ISBN 978-3-8439-4299-7

978-3-8439-4299-7, Reihe Informatik

Mathias Weber
Access Control for Weakly Consistent Replicated Information Systems

247 Seiten, Dissertation Technische Universität Kaiserslautern (2019), Hardcover, B5

Zusammenfassung / Abstract

Very large information systems containing private data are deployed globally. Access control has the task to impose restrictions on how authenticated users are allowed to interact with this data. Implementing access control correctly for these weakly consistent systems is a challenging task because permission modifications may not become visible together with the data they protect.

Developers are faced with a trade-off between low latency and consistency of the data as shown by the CAP theorem. In geo-distributed systems, developers tend to sacrifice consistency guarantees to get lower latency. As a consequence, the same operations become visible in different order to different servers.

Because of inconsistencies caused by weaker consistency guaranties and concurrent data modifications, the assumptions about correct access control can be violated. The ProPreAC model constrains the consistency of the data store as well as the implementation of the access control system thereby avoiding this type of inconsistencies.

The model can be implemented in an access control system that does not require interaction with remote servers to make access control decisions. An evaluation on Amazon EC2 in a geo-distributed context shows that the overhead of the access control system is independent of the number of and the latency between the data centers.