Subtransport Level: The Right Place for End-to-End Security Mechanisms

Abstract

We argue that end-to-end authentication and privacy in loosely-coupled distributed systems are not only achievable by mechanisms at the host-to-host (i.e., subtransport) level under generally satisfiable conditions, but that this solution can be more advantageous than those based on security mechanisms at higher levels of the protocol hierarchy in terms of both functionality and performance. We introduce a model of communication security and a subtransport-level protocol called ADP (the Authenticated Datagram Protocol), which provides end-to-end authentication and privacy consistently with the definitions of the model. We then discuss the advantages of the subtransport approach, and present some experimental results from the measurement of a prototype of ADP that confirm the expected performance benefits of this approach.