article-title: Password-capabilities and the Walnut kernel
  publication-title: Comput. J.
  doi: 10.1093/comjnl/bxm124
– volume: 27
  start-page: 397
  issue: 10
  year: 1992
  ident: 10.1016/j.jpdc.2018.01.003_b3
  article-title: Lightweight shared objects in a 64-bit operating system
  publication-title: ACM Sigplan Not.
  doi: 10.1145/141937.141969
– start-page: 137
  year: 2001
  ident: 10.1016/j.jpdc.2018.01.003_b24
  article-title: Access control: policies, models, and mechanisms
– volume: 58
  start-page: 782
  issue: 4
  year: 2015
  ident: 10.1016/j.jpdc.2018.01.003_b17
  article-title: Password capabilities revisited
  publication-title: Comput. J.
  doi: 10.1093/comjnl/bxt131
– start-page: 517
  year: 2006
  ident: 10.1016/j.jpdc.2018.01.003_b21
  article-title: Information leakage and capability forgery in a capability-based operating system kernel
– start-page: 341
  year: 2007
  ident: 10.1016/j.jpdc.2018.01.003_b9
  article-title: An overview of the Annex system
– start-page: 359
  year: 2005
  ident: 10.1016/j.jpdc.2018.01.003_b35
  article-title: An attribute-based access matrix model
– volume: 24
  start-page: 770
  issue: 11
  year: 1981
  ident: 10.1016/j.jpdc.2018.01.003_b13
  article-title: Password authentication with insecure communication
  publication-title: Commun. ACM
  doi: 10.1145/358790.358797
– volume: 58
  start-page: 2557
  issue: 10
  year: 2015
  ident: 10.1016/j.jpdc.2018.01.003_b18
  article-title: Password management: distribution, review and revocation
  publication-title: Comput. J.
  doi: 10.1093/comjnl/bxu125
– start-page: 341
  year: 1981
  ident: 10.1016/j.jpdc.2018.01.003_b11
  article-title: IBM System/38 support for capability-based addressing
– volume: SE-5
  start-page: 575
  issue: 6
  year: 1979
  ident: 10.1016/j.jpdc.2018.01.003_b8
  article-title: Review and revocation of access privileges distributed through capabilities
  publication-title: IEEE Trans. Softw. Eng.
  doi: 10.1109/TSE.1979.230193
SSID ssj0011578
Score 2.1699893
Snippet With reference to a distributed system consisting of nodes connected by a local area network, we consider the problems related to the distribution,...
SourceID crossref
elsevier
SourceType Index Database
Publisher
StartPage 29
SubjectTerms Access right
Distributed system
Parametric one-way function
Protection
Revocation
Segment
Title Password-based protection of clustered segments in distributed memory systems
URI https://dx.doi.org/10.1016/j.jpdc.2018.01.003
Volume 115
WOSCitedRecordID wos000427809200003&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVESC
  databaseName: Elsevier SD Freedom Collection Journals 2021
  customDbUrl:
  eissn: 1096-0848
  dateEnd: 99991231
  omitProxy: false
  ssIdentifier: ssj0011578
  issn: 0743-7315
  databaseCode: AIEXJ
  dateStart: 19950101
  isFulltext: true
  titleUrlDefault: https://www.sciencedirect.com
  providerName: Elsevier
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV3fa9swEBZduoe9tFu7sf7Y0MPehossW5b0WEpKN9ZSaAd5M44sjYTMCUn667_vnSU77raWrbAXY0SUiLvz6bPy3XeEfCoTU0DaR-lLqaNUJDYqmOARN6kSXBseF6ZuNiHPztRgoM-DoMKibicgq0rd3urZf3U1jIGzsXT2H9zdfikMwD04Ha7gdrj-lePPAQ7fwCtlhBsUigDUQgwBF5rJFSojwPjC_vDVbUiHRfVcbHwF4z-RensXFJ4Xj2BXFAyfTKyXGejONnWTiGY7RKLPdDYfBS7vt6Jy2Mdj2j1qiNWK2OfPv5oamAcUzVrkVCa-KPPA-jTKkNqsvIZmm2fDR0Km1J091ys2_ZbN_cHC-GA8K1FtMla1wipLVntXyyi8wGXgKiBFIYzVL8g6l0JDols__NIffG3_WoqF356bZYdKKk_6-_WX_oxWOgjk8jXZCOanh97lb8iarbbIZtOWg4YsvU1OH0YAXUUAnTraRgBtIoCOKtrxIfURQEMEvCXfj_uXRydR6JoRGa7FMioypAUb5eIhTxJrnSqZHWok4CZxWQIic7HKmHOacSuldTx1QmQydbZwGtL1O9KrppV9T2imjAYAbGWasdRKMWRcW2cKeJCH8CJR7JDPjXXymRdHyRvW4DhHW-Zoy5zFKEG7Q0RjwDzAOw_bcvD3E_N2nzlvj7xaBfE-6S3nV_YDeWmul6PF_GMIi3uy7Xdo
linkProvider Elsevier
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Password-based+protection+of+clustered+segments+in+distributed+memory+systems&rft.jtitle=Journal+of+parallel+and+distributed+computing&rft.au=Lopriore%2C+Lanfranco&rft.date=2018-05-01&rft.pub=Elsevier+Inc&rft.issn=0743-7315&rft.eissn=1096-0848&rft.volume=115&rft.spage=29&rft.epage=40&rft_id=info:doi/10.1016%2Fj.jpdc.2018.01.003&rft.externalDocID=S0743731518300169
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0743-7315&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0743-7315&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0743-7315&client=summon