{"title":"在对等消息传递中间件中保护通信","authors":"Péter Szilágyi","doi":"10.1109/SYNASC.2013.50","DOIUrl":null,"url":null,"abstract":"Traditionally, message oriented middlewares (MOM) are looked upon as either centralized systems (e.g. AMQP) or a rigidly distributed collection of machines, requiring significant configuration overhead for achieving the desired throughput under the needed security constraints. On the other end of the spectrum, peer-to-peer systems (P2P) in general achieve amazing scalability and fault tolerance, but due to their very nature, are susceptible to various attacks. Since all measures of security have considerable consequences on the system's capabilities, the securing of a peer-to-peer system requires a thorough analysis on the exact designated use-case and environment in which the network is required to operate in, as well as all the possible threats the system must be able to withstand. The paper proposes a security model that bridges the distribution concept of peer-to-peer systems with the necessities of MOMs by rigorously defining the operational environment, assumptions and requirements, on top of which a security protocol was implemented. Taking advantage of the specific use case of P2P MOMs, further optimizations are provided which provide the same security against the defined threat model, but result in significant gains with regard to the overall switching throughput of the network.","PeriodicalId":293085,"journal":{"name":"2013 15th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing","volume":"57 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Securing Communication in a Peer-to-Peer Messaging Middleware\",\"authors\":\"Péter Szilágyi\",\"doi\":\"10.1109/SYNASC.2013.50\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Traditionally, message oriented middlewares (MOM) are looked upon as either centralized systems (e.g. AMQP) or a rigidly distributed collection of machines, requiring significant configuration overhead for achieving the desired throughput under the needed security constraints. On the other end of the spectrum, peer-to-peer systems (P2P) in general achieve amazing scalability and fault tolerance, but due to their very nature, are susceptible to various attacks. Since all measures of security have considerable consequences on the system's capabilities, the securing of a peer-to-peer system requires a thorough analysis on the exact designated use-case and environment in which the network is required to operate in, as well as all the possible threats the system must be able to withstand. The paper proposes a security model that bridges the distribution concept of peer-to-peer systems with the necessities of MOMs by rigorously defining the operational environment, assumptions and requirements, on top of which a security protocol was implemented. Taking advantage of the specific use case of P2P MOMs, further optimizations are provided which provide the same security against the defined threat model, but result in significant gains with regard to the overall switching throughput of the network.\",\"PeriodicalId\":293085,\"journal\":{\"name\":\"2013 15th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing\",\"volume\":\"57 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-09-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 15th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SYNASC.2013.50\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 15th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SYNASC.2013.50","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Securing Communication in a Peer-to-Peer Messaging Middleware
Traditionally, message oriented middlewares (MOM) are looked upon as either centralized systems (e.g. AMQP) or a rigidly distributed collection of machines, requiring significant configuration overhead for achieving the desired throughput under the needed security constraints. On the other end of the spectrum, peer-to-peer systems (P2P) in general achieve amazing scalability and fault tolerance, but due to their very nature, are susceptible to various attacks. Since all measures of security have considerable consequences on the system's capabilities, the securing of a peer-to-peer system requires a thorough analysis on the exact designated use-case and environment in which the network is required to operate in, as well as all the possible threats the system must be able to withstand. The paper proposes a security model that bridges the distribution concept of peer-to-peer systems with the necessities of MOMs by rigorously defining the operational environment, assumptions and requirements, on top of which a security protocol was implemented. Taking advantage of the specific use case of P2P MOMs, further optimizations are provided which provide the same security against the defined threat model, but result in significant gains with regard to the overall switching throughput of the network.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
