Increasing popularity and diversity of collaborative applications prompts the need for highly secure and reliable communication platforms for dynamic peer groups. Security mechanisms for such groups tend to be both expensive and complex and their integration with reliable group communication services presents a formidable challenge.
This paper discusses some important integration issues, reports on the implementation experience and provides experimental results. Our approach utilizes distributed group key management developed by the Cliques project. We enhance it to handle processor and network faults (under a fail-stop or crash-and-recover model) and asynchronous membership events (such as cascading joins, leaves, merges and network partitions). Our approach leverages the strong properties provided by the Spread group communication system, such as message ordering, clean failure semantics and
a membership service. The result of this work is a secure group communications layer and an API which provide the application programmer both standard group services as well as flexible security services.
Keywords: secure group communication, reliable group communication, dynamic peer groups, group key management, security overhead.
By: Yair Amir, Giuseppe Ateniese, Damian Hasse, Yongdae Kim, Cristina Nita-Rotaru, Theo Schlossnagle, John Schultz, Jonathan Stanton, Gene Tsudik
Published in: Proceedings 20th International Conference on Distributed Computing Systems "ICDCS 2000", , Los Alamitos, IEEE, p.330-43 in 2000
Please obtain a copy of this paper from your local library. IBM cannot distribute this paper externally.
Questions about this service can be mailed to reports@us.ibm.com .