7th European Symposium on Research in Computer Security (ESORICS 2002)
Authentication for Distributed Web Caches
James Giles, Reiner Sailer, Dinesh Verma, Suresh Chari
Keywords : security, authentication, cookies, distributed applications, CDN
Abstract : We consider the problem of offloading secure access-controlled content from central origin servers to distributed caches so clients can access a proximal cache rather than the origin servers. Our security architecture enforces the access-control policies of the origin server without replicating the access-control databases to each of the caches. We describe the security mechanisms to affect such a system and perform an extensive security analysis of our implementation. Our system is an example of how less trustworthy systems can be integrated into a distributed system architecture; it provides mechanisms to preserve the whole distributed system security even in case less trustworthy subsystems are compromised. An application of our system is the cached distribution of access-controlled contents such as subscription-based electronic libraries.
Proceedings table of contents