The Experts below are selected from a list of 1734 Experts worldwide ranked by ideXlab platform
Daniel A Menasce - One of the best experts on this subject based on the ideXlab platform.
-
Performance of Public KeyEnabled Kerberos Authentication in Large Networks
2015Co-Authors: Alan Harbitter, Daniel A MenasceAbstract:Authenticating mobile computing users can require a significant amount of processing and communications resources— particularly when protocols based on public key encryption are invoked. These resource requirements can result in unacceptable response times for the user. In this paper, we analyze adaptations of the public key-enabled Kerberos network Authentication protocol to a mobile platform by measuring the service time of a “skeleton ” implementation and constructing a closed queuing network model. Our adaptation of Kerberos introduces a proxy server between the client and the server to mitigate potential performance deficiencies and add functional benefits. Our analysis indicates that assistance from the proxy makes public key Kerberos a viable Authentication protocol from a performance perspective. However, as wireless network speeds increase from current 2G levels to the 3G targets, the proxy can become a response time liability. The proxy’s role in the protocol, while warranted in current applications, will have to be re-modeled and re-considered as both wireless transmission speeds and proxy processing speeds increase
-
the performance of public key enabled Kerberos Authentication in mobile computing applications
Computer and Communications Security, 2001Co-Authors: Alan Harbitter, Daniel A MenasceAbstract:Authenticating mobile computing users can require a significant amount of processing and communications resources-particularly when protocols based on public key encryption are invoked. These resource requirements can result in unacceptable response times for the user. In this paper, we analyze adaptations of the public key-enabled Kerberos network Authentication protocol to a mobile platform by measuring the service time of a "skeleton" implementation and constructing a closed queuing network model. Our adaptation of Kerberos introduces a proxy server between the client and the server to mitigate potential performance deficiencies and add functional benefits. Our analysis indicates that assistance from the proxy makes public key Kerberos a viable Authentication protocol from a performance perspective. However, as wireless network speeds increase from current 2G levels to the 3G targets, the proxy can become a response time liability. The proxy's role in the protocol, while warranted in current applications, will have to be re-modeled and re-considered as both wireless transmission speeds and proxy processing speeds increase.
-
performance of public key enabled Kerberos Authentication in large networks
IEEE Symposium on Security and Privacy, 2001Co-Authors: Alan Harbitter, Daniel A MenasceAbstract:Several proposals have been made to public-key-enable various stages of the secret-key-based Kerberos network Authentication protocol. The computational requirements of public key cryptography are much higher than those of secret key cryptography, and the substitution of public key encryption algorithms for secret key algorithms impacts performance. This paper uses closed, class-switching queuing models to demonstrate the quantitative performance differences between PKCROSS and PKTAPP - two proposals for public-key-enabling Kerberos. Our analysis shows that, while PKTAPP is more efficient for authenticating to a single server, PKCROSS outperforms the simpler protocol if there are two or more remote servers per remote realm. This heuristic can be used to guide a high-level protocol that combines both methods of Authentication to improve performance.
Dharmender Singh Kushwaha - One of the best experts on this subject based on the ideXlab platform.
-
an efficient schema shared approach for cloud based multitenant database with Authentication and authorization framework
2011 International Conference on P2P Parallel Grid Cloud and Internet Computing, 2011Co-Authors: Sanjeev Pippal, Vishu Sharma, Shakti Mishra, Dharmender Singh KushwahaAbstract:Software-as-a-Service (SaaS) is a service model for delivering application as cloud services over the internet on subscription basis to multiple clients. This has forced the use of shared databases termed as multitenant databases. Multitenancy refers to a technology where a single instance of application serves requests from multiple clients. The word Tenant refers to a single organization (eg. an Institution) or person. In our proposed approach, shared database shared schema approach has been proposed that offers larger number of tenants (Educational Institutions) per database server as the single database serves the database requirements of multiple Institutions. Authentication and authorization are prime requirements when dealing with multitenancy. Kerberos Authentication protocol is used on the top of multitenant database for participating educational institution in a heterogeneous environment, where a tenant can also voluntarily participate in the data centre.
