Graduate Research Forum Details
mSSL: Securely Sharing Data from a Server among Clients
Author: | Xun Kang |
---|---|
Date: | March 08, 2005 |
Time: | 16:00 |
Location: | 220 Deschutes |
Abstract
Client-server applications often do not scale well when a large number of clients access the service of a single server. To solve this, a new trend of data-sharing applications allows a client to download data from other peer clients, instead of from a server directly. This increases the server's scalability, but it also introduces new security challenges: How can the server ensure access control in this hybrid communication environment that integrates both client-server and peer-to-peer paradigms? How can a client trust the data downloaded from another client? What if a client denies the service it received from others?
In this paper, we present a middleware service, called mSSL, that addresses the security issues in this hybrid environment. In particular, mSSL provides a set of security functions to enable secure sharing of server data among clients and to support applications that sit on top of mSSL. Both conventional security issues such as access control, data integrity, and data confidentiality and new security issues such as proof of service are addressed in this new context. While providing comprehensive security services, our evaluation shows that mSSL has a reasonable overhead.