We argue that end-to-end authentication and privacy in loosely-coupled distributed systems are not only achievable by mechanisms at the host-to-host (i.e., subtransport) level under generally satisfiable conditions, but that this solution can be more advantageous than those based on security mechanisms at higher levels of the protocol hierarchy in terms of both functionality and performance. We introduce a model of communication security and a subtransport-level protocol called ADP (the Authenticated Datagram Protocol), which provides end-to-end authentication and privacy consistently with the definitions of the model. We then discuss the advantages of the subtransport approach, and present some experimental results from the measurement of a prototype of ADP that confirm the expected performance benefits of this approach.
Title
Subtransport Level: The Right Place for End-to-End Security Mechanisms
Published
Computer Science Division, University of California at Berkeley, Berkeley, California, March 1987
Full Collection Name
Electrical Engineering & Computer Sciences Technical Reports
Other Identifiers
CSD-87-346
Type
Text
Extent
20 p
Archive
The Engineering Library
Usage Statement
Researchers may make free and open use of the UC Berkeley Library’s digitized public domain materials. However, some materials in our online collections may be protected by U.S. copyright law (Title 17, U.S.C.). Use or reproduction of materials protected by copyright beyond that allowed by fair use (Title 17, U.S.C. § 107) requires permission from the copyright owners. The use or reproduction of some materials may also be restricted by terms of University of California gift or purchase agreements, privacy and publicity rights, or trademark law. Responsibility for determining rights status and permissibility of any use or reproduction rests exclusively with the researcher. To learn more or make inquiries, please see our permissions policies (https://www.lib.berkeley.edu/about/permissions-policies).