-
an efficient schema shared approach for cloud based multitenant database with Authentication and authorization framework
2011 International Conference on P2P Parallel Grid Cloud and Internet Computing, 2011Co-Authors: Sanjeev Pippal, Vishu Sharma, Shakti Mishra, Dharmender Singh KushwahaAbstract:Software-as-a-Service (SaaS) is a service model for delivering application as cloud services over the internet on subscription basis to multiple clients. This has forced the use of shared databases termed as multitenant databases. Multitenancy refers to a technology where a single instance of application serves requests from multiple clients. The word Tenant refers to a single organization (eg. an Institution) or person. In our proposed approach, shared database shared schema approach has been proposed that offers larger number of tenants (Educational Institutions) per database server as the single database serves the database requirements of multiple Institutions. Authentication and authorization are prime requirements when dealing with multitenancy. Kerberos Authentication protocol is used on the top of multitenant database for participating educational institution in a heterogeneous environment, where a tenant can also voluntarily participate in the data centre.
Alan Harbitter - One of the best experts on this subject based on the ideXlab platform.
-
Performance of Public KeyEnabled Kerberos Authentication in Large Networks
2015Co-Authors: Alan Harbitter, Daniel A MenasceAbstract:Authenticating mobile computing users can require a significant amount of processing and communications resources— particularly when protocols based on public key encryption are invoked. These resource requirements can result in unacceptable response times for the user. In this paper, we analyze adaptations of the public key-enabled Kerberos network Authentication protocol to a mobile platform by measuring the service time of a “skeleton ” implementation and constructing a closed queuing network model. Our adaptation of Kerberos introduces a proxy server between the client and the server to mitigate potential performance deficiencies and add functional benefits. Our analysis indicates that assistance from the proxy makes public key Kerberos a viable Authentication protocol from a performance perspective. However, as wireless network speeds increase from current 2G levels to the 3G targets, the proxy can become a response time liability. The proxy’s role in the protocol, while warranted in current applications, will have to be re-modeled and re-considered as both wireless transmission speeds and proxy processing speeds increase
-
the performance of public key enabled Kerberos Authentication in mobile computing applications
Computer and Communications Security, 2001Co-Authors: Alan Harbitter, Daniel A MenasceAbstract:Authenticating mobile computing users can require a significant amount of processing and communications resources-particularly when protocols based on public key encryption are invoked. These resource requirements can result in unacceptable response times for the user. In this paper, we analyze adaptations of the public key-enabled Kerberos network Authentication protocol to a mobile platform by measuring the service time of a "skeleton" implementation and constructing a closed queuing network model. Our adaptation of Kerberos introduces a proxy server between the client and the server to mitigate potential performance deficiencies and add functional benefits. Our analysis indicates that assistance from the proxy makes public key Kerberos a viable Authentication protocol from a performance perspective. However, as wireless network speeds increase from current 2G levels to the 3G targets, the proxy can become a response time liability. The proxy's role in the protocol, while warranted in current applications, will have to be re-modeled and re-considered as both wireless transmission speeds and proxy processing speeds increase.
-
performance of public key enabled Kerberos Authentication in large networks
IEEE Symposium on Security and Privacy, 2001Co-Authors: Alan Harbitter, Daniel A MenasceAbstract:Several proposals have been made to public-key-enable various stages of the secret-key-based Kerberos network Authentication protocol. The computational requirements of public key cryptography are much higher than those of secret key cryptography, and the substitution of public key encryption algorithms for secret key algorithms impacts performance. This paper uses closed, class-switching queuing models to demonstrate the quantitative performance differences between PKCROSS and PKTAPP - two proposals for public-key-enabling Kerberos. Our analysis shows that, while PKTAPP is more efficient for authenticating to a single server, PKCROSS outperforms the simpler protocol if there are two or more remote servers per remote realm. This heuristic can be used to guide a high-level protocol that combines both methods of Authentication to improve performance.
