The last couple of years has seen a growing momentum towards using the Internet for conducting business. One of the key enablers for business applications is the ability to setup secure channels across the internet. The Secure Sockets Layer (SSL) protocol provides this capability and it is the most widely used transport layer security protocol. In this paper we investigate the performance of SSL both from a latency as well as a throughput point of view. Since SSL is primarily used to secure web transactions, we use the SPECWeb96 benchmark suitably modified for use with the SSL protocol. We benchmark two of the more more popular webservers that are in use today and find that they are a couple of orders of magnitude slower when it comes to serving secure web pages. We investigate the reason for this deficiency by instrumenting the SSL protocol stack with a detailed profiling of the protocol processing components. Based on our findings we suggest two modifications to the protocol that red...

A number of applications have emerged over recent years that use datagram transport. These applications include real time video conferencing, Internet telephony, and online games such as Quake and StarCraft. These applications are all delay sensitive and use unreliable datagram transport. Applications that are based on reliable transport can be secured using TLS, but no compelling alternative exists for securing datagram based applications. In this paper we present DTLS, a datagram capable version of TLS. DTLS is extremely similar to TLS and therefore allows reuse of pre-existing protocol infrastructure. Our experimental results show that DTLS adds minimal overhead to a previously non-DTLS capable application.

This dissertation presents an architectural model and a reference implementation for push systems. Push systems reverse the pull-based communication paradigm on the world-wide web and in most other distributed systems to support easier information dissemination and discovery for users. The pull model requires the user to issue a request whenever information is needed, whereas push systems support asynchronous information distribution: Whenever information of the user's choice becomes available, it gets distributed. In the push communication model, an information producer announces the availability of certain types of information, an interested consumer subscribes to this information, and the producer periodically publishes the information (pushes it to the consumer). This simplifies the discovery of information and provides timely information dissemination but introduces complex problems that challenge the widespread deployment of push systems: scalability to large numbers of users in terms of network bandwidth, timely notification of information availability, authenticity and integrity of information, and support for payment methods and business models. Current systems fall short in addressing these issues. Most available push systems actually use a pull-based distribution approach where clients check for new information at configurable intervals; frequently scalability is limited, many systems lack services to provide information authenticity and integrity, and moreover, the important issue of payment models is not adequately addressed by any existing system.

A SIP-based architecture for emergency calling and notification systems could increase speed, scalability, and functionality in communication services. During emergencies, service agencies rely on telecommunications to achieve quick response times and minimize loss of life and property. The existing public and government-based telephone systems provide three essential communication services: an emergency calling system, which the public uses to report problems and ask for help; emergency communications, which allow for crisis communications within agencies and between agencies and the public; and emergency alerting, which provides a channel for government agencies to notify the public when disasters occur. As we transition to a packet-switched infrastructure, we must reconsider how to provide these services. Internet-based communications offer new challenges, as old assumptions about trust, operation, and terminal location no longer hold. However, IPbased emergency services will also offer expanded services, more resilient networks, and faster response times. About half a dozen companies are offering commercial voice-over-IP services at this time, for both commercial and residential customers. It appears likely that the transition to an all-IP phone service will be slow, as depreciation intervals for switches are measured in decades. However, third-generation wireless systems (3G) are scheduled to offer packet voice services by 2005, adding possibly hundreds of millions of such devices to the network. As the “Emergency Communications” sidebar describes, the existing Internet architecture must be modified in two areas to support coordinated communication services. Here, however, our primary focus is on emergency calling and notification. In this article, we describe the components of the existing emergency calling and notification systems and our proposed IPbased architectures, 1 each of which uses the session initiation protocol (SIP) as the signaling framework. 2

Abstract. We are developing a secure and certified e-mail system AnZen-Mail that provides an experimental testbed for our cutting-edge security enhancement technologies. In addition to a provably secure message transfer protocol, we have designed and implemented a server (MTU) and a client (MUA) in order that they could survive recent malicious attacks such as server-cracking and e-mail viruses. The AnZenMail server is implemented in Java, a memory-safe language, and so it is free from stack smashing. Some of its safety properties have been formally verified in Coq mostly at the source code level by manually translating Java methods into Coq functions. The AnZenMail client is designed to provide a support for secure execution of mobile code arriving as e-mail attachments. It has plug-in interfaces for code inspection and execution modules such as static analysis tools, runtime/inline reference monitors, and an anti-virus engine, which are currently being developed by members of our research project. 1

