Skip to main content
SpringerLink
Log in

An Architecture for Secure Wide-Area Service Discovery

  • Published:
Wireless Networks Aims and scope Submit manuscript

Abstract

The widespread deployment of inexpensive communications technology, computational resources in the networking infrastructure, and network-enabled end devices poses an interesting problem for end users: how to locate a particular network service or device out of hundreds of thousands of accessible services and devices. This paper presents the architecture and implementation of a secure wide-area Service Discovery Service (SDS). Service providers use the SDS to advertise descriptions of available or already running services, while clients use the SDS to compose complex queries for locating these services. Service descriptions and queries use the eXtensible Markup Language (XML) to encode such factors as cost, performance, location, and device- or service-specific capabilities. The SDS provides a fault-tolerant, incrementally scalable service for locating services in the wide-area. Security is a core component of the SDS: communications are both encrypted and authenticated where necessary, and the system uses a hybrid access control list and capability system to control access to service information. Wide-area query routing is also a core component of the SDS: all information in the system is potentially reachable by all clients.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. E. Amir, S. McCanne and R. Katz, An active services framework and its application to real-time multimedia transcoding, in: Proceedings of SIGCOMM'98 (1998).

  2. T. Anderson, D. Patterson, D. Culler and the NOW Team, A case for networks of workstations: NOW, IEEE Micro (February 1995).

  3. B. Bloom, Space/time tradeoffs in hash coding with allowable errors, Communications of the ACM 13(7) (July 1970) 422–426.

    Google Scholar 

  4. T. Bray, J. Paoli and C.M. Sperberg-McQueen, eXtensible Markup Language (XML), W3C Recommendation (February 1998) http: //www.w3.org/XML

  5. Y. Chawathe, S. McCanne and E. Brewer, An architecture for Internet content distribution as an infrastructure service (February 2000) http://www.cs.berkeley.edu/~yatin/papers/

  6. I. Clarke, O. Sandberg, B. Wiley and T.W. Hong, Freenet: A distributed anonymous information storage and retrieval system, in: ICSI Workshop on Design Issues in Anonymity and Unobservability (July 2000).

  7. Clip 2 Distributed Search Solutions, Bandwidth barriers to Gnutella network scalability, http://dss.clip2.com/dss_barrier.html

  8. C. Davis, P. Vixie, T. Goodwin and I. Dickinson, A means for expressing location information in the domain name system, IETF, RFC-1876 (January 1996).

  9. S. Deering, Host extensions for IP multicasting, IETF, RFC-1112, SRI International, Menlo Park, CA (August 1989).

    Google Scholar 

  10. S.E. Deering, Multicast routing in a datagram internetwork, PhD thesis, Stanford University (1991).

  11. A. Deutsch et al., XML-QL: A query language for XML (August 1998) http://www.w3.org/TR/1998/NOTE-xml-ql-19980819/

  12. C. Diot, B.N. Levine, B. Lyles, H. Kassem and D. Balensiefen, Deployment issues for the IP multicast service and architecture, IEEE Network, Special Issue on Multicasting (January/February 2000).

  13. P. Faltstrom, R. Schoultz and C. Weider, How to interact with a WHOIS++ mesh, IETF, RFC-1914 (1995).

  14. L. Fan, P. Cao, J. Almeida and A. Broder, Summary cache: A scalable wide-area Web cache sharing protocol, in: Proceedings of SIGCOMM'98 (1998).

  15. L. Fan, P. Cao, J. Almeida and A. Broder, Summary cache: A scalable wide-area Web cache sharing protocol, Technical report 1361, Computer Sciences Department, University of Wisconsin-Madison (February 1999).

  16. S. Fanning, Napster, http://www.napster.com

  17. A. Fox, S.D. Gribble, Y. Chawathe, E.A. Brewer and P. Gauthier, Cluster-based scalable network services, in: Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles, Vol. 16, Saint-Malo, France (ACM, October 1997).

  18. J. Frankel and T. Pepper, Gnutella, http://gnutella.wego.com

  19. S. Gribble, M. Welsh et al., The Ninja architecture for robust Internet-scale systems and services, Special Issue of Computer Networks on Pervasive Computing (2001) http://ninja.cs.berkeley.edu

  20. E. Guttman and J. Kempf, Automatic discovery of thin servers: SLP, Jini and the SLP-Jini bridge, in: Proceedings of the 25th Annual Conference of the IEEE Industrial Electronics Society (1999) pp. 722–727.

  21. E. Guttman, C. Perkins, J. Veizades and M. Day, Service Location Protocol, Version 2, IETF, RFC 2165 (November 1998).

  22. M. Handley and V. Jacobson, SDP: Session Description Protocol, IETF, RFC-2327 (1998).

  23. T. Hodes and R.H. Katz, Composable ad hoc location-based services for heterogeneous mobile clients, Wireless Networks 5(5), Special Issue on Mobile Computing: Selected Papers from MobiCom'97 (October 1999) 411–427.

    Google Scholar 

  24. T. Imielinski and S. Goel, DataSpace – querying and monitoring deeply networked collections in physical space, IEEE Personal Communications Magazine (October 2000).

  25. R. Jain and Y. Lin, An auxiliary user location strategy employing forwarding pointers to reduce network impact of PCS, Wireless Networks 1(2) (July 1995) 197–210.

    Google Scholar 

  26. D.R. Karger et al., Consistent hashing and random trees: Distributed caching protocols for relieving hot spots on the World Wide Web, in: Proceedings of STOC'97 (1997) pp. 654–663.

  27. D. Kossmann, M. Franklin and G. Drasch, Cache investment: Integrating query optimization and dynamic data placement, ACM Transactions on Database Systems (December 2000).

