Flexible Session Management in a Distributed Environment
Zach Miller, Dan Bradley, Todd Tannenbaum, Igor Sfiligoi
TL;DR
This paper introduces CEDAR, a layered secure communication library for distributed systems that improves scalability, reduces latency, and supports UDP channels by separating authentication, session, and communication layers.
Contribution
The paper presents CEDAR's layered architecture, enabling flexible session management, session delegation, and support for UDP, which enhances scalability and security in distributed computing.
Findings
CEDAR reduces connection setup latency.
Delegated sessions improve scalability.
Supports secure channels over UDP.
Abstract
Many secure communication libraries used by distributed systems, such as SSL, TLS, and Kerberos, fail to make a clear distinction between the authentication, session, and communication layers. In this paper we introduce CEDAR, the secure communication library used by the Condor High Throughput Computing software, and present the advantages to a distributed computing system resulting from CEDAR's separation of these layers. Regardless of the authentication method used, CEDAR establishes a secure session key, which has the flexibility to be used for multiple capabilities. We demonstrate how a layered approach to security sessions can avoid round-trips and latency inherent in network authentication. The creation of a distinct session management layer allows for optimizations to improve scalability by way of delegating sessions to other components in the system. This session delegation…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.