The increasing use of email for phishing and unsolicited marketing has reduced the trustworthiness of email as a communication medium. Sender authentication is a known defense against these attacks. Existing proposals for sender authentication either require infrastructural support or break compatibility with existing email infrastructure. We propose, implement, and evaluate social-group key authentication, an incrementally deployable and backward compatible sender authentication mechanism for email. Our solution requires honest majority instead of trust infrastructure or human input for correctness. In accordance with the end-to-end principle, authentication is implemented at the mail client by executing our previously proposed Byzantine fault tolerant public key authentication protocol [12] as an overlay on top of the mail transport protocol. We evaluated the authentication overhead by instrumenting our Thunderbird authentication plugin with synthetic data and found a user visible latency increase of about 200ms. Real life usability of the authentication mechanism is investigated with two anonymized email traces. Our results show that about 40 % of the peers can be authenticated over the 92 day trace period without adding any new messages to the email network. Adding a small fraction of extra email messages permits more than 90 % of the peers to be authenticated within a week. 1

A multi-agent marketplace, MAGNET (Multi AGent Negotiation Testbed), is a promising solution for conducting online combinatorial auctions. The trust model of MAGNET is somewhat different from other on-line auction systems, since the marketplace, which mediates all communications between agents, acts as a partiallytrusted third party. In this paper, we identify the security vulnerabilities of MAG-NET and present a solution that overcomes these weaknesses. Our solution makes use of three different existing technologies with standard cryptographic techniques: a publish/subscribe system to provide simple and general messaging, time-release cryptography to provide guaranteed nondisclosure of the bids, and anonymous communication to hide the identity of the bidders until the end of the auction. By doing so, we successfully minimize the trust on the market as well as increase the security of the whole system. The protocol that we have developed can be adapted for use by other agent-based auction systems, which use a third party to mediate transactions.

Since networks and computing systems are vital components of today's life, it is of utmost importance to endow them with the capability to survive physical and logical faults, as well as malicious or deliberate attacks. When the information system is obtained by federating pre-existing local systems, a methodology is needed to integrate security policies and mechanisms under a uniform structure. Therefore, in building distributed information systems, a methodology for analysis, design and implementation of security requirements of data and processes is essential for obtaining mutual trust between cooperating organizations. Moreover, when the information system is built as a cooperative set of e-services, security is related to the type of data, to the sensitivity context of the cooperative processes and to the security characteristics of the communication paradigms. The CoopSIS (Cooperative Secure Information Systems) project aims to develop methods and tools for the analysis, design, implementation and evaluation of secure and survivable distributed information systems of cooperative type, in particular with experimentation in the Public Administration Domain. This paper presents the basic issues of a methodology being conceived to build a trusted cooperative environment, where data sensitivity parameters and security requirements of processes are taken into account. The milestones phases of the security development methodology in the context of this project are illustrated.

Abstract. Recent web-based applications offer users free service in exchange for access to personal communication, such as on-line email services and instant messaging. The inspection and retention of user communication is generally intended to enable targeted marketing. However, unless specifically stated otherwise by the collecting service’s privacy policy, such records have an indefinite lifetime and may be later used or sold without restriction. In this paper, we show that it is possible to protect a user’s privacy from these risks by exploiting mutually oblivious, competing communication channels. We create virtual channels over online services (e.g., Google’s Gmail, Microsoft’s Hotmail) through which messages and cryptographic keys are delivered. The message recipient uses a shared secret to identify the shares and ultimately recover the original plaintext. In so doing, we create a wired “spread-spectrum ” mechanism for protecting the privacy of web-based communication. We discuss the design and implementation of our open-source Java applet, Aquinas, and consider ways that the myriad of communication channels present on the Internet can be exploited to preserve privacy. 1

Abstract. There is a growing interest for VoWLAN (Voice over Wireless LAN) services in the advent of network convergence and user mobility. As we design a VoWLAN system capable of handling both intra- and inter-handover real-time data, we should likewise consider its security architecture as compared to WLAN (Wireless LAN) systems. In this paper, we propose a method for VoWLAN that would provide handover and security standards designed to enhance and speed up the authentication process while handover. Keywords: VoWLAN, Security, Handover. 1