Design and Implementation of Virtual Private Services

Large scale distributed applications such as electronic commerce and online marketplaces (e.g., auction services) combine network access with multiple storage and computational elements. The distributed responsibility for resource control creates new security and privacy issues, caused by the complexity of the operating environment. In particular, policies at multiple layers and locations force conventional mechanisms such as firewalls and compartmented file storage into roles where they are clumsy and failure-prone. We propose a new approach, virtual private services. Our approach relies on two functional divisions. First, we split policy specification and policy enforcement, providing local autonomy within the constraints of the global security policy. Second, we create virtual security domains each with its own security policy. Every domain has an associated set of privileges and permissions restricting it to the resources it needs to use and the services it must perform. Virtual private services ensure security and privacy policies are adhered to by coordinating policy enforcement points. Our prototype implementation under OpenBSD demonstrates low performance overhead on a variety of latencyand throughput-oriented microand macrobenchmarks.