Cryptographic Access Control in Remote Procedure Call



AbstractTraditional access control models which rely on a centralized reference monitor are not well suited for large-scale distributed systems. Cryptographic access control is a decentralized model, where access control is enforced solely based on possession of cryptographic keys. By including this access control scheme directly at the inter-process communication level, a distributed system can be created, where the con dentiality and integrity of all communication is built in by default, and where only authorized nodes are granted access to the system's assets.

This thesis therefore investigates the possibilities of incorporating the cryptographic access control model into the Remote Procedure Call (RPC) protocol. RPC is an inter-process communication paradigm that seeks to allow a program residing on one machine to call functions on another machine in a way similar to making a local function call. We design and implement a prototype RPC library based on the original Sun Microsystems RPC implementation. This includes extending the RPCgen code generation tool to be compatible with the new RPC library. We also look at alternatives to the port mapping system used by RPC to locate resources on a server.
KeywordsCryptography, cryptographic access control, inter-process communication, remote procedure call, security
TypeMaster's thesis [Academic thesis]
Year2005
PublisherInformatics and Mathematical Modelling, Technical University of Denmark, DTU
AddressRichard Petersens Plads, Building 321, DK-2800 Kgs. Lyngby
SeriesIMM-Thesis-2005-17
NoteSupervised by associate professor Christian D. Jensen.
Electronic version(s)[pdf] [ps]
BibTeX data [bibtex]
IMM Group(s)Computer Science & Engineering