Subtransport Level: The Right Place for End-to-End Security Mechanisms

David P. Anderson, Domenico Ferrari and P. Venkat Rangan

EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-87-346
March 1987

http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/CSD-87-346.pdf

We argue that end-to-end authentication and privacy in loosely-coupled distributed systems are not only achievable by mechanisms at the host-to-host (i.e., subtransport) level under generally satisfiable conditions, but that this solution can be more advantageous than those based on security mechanisms at higher levels of the protocol hierarchy in terms of both functionality and performance. We introduce a model of communication security and a subtransport-level protocol called ADP (the Authenticated Datagram Protocol), which provides end-to-end authentication and privacy consistently with the definitions of the model. We then discuss the advantages of the subtransport approach, and present some experimental results from the measurement of a prototype of ADP that confirm the expected performance benefits of this approach.

BibTeX citation:

@techreport{Anderson:CSD-87-346,
    Author = {Anderson, David P. and Ferrari, Domenico and Rangan, P. Venkat},
    Title = {Subtransport Level: The Right Place for End-to-End Security Mechanisms},
    Institution = {EECS Department, University of California, Berkeley},
    Year = {1987},
    Month = {Mar},
    URL = {http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/5580.html},
    Number = {UCB/CSD-87-346},
    Abstract = {We argue that end-to-end authentication and privacy in loosely-coupled distributed systems are not only achievable by mechanisms at the host-to-host (i.e., subtransport) level under generally satisfiable conditions, but that this solution can be more advantageous than those based on security mechanisms at higher levels of the protocol hierarchy in terms of both functionality and performance. We introduce a model of communication security and a subtransport-level protocol called ADP (the Authenticated Datagram Protocol), which provides end-to-end authentication and privacy consistently with the definitions of the model. We then discuss the advantages of the subtransport approach, and present some experimental results from the measurement of a prototype of ADP that confirm the expected performance benefits of this approach.}
}

EndNote citation:

%0 Report
%A Anderson, David P.
%A Ferrari, Domenico
%A Rangan, P. Venkat
%T Subtransport Level: The Right Place for End-to-End Security Mechanisms
%I EECS Department, University of California, Berkeley
%D 1987
%@ UCB/CSD-87-346
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/5580.html
%F Anderson:CSD-87-346

EECS at UC Berkeley

Search form

Subtransport Level: The Right Place for End-to-End Security Mechanisms

David P. Anderson, Domenico Ferrari and P. Venkat Rangan

EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-87-346
March 1987

http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/CSD-87-346.pdf

Subtransport Level: The Right Place for End-to-End Security Mechanisms

David P. Anderson, Domenico Ferrari and P. Venkat Rangan

EECS Department University of California, Berkeley Technical Report No. UCB/CSD-87-346 March 1987

http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/CSD-87-346.pdf

EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-87-346
March 1987