Intrusion-Tolerant Group Management in Enclaves
DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
Exploring Robustness in Group Key Agreement
ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems
Deno: A Decentralized, Peer-to-Peer Object-Replication System for Weakly Connected Environments
IEEE Transactions on Computers
Exploring adaptability of secure group communication using formal prototyping techniques
ARM '04 Proceedings of the 3rd workshop on Adaptive and reflective middleware
Tailoring consistency in group membership for mobile networks
Future Generation Computer Systems
| Hi-index | 0.00 |
Ensemble is a Group Communication System built at Cornell and the Hebrew Universities. It allows processes to create {\it process groups} in which scalable reliable fifo-ordered multicast and point-to-point communication are supported. The system also supports other communication properties, such as multicast causal and total ordering, flow control, etc.. This paper describes the security protocols and infrastructure of Ensemble. Applications using Ensemble with the extensions described here benefit from strong security properties. Assuming trusted authenticated members may not be corrupted, all communication is secured from tampering by outsiders. Our work extends previous work performed in the Horus system (Ensemble''s predecessor) adding support for multiple partitions, efficient rekeying, and application defined security policies. Unlike Horus, which used its own security infrastructure with non-standard key distribution and timing services, Ensemble''s security mechanism is based on a standard and very widely used security infrastructure: the PGP authentication engine.