Skip to main content


eCommons@Cornell >
College of Engineering >
Computer Science >
Computer Science Technical Reports >

Please use this identifier to cite or link to this item:
Title: Ensemble Security
Authors: Rodeh, Ohad
Birman, Kenneth P.
Hayden, Mark
Xiao, Zhen
Dolev, Danny
Keywords: computer science
technical report
Issue Date: Sep-1998
Publisher: Cornell University
Abstract: Ensemble is a Group Communication System built at Cornell and the Hebrew Universities. It allows processes to create {\it process groups} in which scalable reliable fifo-ordered multicast and point-to-point communication are supported. The system also supports other communication properties, such as multicast causal and total ordering, flow control, etc.. This paper describes the security protocols and infrastructure of Ensemble. Applications using Ensemble with the extensions described here benefit from strong security properties. Assuming trusted authenticated members may not be corrupted, all communication is secured from tampering by outsiders. Our work extends previous work performed in the Horus system (Ensemble's predecessor) adding support for multiple partitions, efficient rekeying, and application defined security policies. Unlike Horus, which used its own security infrastructure with non-standard key distribution and timing services, Ensemble's security mechanism is based on a standard and very widely used security infrastructure: the PGP authentication engine.
Appears in Collections:Computer Science Technical Reports

Files in This Item:

File Description SizeFormat
98-1703.pdf282.63 kBAdobe PDFView/Open
98-1703.ps272.44 kBPostscriptView/Open

Refworks Export

Items in eCommons are protected by copyright, with all rights reserved, unless otherwise indicated.


© 2014 Cornell University Library Contact Us