Lee, Man Hee (2008-08). Architectural support for enhancing security in clusters. Doctoral Dissertation.
Cluster computing has emerged as a common approach for providing more comput-
ing and data resources in industry as well as in academia. However, since cluster
computer developers have paid more attention to performance and cost e?ciency
than to security, numerous security loopholes in cluster servers come to the forefront.
Clusters usually rely on ?rewalls for their security, but the ?rewalls cannot prevent
all security attacks; therefore, cluster systems should be designed to be robust to
security attacks intrinsically.
In this research, we propose architectural supports for enhancing security of clus-
ter systems with marginal performance overhead. This research proceeds in a bottom-
up fashion starting from enforcing each cluster component's security to building an
integrated secure cluster. First, we propose secure cluster interconnects providing con-
?dentiality, authentication, and availability. Second, a security accelerating network
interface card architecture is proposed to enable low performance overhead encryption
and authentication. Third, to enhance security in an individual cluster node, we pro-
pose a secure design for shared-memory multiprocessors (SMP) architecture, which
is deployed in many clusters. The secure SMP architecture will provide con?dential
communication between processors. This will remove the vulnerability of eavesdrop-
ping attacks in a cluster node. Finally, to put all proposed schemes together, we
propose a security/performance trade-o(R) model which can precisely predict performance of an integrated secure cluster.
Kim, Eun Associate Professor - Term Appoint