The growing popularity of network-based services and peer-to-peer
networks has resulted in situations where components of a distributed
application often need to execute in environments that are only partly
trusted by the application's owner.
Such deployment into partial or unstable trust environments
exacerbates the classical problems of distributing decomposable
services: authentication and access control, trust management, secure
communication, code distribution and installation, and process rights
management. Unfortunately, the application developer's burden of
coping with these latter issues often dominates the benefits of
The DisCo infrastructure is specifically targeted to the
development of systems and services deployed into coalition
environments: networks of users and hosts administered by multiple
authorities with changing trust relationships.
The DisCo infrastructure provides application-neutral support for the
classical problems of distributed services, thereby relieving the
developer of the burden of independently managing these
features. DisCo also includes support for continuously monitoring
established connections, enabling corrective action from an
application to cope with changing trust relationships.
Our experience with building a secure video distribution service using
the DisCo toolkit indicates that the latter permits distributed secure
deployment into a partly trusted environment with minimal application
developer effort, affording the advantages of natural expression and
convenient deployment without compromising on efficiency.