A Security Infrastructure for Mobile Transactional Systems

View/ Open
Date
2000-07-11Author
Keleher, Peter J.
Bhattacharjee, Bobby
Kuo, Kuo-Tung
Cetintemel, Ugur
Metadata
Show full item recordAbstract
In this paper, we present an infrastructure for providing secure
transactional support for mobile databases. Our infrastructure protects
against external threats - malicious actions by nodes not authorized to
access the data. The major contribution of this paper, however, is to
classify and present algorithms to protect against internal security
threats. Internal threats are malicious ac-tions by authenticated nodes
that misrepresent protocol specific information. We quantify the cost of
our security mechanisms in context of Deno: a system that supports object
replication in a transactional framework for mobile and weakly-connected
environments.
Our results show that protecting against internal threats comes at a cost,
but the marginal cost for protecting against larger cliques of malicious
insiders is low. However, even with all the security mechanisms in place,
our system commits updates over 50% faster than systems that depend on the
Read-once Write-all commit protocol. Lastly, we present results from a
probabilistic version of our algorithm that has several orders of magnitude
lower computation cost than the traditional public-key based schemes.
(Also cross-referenced as UMIACS-TR-2000-19)