Applications based on the distributed request/response computing model are already becoming part of consumers' everyday life. Examples include browsing and sharing content with friends on the Web, home entertainment offered by Digital Living Network Alliance (DLNA)-compliant consumer electronics devices, home automation and webcam applications, and a number of Web Services. Furthermore, the proliferation of new enabling technologies, such as peer-to-peer overlay networks, will enable non-expert consumers to easily create their personal networks of devices and content, and share them with people in their social environment, again using applications based on the distributed request/response model.
As consumers' interaction with distributed systems becomes pervasive, so do the dangers of exposing their resources to malicious attacks and exploits that are already abundant in the Internet. Since most users are non-experts, they are unaware of how their systems operate, existing threats to their systems, and the exact security consequences of their actions. Furthermore, most current security countermeasures require significant expertise (e.g., managing access control lists—ACLs, certificates, encryption keys) and infrastructure (e.g., Certification Authorities, authentication servers) to operate, which makes them non-applicable or non-usable in everyday consumer scenarios. In addition, many of the distributed applications and middleware in use do not implement a security framework at all, often under the assumption that perimeter security (e.g., firewalls) or lower-layer (e.g., link-layer or network-layer) security will protect them from attacks. Consumers are approaching a point of time where large numbers of non-expert users will be able to easily share (and expose to threats) their devices, services, and content over distributed applications that don't implement security or whose security is turned-off or mis-configured.
Clearly, a security framework that would allow non-expert consumers to make intuitive security decisions that protect their resources shared by legacy distributed applications, would be very beneficial.