USENIX 2004 Annual Technical Conference, General Track Abstract
Pp. 199212 of the Proceedings
REX: Secure, Extensible Remote Execution
Michael Kaminsky and Eric Peterson, MIT; Daniel B. Giffin, NYU; Kevin
Fu, MIT; David Mazières, NYU; M. Frans Kaashoek, MIT
Abstract
The ubiquitous SSH package has demonstrated the importance of secure
remote login and execution. As remote execution tools grow in
popularity, users require new features and extensions, which are
difficult to add to existing systems. REX is a remote execution
utility with a novel architecture specifically designed for
extensibility as well as security and transparent connection
persistence in the face of network complexities such as NAT and
dynamic IP addresses. To achieve extensibility, REX bases much of its
functionality on a single new abstraction--emulated file
descriptor passing across machines. This abstraction is powerful
enough for users to extend REX's functionality in many ways without
changing the core software or protocol.
REX addresses security in two ways. First, the implementation
internally leverages file descriptor passing to split the server into
several smaller programs, reducing both privileged and remotely
exploitable code. Second, REX selectively delegates authority to
processes running on remote machines that need to access other
resources. The delegation mechanism lets users incrementally
construct trust policies for remote machines. Finally, REX provides
mechanisms for accessing servers without globally routable IP
addresses, and for resuming sessions when a TCP connection aborts or
an endpoint's IP address changes. Measurements of the system
demonstrate that REX's architecture does not come at the cost of
performance.
- View the full text of this paper in HTML and PDF.
The Proceedings are published as a collective work, © 2004 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
|