Title :
Vault: A Secure Binding Service
Author :
Lu, Guor-Huar ; Choi, Changho ; Zhang, Zhi-Li
Author_Institution :
Univ. of Minnesota, Minneapolis, MN
Abstract :
Binding services are crucial building blocks in networks and networked applications. A binding service (e.g., the domain name system (DNS)) maps certain information, namely, binding keys (e.g., host names), to other information, i.e., binding values (e.g., IP addresses), and answers queries for such key-value bindings. Clearly, building secure binding services that ensure the integrity and authenticity of bindings are vital to the correct operations of many networks and networked applications. In this paper we present a novel approach for building generic secure binding services that allow arbitrary key-value bindings as (trusted) infrastructure services to support a variety of networks and networked applications. We combine the Identity- Based Encryption (IBE) crypto-mechanisms with distributed hash table (DHT) techniques to develop an innovative architecture for building scalable, robust and secure binding services. Using this architecture, we implement a prototype system called Vault and evaluate its performance both in a local testbed and on the PlanetLab.
Keywords :
cryptography; arbitrary key-value bindings; crucial building blocks; crypto-mechanisms; distributed hash table; domain name system maps; identity-based encryption; secure binding service; trusted infrastructure services; vault; Buildings; Cryptography; Domain Name System; Identity-based encryption; Network servers; Prototypes; Robustness; System testing; Web and internet services; Web server;
Conference_Titel :
Network Protocols, 2006. ICNP '06. Proceedings of the 2006 14th IEEE International Conference on
Conference_Location :
Santa Barbara, CA
Print_ISBN :
1-4244-0593-9
Electronic_ISBN :
1-4244-0594-7
DOI :
10.1109/ICNP.2006.320210
