Performance, Computing, and Communications Conference, 2002. 21st IEEE International (2002)
Phoenix, AZ, USA
Apr. 3, 2002 to Apr. 5, 2002
S. Ngamsuriyaroj , Dept. of Comput. Sci. & Eng., Pennsylvania State Univ., University Park, PA, USA
This work addresses the problem of maintaining the consistency of the security policy in a distributed environment. We consider a system composed of the Security Server and multiple Object Managers running on different machines. The Security Server defines the security policy in a small database and Object Managers enforce the policy replicated on each machine. Thus, the system is modeled as a replicated database. However, unlike a typical replicated database where transient inconsistency is often allowed for better performance, due to the very nature of the security policy database, our goal of consistency is one-copy serializability (1SR). Hence, for security concerns, the requirement for achieving 1SR is unquestionable, while the requirement for good performance is also desirable. This paper investigates an invalidation-based consistency protocol within the scope of the Transactional Consistency Protocol (TCP). We show that the proposed consistency control protocol offers both 1SR consistency and good performance.
A.R. Hurson, T.F. Keefe, S. Ngamsuriyaroj, "Maintaining consistency of the security policy in distributed environment", Performance, Computing, and Communications Conference, 2002. 21st IEEE International, vol. 00, no. , pp. 179-186, 2002, doi:10.1109/IPCCC.2002.995149