A Security Infrastructure for Mobile Transactional Systems
Files
Publication or External Link
Date
Advisor
Citation
DRUM DOI
Abstract
In this paper, we present an infrastructure for providing secure transactional replication support for peer-to-peer, decentralized databases. We first describe how to effectively provide protection against external threats, malicious actions by servers not authorized to access data, using conventional cryp-tography-based mechanisms. We then classify and present algorithms that provide protection against internal threats, malicious actions by authenticated servers that misrepresent protocol-specific infor-mation. Our approach to handling internal threats uses both cryptographic techniques and modifica-tions to the update commit criteria. The techniques we propose are unique in that they not only enable a tradeoff between performance and the degree of tolerance to malicious servers, but also allow for indi-vidual servers to support non-uniform degrees of tolerance without adversely affecting the performance of the rest of the system. We investigate the cost of our security mechanisms in the context of Deno: a prototype object replica-tion system designed for use in mobile and weakly-connected environments. Experimental results reveal that protecting against internal threats comes at a cost, but the marginal cost for protecting against larger cliques of malicious insiders is generally low. Furthermore, comparison with a decentralized Read-One Write-All protocol shows that our approach performs significantly better under various workloads. (Also cross-referenced as UMIACS-TR-2000-59)