Flexibly constructing secure groups in Antigone 2.0

Group communication is increasingly used as a low-cost building block for the development of highly available and survivable services in dynamic environments. However, contemporary frameworks often provide limited facilities for the definition and enforcement of precise security policies. This paper presents the Antigone 2.0 framework that allows the flexible specification and enforcement of group security policies. Enforcement is achieved through the policy-directed composition and configuration of sets of basic security services implementing the group. We summarize the design of the Antigone 2.0 architecture, its use and the application programming interface (API). The use of the API is illustrated through two applications built on Antigone: a reliable multicast system and host-level multicast security service. We conclude with a description of the current status and plans for future work.

[1]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[2]  Ian T. Foster,et al.  A security architecture for computational grids , 1998, CCS '98.

[3]  Tatyana Ryutov,et al.  Representation and evaluation of security policies for distributed system services , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[4]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[5]  M. Condell,et al.  Domain based Internet security policy management , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[6]  Frédéric Cuppens,et al.  Analyzing consistency of security policies , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[7]  Mark Handley,et al.  SDP: Session Description Protocol , 1998, RFC.

[8]  Patrick McDaniel,et al.  Secure Distributed Virtual Conferencing: Multicast or Bust , 1999 .

[9]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Specification , 1997, RFC.

[10]  Takeo Hamada,et al.  Policy-based networking architecture for QoS interworking in IP management-scalable architecture for large-scale enterprise-public interoperation , 1999, Integrated Network Management VI. Distributed Management for the Networked Millennium. Proceedings of the Sixth IFIP/IEEE International Symposium on Integrated Network Management. (Cat. No.99EX302).

[11]  Atul Prakash,et al.  Lightweight Failure Detection in Secure Group Communication , 2000 .

[12]  Atul Prakash,et al.  Ismene: Provisioning and Policy Reconciliation in Secure Group Communication , 2000 .

[13]  Joan Feigenbaum,et al.  The KeyNote Trust-Management System Version 2 , 1999, RFC.

[14]  Matti A. Hiltunen,et al.  Coyote: a system for constructing fine-grain configurable communication services , 1998, TOCS.

[15]  Robbert van Renesse,et al.  Horus: a flexible group communication system , 1996, CACM.

[16]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[17]  Atul Prakash,et al.  Antigone: A Flexible Framework for Secure Group Communication , 1999, USENIX Security Symposium.

[18]  Luigi Rizzo,et al.  Effective erasure codes for reliable computer communication protocols , 1997, CCRV.

[19]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[20]  Jon Postel,et al.  User Datagram Protocol , 1980, RFC.

[21]  Atul Prakash,et al.  *Policy management in secure group communication , 2001 .

[22]  W. Richard Stevens,et al.  Unix network programming , 1990, CCRV.

[23]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[24]  Srinivasan Seshan,et al.  A case for end system multicast , 2002, IEEE J. Sel. Areas Commun..

[25]  Alan T. Sherman,et al.  Policy-based security management for large dynamic groups: an overview of the DCCM project , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[26]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[27]  S. O'Malley,et al.  THE ROAD TO NETWORK SECURITY OR THE VALUE OF SMALL COBBLESTONES , 1994 .

[28]  Joe Kilian,et al.  How to Protect DES Against Exhaustive Key Search , 1996, CRYPTO.

[29]  Atul Prakash,et al.  Antigone: Implementing Policy in Secure Group Communication , 2000 .

[30]  Tim Howes,et al.  Lightweight Directory Access Protocol , 1995, RFC.

[31]  Pekka Nikander,et al.  A Java Beans Component Architecture for Cryptographic Protocols , 1998, USENIX Security Symposium.

[32]  Angelos D. Keromytis,et al.  Implementing a distributed firewall , 2000, CCS.

[33]  Simon S. Lam,et al.  Authorizations in Distributed Systems: A New Approach , 1993, J. Comput. Secur..

[34]  Andrea Colegrove,et al.  Group Secure Association Key Management Protocol , 2000 .

[35]  Stephen E. Deering,et al.  Host extensions for IP multicasting , 1986, RFC.

[36]  Philip A. Bernstein,et al.  Middleware: a model for distributed system services , 1996, CACM.

[37]  ZHANGLi-xia,et al.  A reliable multicast framework for light-weight sessions and application level framing , 1995 .

[38]  Simon S. Lam,et al.  Designing a distributed authorization service , 1998, Proceedings. IEEE INFOCOM '98, the Conference on Computer Communications. Seventeenth Annual Joint Conference of the IEEE Computer and Communications Societies. Gateway to the 21st Century (Cat. No.98.

[39]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.