Authentication is the secure network architecture mechanism by which a pair of suspicious principals communicating over presumably unsecure channels assure themselves that each is that whom it claims to be. The Xerox Network Systems architecture proposes one such authentication scheme. This thesis examines the system consequences of the XNS model's unique proxy variant, by which a principal may temporarily commission a second network entity to assume its identity as a means of authority transfer. Specific attendant system failure modes are highlighted. The student's associated original contributions include proposed model revisions which rectify authentication shortfalls yet facilitate the temporal authority transfer motivating the proxy model. Consistent with the acknowledgement that no single solution is defensible as best under circumstances of such technical and administrative complexity, three viable such architectures are specified. Finally, the demand for a disciplined agent management mechanism within a distributed system such as XNS is resoundingly affirmed in the course of these first-order pursuits.
Library of Congress Subject Headings
XNS (Computer network architecture); Operating systems (Computers); Computer network architectures; Computer networks--Security measures; Electronic data processing--Distributed processing
Department, Program, or Center
Computer Science (GCCIS)
Wing, Peter D., "Enhancements to the XNS authentication-by-proxy model" (1990). Thesis. Rochester Institute of Technology. Accessed from
RIT – Main Campus