Physical Sciences and Mathematics Commons^™

A Formal Semantics For Spki, Jon Howell, David Kotz

Dartmouth Scholarship

We extend the logic and semantics of authorization due to Abadi, Lampson, et al. to support restricted delegation. Our formal model provides a simple interpretation for the variety of constructs in the Simple Public Key Infrastructure (SPKI), and lends intuition about possible extensions. We discuss both extensions that our semantics supports and extensions that it cautions against.

End-To-End Authorization, Jon Howell, David Kotz

Dartmouth Scholarship

Many boundaries impede the flow of authorization information, forcing applications that span those boundaries into hop-by-hop approaches to authorization. We present a unified approach to authorization. Our approach allows applications that span administrative, network, abstraction, and protocol boundaries to understand the end-to-end authority that justifies any given request. The resulting distributed systems are more secure and easier to audit. \par We describe boundaries that can interfere with end-to-end authorization, and outline our unified approach. We describe the system we built and the applications we adapted to use our unified authorization system, and measure its costs. We conclude that our system …

Trading Risk In Mobile-Agent Computational Markets, Jonathan Bredin, David Kotz, Daniela Rus

Dartmouth Scholarship

Mobile-agent systems allow user programs to autonomously relocate from one host site to another. This autonomy provides a powerful, flexible architecture on which to build distributed applications. The asynchronous, decentralized nature of mobile-agent systems makes them flexible, but also hinders their deployment. We argue that a market-based approach where agents buy computational resources from their hosts solves many problems faced by mobile-agent systems. \par In our earlier work, we propose a policy for allocating general computational priority among agents posed as a competitive game for which we derive a unique computable Nash equilibrium. Here we improve on our earlier approach …

3d Outside Cell Interference Factor For An Air-Ground Cdma ‘Cellular’ System, David W. Matolak

Faculty Publications

We compute the outside-cell interference factor of a code-division multiple-access (CDMA) system for a three-dimensional (3-D) air-to-ground (AG) "cellular-like" network consisting of a set of uniformly distributed ground base stations and airborne mobile users. The CDMA capacity is roughly inversely proportional to the outside-cell interference factor. It is shown that for the nearly free-space propagation environment of these systems, the outside-cell interference factor can be larger than that for terrestrial propagation models (as expected) and depends approximately logarithmically upon both the cell height and cell radius.

Restricted Delegation: Seamlessly Spanning Administrative Boundaries, Jon Howell, David Kotz

Dartmouth Scholarship

Historically and currently, access control and authentication is managed through ACLs. Examples include:

• the list of users in /etc/password, the NIS passwd map, or an NT domain

• permissions on Unix files or ACLs on NT objects

• a list of known hosts in .ssh/known hosts

• a list of IP addresses in .rhosts (for rsh) or .htaccess (http)

The limitations of ACLs always cause problems when spanning administrative domains (and often even inside administrative domains). The best example is the inability to express transitive sharing. Alice shares read access to object X with Bob (but not access to …

Parallel Computers And Complex Systems, Geoffrey C. Fox, Paul D. Coddington

Northeast Parallel Architecture Center

We present an overview of the state of the art and future trends in high performance parallel and distributed computing, and discuss techniques for using such computers in the simulation of complex problems in computational science. The use of high performance parallel computers can help improve our understanding of complex systems, and the converse is also true — we can apply techniques used for the study of complex systems to improve our understanding of parallel computing. We consider parallel computing as the mapping of one complex system — typically a model of the world — into another complex system — …