ACM Transactions on Computer Systems (TOCS)
IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish)
Fast Software Encryption, Cambridge Security Workshop
Security Issues and Requirements for Internet-Scale Publish-Subscribe Systems
HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 9 - Volume 9
Java Cryptography Extensions: Practical Guide for Programmers
Java Cryptography Extensions: Practical Guide for Programmers
Scalable security and accounting services for content-based publish/subscribe systems
Proceedings of the 2005 ACM symposium on Applied computing
Secure distribution of events in content-based publish subscribe systems
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Encryption-enforced access control in dynamic multi-domain publish/subscribe networks
Proceedings of the 2007 inaugural international conference on Distributed event-based systems
Flexible qos-managed status dissemination middleware framework for the electric power grid
Flexible qos-managed status dissemination middleware framework for the electric power grid
Hi-index | 0.00 |
This paper presents a modular, software-based, over-the-wire configurable, end-to-end security architecture for critical infrastructure monitoring systems. The architecture provides mechanisms allowing it to evolve, during operation, over the long lifetimes typically encountered in these systems by allowing security modules to be securely added and replaced at runtime. Our security architecture addresses these systems' need for high-performance secure multi-cast with modules for confidentiality, integrity, authentication, and obfuscation. The variety of available modules provides tradeoffs between performance and security now and for the future. Experimental performance results for various existing modules, in the context of the architecture, are presented. To achieve long system lifetime a secure management system, using protocols based on symmetric-key cryptography, is described.