A Security Infrastructure for Mobile Transactional Systems

In this paper, we present an infrastructure for providing secure transactional support for mobile databases. Our infrastructure protects against external threats — malicious actions by nodes not authorized to access the data. The major contribution of this paper, however, is to classify and present algorithms to protect against internal security threats. Internal threats are malicious actions by authenticated nodes that misrepresent protocol specific information. We quantify the cost of our security mechanisms in context of Deno: a system that supports object replication in a transactional framework for mobile and weakly-connected environments.

[1]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[2]  David K. Gifford,et al.  Weighted voting for replicated data , 1979, SOSP '79.

[3]  Henry F. Korth,et al.  Replication and consistency: being lazy helps sometimes , 1997, PODS.

[4]  Ugur Çetintemel,et al.  Support for speculative update propagation and mobility in Deno , 2001, Proceedings 21st International Conference on Distributed Computing Systems.

[5]  Ugur Çetintemel,et al.  Consistency management in Deno , 2000, Mob. Networks Appl..

[6]  Lorrie Faith Cranor,et al.  Sensus: a security-conscious electronic polling system for the Internet , 1997, Proceedings of the Thirtieth Hawaii International Conference on System Sciences.

[7]  Peter J. Keleher,et al.  Decentralized replicated-object protocols , 1999, PODC '99.

[8]  Michael Stonebraker,et al.  Concurrency Control and Consistency of Multiple Copies of Data in Distributed Ingres , 1979, IEEE Transactions on Software Engineering.

[9]  Rajeev Rastogi,et al.  Update propagation protocols for replicated databates , 1999, SIGMOD '99.

[10]  Narain H. Gehani,et al.  Scalable Update Propagation in Epidemic Replicated Databases , 1996, EDBT.

[11]  Michael K. Reiter,et al.  Secure agreement protocols: reliable and atomic group multicast in rampart , 1994, CCS '94.

[12]  Avishai Wool,et al.  Replication, consistency, and practicality: are these mutually exclusive? , 1998, SIGMOD '98.

[13]  Sushil Jajodia,et al.  Dynamic voting algorithms for maintaining the consistency of a replicated database , 1990, TODS.

[14]  Robert H. Thomas,et al.  A Majority consensus approach to concurrency control for multiple copy databases , 1979, ACM Trans. Database Syst..

[15]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[16]  Yishay Mansour,et al.  On diffusing updates in a Byzantine environment , 1999, Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems.

[17]  Ugur Çetintemel,et al.  Light-weight currency management mechanisms in Deno , 2000, Proceedings Tenth International Workshop on Research Issues in Data Engineering. RIDE 2000.

[18]  Atsushi Fujioka,et al.  A Practical Secret Voting Scheme for Large Scale Elections , 1992, AUSCRYPT.

[19]  Danny Dolev,et al.  Ensemble Security , 1998 .

[20]  Scott Shenker,et al.  Epidemic algorithms for replicated database maintenance , 1988, OPSR.

[21]  Paul M. Bober,et al.  Multiversion Query Locking , 1992, VLDB.

[22]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[23]  Friedemann Mattern,et al.  Virtual Time and Global States of Distributed Systems , 2002 .

[24]  Irene Greif,et al.  Replicated document management in a group communication system , 1988, CSCW '88.

[25]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[26]  Liuba Shrira,et al.  Providing high availability using lazy replication , 1992, TOCS.

[27]  Ashish Goel,et al.  Perspectives on optimistically replicated, peer‐to‐peer filing , 1998, Softw. Pract. Exp..

[28]  Mark Garland Hayden,et al.  The Ensemble System , 1998 .

[29]  Dennis Shasha,et al.  The dangers of replication and a solution , 1996, SIGMOD '96.

[30]  Marvin Theimer,et al.  Managing update conflicts in Bayou, a weakly connected replicated storage system , 1995, SOSP.

[31]  Robbert van Renesse,et al.  Horus: a flexible group communication system , 1996, CACM.

[32]  Amr El Abbadi,et al.  Integrating Security with Fault-Tolerant Distributed Databases , 1990, Comput. J..

[33]  Elisa Bertino,et al.  An advanced commit protocol for MLS distributed database systems , 1996, CCS '96.

[34]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Architecture , 1997, RFC.

[35]  J. Holliday,et al.  Epidemic quorums for managing replicated data , 2000, Conference Proceedings of the 2000 IEEE International Performance, Computing, and Communications Conference (Cat. No.00CH37086).