Framework for Authentication and Access Control of Client-Server Group Communication Systems

Info, ps, ps.gz, pdf. Published in the proceedings of the Third International Workshop on Networked Group Communication, London UK, 7-9 November 2001, Lecture Notes on Computer Science XXXX (LNCS xxx). ps, ps.gz, pdf. A full version of this paper was published as Johns Hopkins University, Center for Networking and Distributed Systems (CNDS) Technical report CNDS-2001-2. Citation Yair Amir, Cristina Nita-Rotaru, Jonathan Stanton, "Framework for Authentication and Access Control of Client-Server Group Communication Systems", LNCS 2233, Proceedings of the Third International Workshop on Networked Group Communication (NGC 2001), London, UK, November 7-9 2001, Editors Jon Crowcroft and Markus Hofmann, pp 128-140. Authors Yair Amir, Cristina Nita-Rotaru, and Jonathan Stanton. Abstract Researchers have made much progress in designing secure and scalable protocols to provide specific security services, such as data secrecy, data integrity, entity authentication and access control, to multicast and group applications. However, less emphasis has been put on how to integrate security protocols with modern, highly efficient group communication systems and what issues arise in such secure group communication systems. In this paper, we present a flexible and modular architecture for integrating many different authentication and access control policies and protocols with an existing group communication system, while allowing applications to provide their own protocols and control the policies. This architecture maintains, as much as possible, the scalability and performance characteristics of the unsecure system. We discuss some of the challenges when designing such a framework and show its implementation in the Spread wide-area group communication toolkit.