whostolemyhandle
IS-IT--Management
Does anyone have a concise, clear explanation of polyinstantiation?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Polyinstantiation
- Thread starter whostolemyhandle
- Start date
- Status
I found two different references to polyinstantiation as pertains to security, the first and probably the most common refers to keeping keys in multiple locations
"polyinstantiation: In cryptography, the existence of a cryptographic key in more than one secure physical location. [After X9.49]"
--
An quick and dirty example of polyinstantiation in this vein would be a "shared secret" scheme, as both ends of the encrypted session, must have the same key. Anyone who has connected to a RAS server, at least the older Livingston Portmaster models, has used polyinstantiation, since the Portmaster used a shared secret to communicate with a RADIUS server to authenticate the session, before passing the userid and password to the RADIUS server to authenticate the user.
Polyinstantiation is also referred to in the Database world as:
"Polyinstantiation represents an environment characterized by information stored in more than one location in the database. This permits a security model with multiple levels-of-view and authorization.
The current problem with polyinstantiation is ensuring the integrity of the information in the database. Without an effective method for the simultaneous updating of all occurrences of the same data element - integrity cannot be guaranteed."
--
Hope that helps.
Joe Joseph B. Baugh, PMP, CISSP, CBM, CCNP, CCDP, CCSE, CUE
Network Services Manager, Sierra Southwest Cooperative
"The road goes on forever and the party never ends." -- Joe Ely: Love And Danger, 1993
"polyinstantiation: In cryptography, the existence of a cryptographic key in more than one secure physical location. [After X9.49]"
--
An quick and dirty example of polyinstantiation in this vein would be a "shared secret" scheme, as both ends of the encrypted session, must have the same key. Anyone who has connected to a RAS server, at least the older Livingston Portmaster models, has used polyinstantiation, since the Portmaster used a shared secret to communicate with a RADIUS server to authenticate the session, before passing the userid and password to the RADIUS server to authenticate the user.
Polyinstantiation is also referred to in the Database world as:
"Polyinstantiation represents an environment characterized by information stored in more than one location in the database. This permits a security model with multiple levels-of-view and authorization.
The current problem with polyinstantiation is ensuring the integrity of the information in the database. Without an effective method for the simultaneous updating of all occurrences of the same data element - integrity cannot be guaranteed."
--
Hope that helps.
Joe Joseph B. Baugh, PMP, CISSP, CBM, CCNP, CCDP, CCSE, CUE
Network Services Manager, Sierra Southwest Cooperative
"The road goes on forever and the party never ends." -- Joe Ely: Love And Danger, 1993
- Status