Lee, Man Hee (2008-08). Architectural support for enhancing security in clusters. Doctoral Dissertation. Thesis uri icon


  • Cluster computing has emerged as a common approach for providing more comput-
    ing and data resources in industry as well as in academia. However, since cluster
    computer developers have paid more attention to performance and cost e?ciency
    than to security, numerous security loopholes in cluster servers come to the forefront.
    Clusters usually rely on ?rewalls for their security, but the ?rewalls cannot prevent
    all security attacks; therefore, cluster systems should be designed to be robust to
    security attacks intrinsically.
    In this research, we propose architectural supports for enhancing security of clus-
    ter systems with marginal performance overhead. This research proceeds in a bottom-
    up fashion starting from enforcing each cluster component's security to building an
    integrated secure cluster. First, we propose secure cluster interconnects providing con-
    ?dentiality, authentication, and availability. Second, a security accelerating network
    interface card architecture is proposed to enable low performance overhead encryption
    and authentication. Third, to enhance security in an individual cluster node, we pro-
    pose a secure design for shared-memory multiprocessors (SMP) architecture, which
    is deployed in many clusters. The secure SMP architecture will provide con?dential
    communication between processors. This will remove the vulnerability of eavesdrop-
    ping attacks in a cluster node. Finally, to put all proposed schemes together, we
    propose a security/performance trade-o(R) model which can precisely predict performance of an integrated secure cluster.

ETD Chair

  • Kim, Eun  Associate Professor - Term Appoint

publication date

  • August 2008