A Complete Secure Transport Service in the Internet

designed for the COMANDOS1 [1] distributed operating system platform, which may run on bare machines or over UNIX environments, using Internet protocols as a communication infrastructure. A secure transport service for secure communications between kernels was developed. As kernels use different transport protocols like TCP and UDP in broadcast, we implemented a general secure transport service for all these protocols. Another requirement in COMANDOS was that the introduction of the secure transport service had to have the least possible impact on the kernel code. These requirements led us to adopt the standard UNIX socket interface to also provide security transport services. Secure communications are becoming a necessity in computer networks. Nowadays, an increasing number of distributed applications are designed to support security aspects. The work herein presented is based on the Kerberos authentication service, which is being introduced as a secure infrastructure for UNIX systems. In this paper we describe some extensions to the Kerberos authentication service and protocol that will allow it to support a complete secure transport service over a number of protocols: connection-oriented (TCP) (currently supported by Kerberos), connectionless (UDP) and multicast (UDP/broadcast) transport protocols. It will also be integrated with authentication of involved communication entities, and data confidentiality and integrity secure services. Moreover, the secure transport interface is exactly the same as the UNIX socket abstraction interface, which encapsulates security under a well-known interprocess communication interface. We also describe the usefulness of the new secure socket library. Currently, communication and secure services for distributed applications focus especially on: • Internet communication protocols TCP (Transmission Control Protocol) and UDP (User Datagram Protocol), which are currently the most widespread communication protocols around the world. Through them, nearly all distributed applications get a transport service. Essentially, the difference between the two services is that, whilst TCP is a connection-oriented and reliable service, UDP is a connectionless and nonreliable service. The paper begins by discussing the background of the service developed. There follows a description of the service, the protocol and the interface of the secure transport package developed. Finally, a description of the system library that contains the new secure transport service is given. • The Kerberos system [2,3,10], from MIT, one of the better and more popular mechanisms for providing authentication, mostly over UNIX systems. Taking the above considerations into account, we decided to develop a secure transport protocol, to provide a Secure Transport Service on top of the wellknown Internet transport protocols TCP and UDP, using the same application programming interface, and the well-known Kerberos Authentication service. In this way, the applications will run in the new environment without the need for any changes in their code. INTRODUCTION This paper describes how the Kerberos authentication service and protocol have been extended in order to support connectionless and multicast secure transport services. This work was developed from the requirements defined in the security architecture 1COMANDOS: Commission of the European Communities funded project, ESPRIT 2071. This work has also been co-funded by the Spanish government commission CICYT, through its project TIC-391: Distributed Systems.