Sanjeev Pippal - One of the best experts on this subject based on the ideXlab platform.
-
an efficient schema shared approach for cloud based multitenant database with Authentication and authorization framework
2011 International Conference on P2P Parallel Grid Cloud and Internet Computing, 2011Co-Authors: Sanjeev Pippal, Vishu Sharma, Shakti Mishra, Dharmender Singh KushwahaAbstract:Software-as-a-Service (SaaS) is a service model for delivering application as cloud services over the internet on subscription basis to multiple clients. This has forced the use of shared databases termed as multitenant databases. Multitenancy refers to a technology where a single instance of application serves requests from multiple clients. The word Tenant refers to a single organization (eg. an Institution) or person. In our proposed approach, shared database shared schema approach has been proposed that offers larger number of tenants (Educational Institutions) per database server as the single database serves the database requirements of multiple Institutions. Authentication and authorization are prime requirements when dealing with multitenancy. Kerberos Authentication protocol is used on the top of multitenant database for participating educational institution in a heterogeneous environment, where a tenant can also voluntarily participate in the data centre.
-
an efficient schema shared approach for cloud based multitenant database with Authentication and authorization framework
2011 International Conference on P2P Parallel Grid Cloud and Internet Computing, 2011Co-Authors: Sanjeev Pippal, Vishu Sharma, Shakti Mishra, Dharmender Singh KushwahaAbstract:Software-as-a-Service (SaaS) is a service model for delivering application as cloud services over the internet on subscription basis to multiple clients. This has forced the use of shared databases termed as multitenant databases. Multitenancy refers to a technology where a single instance of application serves requests from multiple clients. The word Tenant refers to a single organization (eg. an Institution) or person. In our proposed approach, shared database shared schema approach has been proposed that offers larger number of tenants (Educational Institutions) per database server as the single database serves the database requirements of multiple Institutions. Authentication and authorization are prime requirements when dealing with multitenancy. Kerberos Authentication protocol is used on the top of multitenant database for participating educational institution in a heterogeneous environment, where a tenant can also voluntarily participate in the data centre.
Rodriguez, Jorge Luis - One of the best experts on this subject based on the ideXlab platform.
-
Distributing CMS Data between the Florida T2 and T3 Centers using Lustre and Xrootd-fs
FIU Digital Commons, 2014Co-Authors: Kaganas Gary, Rodriguez, Jorge Luis, Chen Mengxing, Avery P., Bourilkov D., Fu Y., Palencia J.Abstract:We have developed remote data access for large volumes of data over the Wide Area Network based on the Lustre filesystem and Kerberos Authentication for security. In this paper we explore a prototype for two-step data access from worker nodes at Florida Tier3 centers, located behind a firewall and using a private network, to data hosted on the Lustre filesystem at the University of Florida CMS Tier2 center. At the Tier3 center we use a client which mounts securely the Lustre filesystem and hosts an XrootD server. The worker nodes access the data from the Tier3 client using POSIX compliant tools via the XrootD-fs filesystem. We perform scalability tests with up to 200 jobs running in parallel on the Tier3 worker nodes
-
Distributing CMS Data between the Florida T2 and T3 Centers using Lustre and Xrootd-fs
2013Co-Authors: Rodriguez, Jorge LuisAbstract:We have developed remote data access for large volumes of data over the Wide Area Network based on the Lustre filesystem and Kerberos Authentication for security. In this paper we explore a prototype for two-step data access from worker nodes at Florida Tier3 centers, located behind a firewall and using a private network, to data hosted on the Lustre filesystem at the University of Florida CMS Tier2 center. The Tier2-Tier3 links are 10 Gigabit per second, and the typical round trip times are 10-15 msec. For each Tier3 center we use a client which mounts securely the Lustre filesystem and hosts an XrootD server. The worker nodes access the data from the Tier3 client using POSIX compliant tools via the XrootD-fs filesystem. We perform scalability tests with up to 200 jobs running in parallel on the Tier3 worker nodes
