1 / 10

SeT: Secure Service Technology for Dependable e-Business/Government Applications

SeT: Secure Service Technology for Dependable e-Business/Government Applications. Jie Xu, Keith Bennett and Malcolm Munro The SeTech Centre Department of Computer Science University of Durham. The SeTech Centre at Durham. Funding Sources: EPSRC/DTI, NEeS Centre

donovan-williams
Download Presentation

SeT: Secure Service Technology for Dependable e-Business/Government Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SeT: Secure Service Technology for Dependable e-Business/Government Applications Jie Xu, Keith Bennett and Malcolm Munro The SeTech Centre Department of Computer Science University of Durham

  2. The SeTech Centre at Durham Funding Sources: EPSRC/DTI, NEeS Centre Industrial Partners (Sun, Sharp, Sparkle etc) Technical Board: Jie Xu (Distributed Systems & Dependability) Keith Bennett (Service-Based Architecture) Malcolm Munro & Nick Holliman (Visualisation) Research Staff: 6 Academic Staff Members + 12 Research Staff Members Hardware Testbed: A Sun 32 CPU UltraGrid computer connected to a network of Sun servers and workstations with an upgraded Gigabit link between Durham and Newcastle Close Collaborations: The Pennine Group, EU and USA univ. & insti.

  3. The SeTech Centre Building

  4. Problems and Challenges The Problem - Coordinated resource sharing & problem solving in large- scale, dynamic, multi-institutional virtual organisations Major Technical Obstacles - Inflexible, protocol-specific architectures & approaches - Difficulty in structuring and writing such large-scale programs - Security risks and malicious attacks - Many risks and problems rooted in software

  5. e-Demand:A Software-BasedSolution The Demand-Led Service-Based Architecture - New service-based model for organising flexible e-business/ government applications - An instance of the architecture to be implemented Generic Services, e.g. our unique SIR technique - Support for secure and attack-tolerant information sharing - 3D visualisation service for program/information comprehension Fault-Injection-Based System Evaluation - The FITMVS tool, supported by clusters of workstations - Evaluation with respect to faults/attacks/performance

  6. Architectural Evolution Internet Architecture Service-Based Architecture Protocol-Based Architecture Applications Applications Information, Negotiation Settlement, After-Services e-Actions ISPs, CSPs, SPs Coordination of Multiple Resources Generic Services: Security, FT Visualisation Resource Management Transport Connectivity Internet Link Resources

  7. Service-Based Architectural Model Demand Contractor/assembly service provider Catalogue/ontology provider Finding Service consumer Provision Ultra-Late Binding Publishing e-Action service Service/solution provider Attack-tolerance service Auto-3D service

  8. The Attack-Tolerant PIR Scheme Private Information Retrieval (PIR) - Normal query to a (remote) database: give me the record x - PIR query: compute functions F1, F2, …, Fk for me over x, y, z, ... (reconstruct x locally based on the results of F1, F2, …, Fk) Attack/Failure Models of Remote DB Servers - Honest-but-Curious (HbC): query with K functions (computing tasks) - HbC & loss of results: query with K + L functions - Malicious hosts (may change the results deliberately): 2 different queries (i.e. 2K functions for detection) or (f + 2)queries for tolerating f attacks/failures New Approach: a query with K signed functions (detection) for tolerating f attacks/failures Application Domains: critical information services, healthcare etc.

  9. The System Architecture host 1 host 2 host m A1m A11 A12 A1 A2m A21 A22 A2 An1 Anm An2 An Internet (pieces of code) A1, A2 … An A1, A2 … An mobile code dispatcher mobile code collector request manager result manager (local host) request result user application

  10. An Implementation for Real DBs Length of Queries vs. Execution Time

More Related