An Architecture for Secure Wide-Area Service Discovery
Todd D. Hodes
Steven E. Czerwinski
Ben Y. Zhao
Anthony D. Joseph
Randy H. Katz
Journal on Wireless Networks
March 2002, Vol. 8, No. 2-3, Pgs. 213-230.
Published by the ACM and Baltzer Publishers
[Full Text in GZIP PS Format, 131KB]
[Full Text in PDF Format, 156KB]
Paper Abstract
The widespread deployment of inexpensive communications technology,
computational resources in the networking infrastructure, and network-enabled
end devices poses a problem for end users: how to locate a particular network
service or device out of those accessible. This paper presents the architecture
and implementation of a secure wide-area Service Discovery Service (SDS).
Service providers use the SDS to advertise descriptions of available or
already running services, while clients use the SDS to compose complex
queries for locating these services. Service descriptions and queries use
the eXtensible Markup Language (XML) to encode such factors as cost, performance,
location, and device- or service-specific capabilities. The SDS provides
a fault-tolerant, incrementally scalable service for locating services
in the wide-area. Security is a core component of the SDS: communications
are both encrypted and authenticated where necessary, and the system uses
a hybrid access control list and capability system to control access to
service information. Wide-area query routing is also a core component of
the SDS: all information in the system is potentially reachable by all
clients.