A Security Infrastructure for Mobile Transactional Systems

Abstract

In this paper, we present an infrastructure for providing secure transactional replication support for peer-to-peer, decentralized databases. We first describe how to effectively provide protection against external threats, malicious actions by servers not authorized to access data, using conventional cryp-tography-based mechanisms. We then classify and present algorithms that provide protection against internal threats, malicious actions by authenticated servers that misrepresent protocol-specific infor-mation. Our approach to handling internal threats uses both cryptographic techniques and modifica-tions to the update commit criteria. The techniques we propose are unique in that they not only enable a tradeoff between performance and the degree of tolerance to malicious servers, but also allow for indi-vidual servers to support non-uniform degrees of tolerance without adversely affecting the performance of the rest of the system. We investigate the cost of our security mechanisms in the context of Deno: a prototype object replica-tion system designed for use in mobile and weakly-connected environments. Experimental results reveal that protecting against internal threats comes at a cost, but the marginal cost for protecting against larger cliques of malicious insiders is generally low. Furthermore, comparison with a decentralized Read-One Write-All protocol shows that our approach performs significantly better under various workloads. (Also cross-referenced as UMIACS-TR-2000-59)