3 research outputs found
Dynamic management of computation and communication resources to enable secure high-performances applications
Ph.D.Karsten Schwa
Dynamic Authentication for High-Performance Networked Applications
Both government and business are increasingly interested in addressing
the growing threats imposed by the lack of adequate information
security. Consistent with these efforts, our work focuses on the
integrity and protection of information exchanged in high-performance
networked computing applications such as video teleconferencing and
other streamed interactive data exchanges. For these applications,
security procedures are often omitted in the interest of performance.
Since this may not be acceptable when using public communications
media, our research makes explicit and then utilizes the inherent
tradeoffs in realizing performance vs. security in communications. In
this paper, we expand the notion of QoS to include the level of
security that can be offered within performance and CPU resource
availability constraints. To address performance and security
tradeoffs in asymmetric and dynamic client-server environments, we
developed Authenticast, a dynamically configurable, user-level
communications protocol, offering variable levels of security
throughout execution. The Authenticast protocol comprises a suite of
heuristics to realize dynamic security levels, as well as heuristics
that decide when and how to apply dynamic security.
To demonstrate this protocol, we have implemented a prototype of a
high performance privacy system. We have developed and experimented
with a novel security control abstraction with which tradeoffs in
security vs. performance may be made explicit and then utilized with
dynamic client-server asymmetries. This abstraction is called a
security thermostat [12], and interacts directly with
Authenticast to enable adaptive security processing. Our results
demonstrate overall increased scalability and improved performance
when adaptive security is applied to the client-server platform with
varying numbers of clients and varying resource availabilities at
clients
Authenticast: An Adaptive Protocol for High-Performance, Secure Network Applications
A primary obstacle in the path to successful commercial Internet utilization
is the lack of adequate security. Strong security algorithms create
tremendous processing overheads and are often omitted in the interest of
application performance. If electronic commerce applications are to
succeed, then they cannot compromise performance or security. We present
Authenticast, an adaptive, user-level authenticated transmission protocol to
facilitate a resource utilization balance which enables the existence of
high-performance applications with sufficient security to be executed over a
public communications medium. Our solution comprises the following
contributions:
We present the addition of a security allocation parameter, securityLevel,
to the Quality of Service (QoS) specification.
We introduce the concept of the Security Thermostat to depict Authenticast's
dynamic runtime modification of securityLevel based on user requirements or
desires.
We present the design and implementation of the Authenticast protocol to
interface with the "thermostat" concept and facilitate parameter changes
during application execution