The goal of the Distributed Sanctuaries project is to support efficient, scalable, secure collaborations for sharing of information and services amongst diverse agents belonging to organizations of a dynamic coalition. Unlike group communication approaches, information sharing between participants is viewed in terms of the direct interaction between delegates representing agents and objects representing services. Our approach relies upon dynamically locating delegate code and service objects close to each other by caching their components on partly-trusted intermediate hosts. Key to this approach are techniques for transitive authentication of agent activities, even when these span multiple distributed hosts, secure execution environments that protect delegate and service components from each other, and fine-grained control of delegate access to services. The resulting infrastructure will allow users of one organization to securely, efficiently, and in a scalable fashion, access data, invoke services, and run computations on computational and information resources belonging to any member organization of the coalition, to the extent permitted by the currently active access constraints, individually specifiable per resource.
The Distributed Sanctuaries project is a collaborative project involving researchers at New York University and Arizona State University.