A Security Infrastructure for Mobile Transactional Systems

View/ Open
Date
2000-08-16Author
Cetintemel, Ugur
Keleher, Peter J.
Bhattacharjee, Bobby
Metadata
Show full item recordAbstract
In this paper, we present an infrastructure for providing secure transactional
replication support for peer-to-peer, decentralized databases. We first
describe how to effectively provide protection against external threats,
malicious actions by servers not authorized to access data, using conventional
cryp-tography-based mechanisms. We then classify and present algorithms that
provide protection against internal threats, malicious actions by authenticated
servers that misrepresent protocol-specific infor-mation. Our approach to
handling internal threats uses both cryptographic techniques and modifica-tions
to the update commit criteria. The techniques we propose are unique in that
they not only enable a tradeoff between performance and the degree of tolerance
to malicious servers, but also allow for indi-vidual servers to support
non-uniform degrees of tolerance without adversely affecting the performance of
the rest of the system.
We investigate the cost of our security mechanisms in the context of Deno: a
prototype object replica-tion system designed for use in mobile and
weakly-connected environments. Experimental results reveal that protecting
against internal threats comes at a cost, but the marginal cost for protecting
against larger cliques of malicious insiders is generally low. Furthermore,
comparison with a decentralized Read-One Write-All protocol shows that our
approach performs significantly better under various workloads.
(Also cross-referenced as UMIACS-TR-2000-59)