The Architecture and Performance of Security Protocols in the Ensemble Group Communication System

Ensemble is a Group Communication System built at Cornell and the Hebrew Universities. It allows processes to create process groups in which scalable reliable fo-ordered multicast and point-to-point communication are supported. The system also supports other communication properties, such as multicast causal and total ordering, ow control, etc. This paper describes the security protocols and infrastructure of Ensemble. Applications using Ensemble with the extensions described here beneet from strong security properties. Under the assumption that trusted processes will not be corrupted, all communication is secured from tampering by outsiders. Our work extends previous work performed in the Horus system (Ensemble's predecessor) by adding support for multiple partitions, eecient rekeying, and application deened security policies. Unlike Horus, which used its own security infrastructure with non-standard key distribution and timing services, Ensemble's security mechanism is based on oo-the shelf authentication systems, such as PGP and Kerberos.