Chapter 2 places our security-related work into a broader context. The chapter also provides an introduction to security problems found in distributed systems and gives an orientation on some of the building blocks used to address these problems. The chapter is intended to present the necessary foundations for what follows.
Chapters 3, 4, and 5 constitute the main body of our work. These chapters are relatively self-contained and can be read independently of each other.
Chapter 3 contains the object-oriented distributed system architecture. The architecture in this chapter provides an infrastructure for the information flow represented by the arrows in figure 1.1.
The role-description framework can be used to provide some of the security and information services indicated in figure 1.1. The framework is described in chapter 4.
Chapter 5 reports on our work to modify an NFS server to use role-based access control information. The work we present is focused on the server component of figure 1.1.
Chapters 4 and 5 are both slightly modified and extended versions of work we have presented and published earlier [GS96,GDS97].
Chapters 6 and 7 are provided to give the interested reader further background material. Chapter 6 revisits much of what is introduced in chapter 2, but presents a more thorough introduction to computer security. To provide a picture of the current state of the art, chapter 7 contains a survey of existing architectures and systems designed to provide security in distributed environments.
Chapter 8 concludes the thesis by presenting a summary of our main results and by discussing future work.