Himanshu Khurana - University of Illinois at Urbana-Champaign
Students: Fall 2024, unless noted otherwise, sessions will be virtual on Zoom.
Minimizing Trust Liabilities in Secure Group Messaging Infrastructures
Aug 31, 2005
Download: MP4 Video Size: 93.0MBWatch on YouTube
Abstract
Large-scale collaborative applications are characterized by a large number of users and other processing end entities that are distributed over geographically disparate locations. Therefore, these applications use messaging infrastructures that scale to the application needs and enable users to process messages without concern for message transmission and delivery. Widespread use of these infrastructures is hindered by the need for scalable security services; viz., services for confidentiality, integrity, and authentication. Current solutions for providing security for these systems use trusted servers (or a network of servers), which consequently bear significant trust liabilities of maintaining confidentiality, integrity, and authentication of messages and keys that are processed by the servers.In this talk we look at current approaches for secure messaging in three commonly used messaging infrastructures: email, group communication, and publish/subscribe. We then show how novel encryption techniques can be used to minimize trust liabilities in these infrastructures in a scalable manner. We are in the process of developing prototypes of our solutions. We will discuss the prototype designs and present some initial experimentation results.
About the Speaker
Dr. Himanshu Khurana received his MS from the University of Maryland in 1999, and his PhD from the University of Maryland in 2002. He worked as a postdoctoral research at the Institute for Systems Research, University of Maryland from 2002 to 2003. Dr. Khurana is currently a Senior Security Engineer at the National Center for Supercomputing Applications. His research interests are in network and distributed system security, and he is currently working on projects in secure messaging, dynamic coalitions, web services, and wireless sensor networks. While at the University of Maryland he led the prototype development of tools for secure dynamic coalitions, which were selected for the Joint Warrior Integration Demonstration (JWID) in 2004.