An Architecture for a Secure Service Discovery Service
Steven E. Czerwinski
Ben Y. Zhao
Todd D. Hodes
Anthony D. Joseph
Randy H. Katz
Fifth Annual International Conference
on Mobile Computing and Networks (MobiCom 1999)
[Full Text in GZIP PS Format, 91KB]
[Full Text in PDF Format, 296KB]
[Talk Slides in PDF, 52KB]
Paper Abstract
The widespread deployment of inexpensive communications technology,
computational resources in the networking infrastructure, and network-enabled
end devices poses an interesting problem for end users: how to locate a
particular network service or device out of hundreds of thousands of accessible
services and devices. This paper presents the architecture and implementation
of a secure Service Discovery Service (SDS). Service providers use the
SDS to advertise complex descriptions of available or already running services,
while clients use the SDS to compose complex queries for locating these
services. Service descriptions and queries use the eXtensible Markup Language
(XML) to encode such factors as cost, performance, location, and device-
or service-specific capabilities. The SDS provides a highly-available,
fault-tolerant, incrementally scalable service for locating services in
the wide-area. Security is a core component of the SDS and, where necessary,
communications are both encrypted and authenticated. Furthermore, the SDS
uses an hybrid access control list and capability system to control access
to service information.