mSSL: Extending SSL to Support Data Sharing Among Collaborative Clients

[aruljothi]

Client-server applications often do not scale well when a large number of clients access a single server. To solve this, a new trend is to allow a client to download data from other peer clients, in addition to from the server directly. This paradigm, which we call the hybrid peer-to-peer paradigm, is friendly to the server?s scalability, but also faces new security challenges. For example, how can the server authenticate its clients and support data confidentiality? How can a client trust the data downloaded from other clients? What if a client refuses to acknowledge the service it received or overstates the service it offered?

In this paper, we present a protocol, called mSSL, that provides a set of security functions to enable secure sharing of the data of a server among its clients. In addition to access control and confidentiality support, mSSL provides an original design on supporting data integrity and proof of service in this new context. Our evaluation further shows that mSSL has a reasonable overhead.