imported>Cornmazes at 22:17, 18 March 2024

2024-03-18T22:17:59Z

New page

{{Short description|Computer security architecture}}
'''Distributed System Security Architecture''' or (DSSA) is a [[computer security]] architecture that provides a suite of [[subroutine|functions]] including login, authentication, and [[access control]] in a [[distributed system]]. To differ from other similar architectures, the DSSA architecture offers the ability to access all these functions without the trusted [[Server (computing)|server]] (known as a [[certificate authority]]) being active.

In DSSA, security objects are handled by owners and access is controlled by the central, universally trusted, certificate authority.

== DSSA/SPX ==
DSSA/SPX is the [[authentication protocol]] of DSSA. The CDC is a [[Public key certificate|certificate]] granting server while the certificate is a ticket signed by CA which contains the public key of the party being certified. Since the CDC is merely distributing previously signed certificates, it is not necessary for it to be trusted.

<math>A \to CDC\colon B</math>

<math>CDC \to A\colon \operatorname{certificate}(B, CA)</math>

<math>A \to B\colon A, \{T_A, A\}K_{AB}, \{L, A, P'_A\}S_A, \{\{K_{AB}\}P_B\}S'_A</math>

<math>B \to CDC\colon A</math>

<math>CDC \to B\colon \operatorname{certificate}(A, CA)</math>

<math>B \to A\colon \{T_A + 1\}K_{AB} </math>

== External links ==
* [https://web.archive.org/web/20060502050726/http://www.pasta.cs.uit.no/thesis/html/ronnya/node43.html Tromsø University]
* [http://citeseer.ist.psu.edu/gasser89digital.html Gasser (1989)]

[[Category:Cryptographic protocols]]

Distributed System Security Architecture - Revision history

imported>Cornmazes at 22:17, 18 March 2024