Fine-Grain Configurability for Secure Communication

Current solutions for providing communication security in network applications allow customization of certain security attributes and techniques, but in limited ways and without the benefit of a single unifying framework. Here, the design of a highly-customizable extensible service called SecComm is described in which attributes such as authenticity, privacy, integrity, and non-repudiation can be customized in arbitrary ways. With SecComm, applications can open secure communication connections in which only those attributes selected from among a wide range of possibilities are enforced, and are enforced using the strength or technique desired. SecComm has been implemented using Cactus, a system for building configurable communication services. In Cactus, different properties and techniques are implemented as software modules called micro-protocols that interact using an event-driven execution paradigm. This non-hierarchical design approach has a high degree of flexibility, yet provides enough structure and control that it is easy to build collections of micro-protocols realizing a large number of diverse properties. This paper gives an overview of the design and implementation of SecComm, and gives initial performance figures for a prototype implementation running on a cluster of Pentiums using the Mach MK 7.3 operating system.