  28. J. Kubiatowicz et al., OceanStore: An architecture for global-scale persistent storage, in: Proceeedings of the Ninth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2000) (November 2000).

  29. B. Levine, S. Paul and J. Garcia-Luna-Aceves, Organizing multicast receivers deterministically according to packet-loss correlation, in: Proceedings of ACM Multimedia'98 (September 1998).

  30. M.P. Maher and C. Perkins, Session Announcement Protocol: Version 2, IETF Internet Draft (November 1998) draft-ietf-mmusic-sap-v2-00.txt

  31. J. McQuillan, I. Richer and E. Rosen, The new routing algorithm for the ARPANET, IEEE Transactions on Communications 28(5) (May 1980) 711–719.

    Google Scholar 

  32. P.V. Mockapetris and K. Dunlap, Development of the domain name system, in: Proceedings of SIGCOMM'88 (August 1988).

  33. C. Perkins et al., IP Mobility Support, IETF, RFC 2002 (October 1996).

  34. R. Raman, M. Livny and M. Solomon, Matchmaking: Distributed resource management for high throughput computing, in: Proceedings of the Seventh IEEE International Symposium on High Performance Distributed Computing (July 1998).

  35. S. Raman and S. McCanne, A model, analysis, and protocol framework for soft state-based communication, in: Proceedings of ACM SIGCOMM'99 (September 1999).

  36. S. Ratnasamy, P. Francis, M. Handley, R. Karp and S. Schenker, A scalable content-addressable network, in: Proceedings of SIGCOMM (ACM, August 2001).

  37. S. Ratnasamy and S. McCanne, Inference of multicast routing trees and bottleneck bandwidths using end-to-end measurements, in: Proceedings of INFOCOM'99 (March 1999).

  38. J. Ritter, Why Gnutella can't scale. No, really, http://www.darkridge.com/~jpr5/doc/gnutella.html

  39. J. Robie, J. Lapp and D. Schach, XML query language (XQL), in: QL'98 – The Query Languages Workshop (W3C, December 1998) http://www.w3.org/TandS/QL/QL98/pp/xql.html

  40. J. Rosenberg, H. Schulzrinne and B. Suter, Wide area network service location, IETF Draft, Request for Comments (RFC) (December 1997) draft-ietf-svrloc-wasrv-01.txt

  41. A. Rousskov and D. Wessels, Cache digests, in: Proceedings of the Third International Web Caching Workshop (June 1998).

  42. B. Schneier, Applied Cryptography, 1st ed. (Wiley, 1993).

  43. B. Schneier, Description of a new variable-length key, 64-bit block cipher (Blowfish), in: Fast Software Encryption, Cambridge Security Workshop Proceedings (Springer-Verlag, December 1993) pp. 191–204.

  44. M. Schroeder, A. Birrell, Jr., and R. Needham, Experience with Grapevine: the growth of a distributed system, ACM Transactions on Computer Systems 2(1) (February 1984) 3–23.

    Google Scholar 

  45. H. Schulzrinne, S. Casner, R. Frederick and V. Jacobson, RTP: A transport protocol for real-time applications, IETF, RFC 1889 (January 1996).

  46. S. Seshan, M. Stemm and R.H. Katz, SPAND: Shared passive network performance discovery, in: 1st Usenix Symposium on Internet Technologies and Systems (USITS'97), Monterey, CA (December 1997).

  47. I. Stoica, R. Morris, D. Karger, F. Kaashoek and H. Balakrishnan, Chord: A peer-to-peer lookup service for Internet applications, in: Proc. ACM SIGCOMM 2001 (September 2001).

  48. Sun Microsystems, Jini technology specifications, White paper, http://www.sun.com/jini/specs/

  49. M. van Steen, F. Hauck, P. Homburg and A. Tanenbaum, Locating objects in wide-area systems, IEEE Communications Magazine (January 1998) 104–109.

  50. J. Waldo, The Jini Architecture for network-centric computing, Communications of the ACM (July 1999) 76–82.

  51. M. Weiser, The computer for the 21st century, Scientific American 265(3) (September 1991) 94–104.

    Google Scholar 

  52. M. Welsh, Ninja RMI, http://www.cs.berkeley.edu/~mdw/proj/ninja/ninjarmi.html

  53. D. Wessels and K. Claffy, ICP and the squid Web cache, IEEE Journal on Selected Areas in Communications 16(3) (April 1998) 345–357.

    Google Scholar 

  54. L. Wood, V. Apparao et al., Document Object Model Level 1 specification, W3C DOM working group (October 1998) http://www.w3c.org/DOM/

  55. B. Zhao, XSet, http://www.cs.berkeley.edu/~ravenben/ xset/

  56. B.Y. Zhao, J.D. Kubiatowicz and A.D. Joseph, Tapestry: An infrastructure for fault-tolerant wide-area location and routing, Technical report UCB/CSD-01-1141, University of California at Berkeley, Computer Science Division (April 2001).

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Division, University of California, Berkeley, USA

    Todd D. Hodes, Steven E. Czerwinski, Ben Y. Zhao, Anthony D. Joseph & Randy H. Katz

Authors
  1. Todd D. Hodes
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Steven E. Czerwinski
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ben Y. Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Anthony D. Joseph
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Randy H. Katz
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Hodes, T.D., Czerwinski, S.E., Zhao, B.Y. et al. An Architecture for Secure Wide-Area Service Discovery. Wireless Networks 8, 213–230 (2002). https://doi.org/10.1023/A:1013772027164

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1013772027164

Search

Navigation