mSSL offers protected client-to-client data sharing in addition to other features.
Conventionally, a client needs to directly request data from a server. A new trend of data service over the Internet is to allow multiple clients, such as thousands of clients of a web server, to share data among themselves in a peer-to-peer fashion. This mechanism can potentially prevent a server from being overwhelmed when serving large audiences, and enable even an under-provisioned site to provide scalable data service. Accompanying this trend, however, are new security challenges that conventional client-server approaches such as SSL (secure socket layer) cannot address.
mSSL addresses these challenges. Clients can securely obtain data when needed, whether the data is from a server or other peer clients. Among the variety of security services that mSSL can provide are the following:
· Access control: Only authenticated data clients can obtain data, no matter where the data originates.
· Data integrity: An authenticated data client can verify the integrity of data.
· Data confidentiality: Data can be encrypted so that only authenticated clients can decrypt them.
· Proof of service: A client that has obtained data from another peer client C cannot deny the data service that he received from C.
mSSL was developed by Prof. Jun Li, Associate professor for UO’s Department of Computer and Information Science (CIS) and Director of the Network Security Research Laboratory.
Go to the Office of Technology Transfer