Cooperative secondary authorization recycling

Qiang Wei, Matei Ripeanu, Konstantin Beznosov
2007 Proceedings of the 16th international symposium on High performance distributed computing - HPDC '07  
As distributed applications such as Grid and enterprise systems scale up and become increasingly complex, their authorization infrastructures-based predominantly on the request-response paradigm-are facing the challenges in terms of fragility and poor scalability. We propose an approach where each application server caches previously received authorizations at a secondary decision point (SDP) and shares them with other servers to mask authorization server failures and network delays. The main
more » ... ntribution of this paper is the design of the cooperative secondary authorization recycling (CSAR) system and its evaluation using simulation and prototype implementation. The results demonstrate that our approach improves the availability and the performance of authorization infrastructures. Specifically, by sharing secondary authorizations among SDPs, the cache hit rate-an indirect metric of availability-can reach 70% even when only 10% of authorizations are cached. The performance is also improved, as the average time of authorizing a request to an application is reduced by up to 30%.
doi:10.1145/1272366.1272375 dblp:conf/hpdc/WeiRB07 fatcat:kgl3ndnlpfdrbcxsl7ctzlnwya