Dynamic Authentication for High-Performance Networked Applications

Thumbnail Image
Schneck, Phyllis Adele
Schwan, Karsten
Associated Organizations
Organizational Unit
Supplementary to
Both government and business are increasingly interested in addressing the growing threats imposed by the lack of adequate information security. Consistent with these efforts, our work focuses on the integrity and protection of information exchanged in high-performance networked computing applications such as video teleconferencing and other streamed interactive data exchanges. For these applications, security procedures are often omitted in the interest of performance. Since this may not be acceptable when using public communications media, our research makes explicit and then utilizes the inherent tradeoffs in realizing performance vs. security in communications. In this paper, we expand the notion of QoS to include the level of security that can be offered within performance and CPU resource availability constraints. To address performance and security tradeoffs in asymmetric and dynamic client-server environments, we developed Authenticast, a dynamically configurable, user-level communications protocol, offering variable levels of security throughout execution. The Authenticast protocol comprises a suite of heuristics to realize dynamic security levels, as well as heuristics that decide when and how to apply dynamic security. To demonstrate this protocol, we have implemented a prototype of a high performance privacy system. We have developed and experimented with a novel security control abstraction with which tradeoffs in security vs. performance may be made explicit and then utilized with dynamic client-server asymmetries. This abstraction is called a security thermostat [12], and interacts directly with Authenticast to enable adaptive security processing. Our results demonstrate overall increased scalability and improved performance when adaptive security is applied to the client-server platform with varying numbers of clients and varying resource availabilities at clients.
Date Issued
301585 bytes
Resource Type
Resource Subtype
Technical Report
Rights Statement
Rights URI