Minimizing Trust Liabilities in Secure Group Messaging Infrastructures
Himanshu Khurana - University of Illinois at Urbana-Champaign
Aug 31, 2005Size: 93.0MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractLarge-scale collaborative applications are characterized by a large number of users and other processing end entities that are distributed over geographically disparate locations. Therefore, these applications use messaging infrastructures that scale to the application needs and enable users to process messages without concern for message transmission and delivery. Widespread use of these infrastructures is hindered by the need for scalable security services; viz., services for confidentiality, integrity, and authentication. Current solutions for providing security for these systems use trusted servers (or a network of servers), which consequently bear significant trust liabilities of maintaining confidentiality, integrity, and authentication of messages and keys that are processed by the servers.
In this talk we look at current approaches for secure messaging in three commonly used messaging infrastructures: email, group communication, and publish/subscribe. We then show how novel encryption techniques can be used to minimize trust liabilities in these infrastructures in a scalable manner. We are in the process of developing prototypes of our solutions. We will discuss the prototype designs and present some initial experimentation results.
About the SpeakerDr. Himanshu Khurana received his MS from the University of Maryland in 1999, and his PhD from the University of Maryland in 2002. He worked as a postdoctoral research at the Institute for Systems Research, University of Maryland from 2002 to 2003. Dr. Khurana is currently a Senior Security Engineer at the National Center for Supercomputing Applications. His research interests are in network and distributed system security, and he is currently working on projects in secure messaging, dynamic coalitions, web services, and wireless sensor networks. While at the University of Maryland he led the prototype development of tools for secure dynamic coalitions, which were selected for the Joint Warrior Integration Demonstration (JWID) in 2004.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.