SOMA Protection of Hosts (1)

The definition of different SOMA locality abstractions allows to enforce layered security policies: the domain defines a global security policy that imposes general rules; each place can apply restrictions to the domain-level set of permissions (see Figure 1). SOMA protects hosts against potentially malicious agents by supporting agent authentication and authorization at both domain and place level.

Agent Authentication. Agents are authenticated on the basis of their credentials. Credentials are a series of unforgeable information containing the names of the originating domain and place, the name and the role of the principal the agent acts on behalf of. The integration of a full Entrust Public Key Infrastructure within SOMA permits to provide an automatic and transparent key/credential management.

Figure 1. SOMA authentication and authorization.
(click here for a larger view of the picture)



Page updated on	In case of problems, or if you find any bug, please contact us.	previous security page	next security page	back to main page