Enhancing survivability of security services using redundancy

Author

Hiltunen, Matti A. ; Schlichting, Richard D. ; Ugarte, Carlos A.

Author_Institution

AT&T Shannon Lab., Florham Park, NJ, USA

fYear

2001

fDate

1-4 July 2001

Firstpage

173

Lastpage

182

Abstract

Traditional distributed system services that provide guarantees related to confidentiality, integrity, and authenticity enhance security, but are not survivable since each attribute is implemented by a single method. This paper advocates the use of redundancy to increase survivability by using multiple methods to implement each security attribute and doing so in ways that can vary unpredictably. As a concrete example, the design and implementation of a highly configurable secure communication service called SecComm are presented. The service has been implemented using Cactus, a system for building highly configurable protocols and services for distributed systems. Initial performance results for a prototype implementation on Linux are also given.

Keywords

distributed processing; fault tolerant computing; redundancy; security of data; telecommunication security; Cactus; Linux; SecComm; authenticity; confidentiality; distributed system services; distributed systems; highly configurable protocols; highly configurable secure communication service; integrity; redundancy; security attribute; security services; survivability; Authentication; Buildings; Communication system security; Concrete; Fault tolerance; Fault tolerant systems; Laboratories; Linux; Protocols; Redundancy;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Systems and Networks, 2001. DSN 2001. International Conference on

Conference_Location

Goteborg, Sweden

Print_ISBN

0-7695-1101-5

Type

conf

DOI

10.1109/DSN.2001.941403

Filename

941403