Abstract
Traditional software and security patch update delivery mechanisms rely on a client/server approach where clients pull updates from servers regularly. This approach, however, suffers a high window of vulnerability (WOV) for clients and the risk of a single point of failure. Overlay-based information dissemination schemes overcome these problems, but often incur high infrastructure cost to set up and maintain individual information dissemination networks. Against this backdrop, we propose iDispatcher, a planet-scale, flexible and secure information dissemination platform. iDispatcher uses a hybrid approach with both push- and pull-based information dissemination to reduce the WOV period and achieve high distribution coverage. iDispatcher also uses a peer-to-peer based architecture to achieve higher scalability. We develop a self-contained key management mechanism for iDispatcher. Our prototype for iDispatcher is deployed on more than 500 PlanetLab nodes distributed around the world. Experimental results show that iDispatcher can have small dissemination latency for time-critical applications, is highly tunable to optimize the tradeoff between bandwidth and latency, and works resiliently against different attacks such as flooding attacks.
Similar content being viewed by others
References
Gkantsidis C, Karagiannis T, VojnoviC M (2006) Planet scale software updates. In: SIGCOMM ’06: proceedings of the 2006 conference on applications, technologies, architectures, and protocols for computer communications. ACM, New York, NY, USA, pp 423–434
Li J, Reiher P, Popek G (2004) Resilient self-organizing overlay networks for security update delivery. IEEE J Sel Area Comm 1:189–202
Fast code dissemination in Twitter data center. http://engineering.twitter.com/2010/07/murder-fast-datacenter-code-deploys.html. Accessed Feb 2011
Code-Red worm propagation. http://www.caida.org/research/security/code-red/coderedv2_analysis.xml. Accessed Feb 2011
Deshpande M, Xing B, Lazardis I, Hore B, Venkatasubramanian N, Mehrotra S (2006) Crew: a gossip-based flash-dissemination system. In: Proceedings of the 26th IEEE international conference on distributed computing systems, ICDCS ’06. IEEE Computer Society, Washington, DC, USA, pp 45
Wu C-J, Li C-Y, Yang K-H, Ho J-M, Chen M-S (2009) Time-critical data dissemination in cooperative peer-to-peer systems. In: Proceedings of the 28th IEEE conference on Global telecommunications, GLOBECOM’09. IEEE Press, Piscataway, NJ, USA, pp 2942–2947
Costa M, Crowcroft J, Castro M, Rowstron A, Zhou L, Zhang L, Barham P (2005) Vigilante: end-to-end containment of internet worms. In: Proceedings of the symposium on Systems and Operating Systems Principles (SOSP), pp 133–147
Adams J (2010) Operations at Twitter: scaling beyond 100 million users. LISA. http://www.usenix.org/event/lisa10/tech/slides/adams.pdf
Fast code dissemination in Facebook data center. http://torrentfreak.com/facebook-uses-bittorrent-and-they-love-it-100625/. Accessed Feb 2011
Delaet T, Joosen W, Vanbrabant B (2010) A survey of system configuration tools. In: Proceedings of the 24th international conference on large installation system administration, LISA’10. USENIX Association, Berkeley, CA, USA, pp 1–8
iDispatcher: implementation and source codes. http://www.cs.ucr.edu/∼rahmanm/iDispatcher/. Accessed June 2011
PlanetLab. An open platform for developing, deploying, and accessing planetary-scale services. http://www.planet-lab.org/. Accessed Feb 2011
Red Hat network. http://www.redhat.com/red_hat_network/. Accessed Feb 2011
Mac OS X. Updating your software. http://support.apple.com/kb/HT1338?viewlocale=en_US. Accessed Feb 2011
Torrent Fedora project. http://torrent.fedoraproject.org/. Accessed Feb 2011
Serenyi D, Witten B (2008) Rapidupdate: peer-assisted distribution of security content. In: IPTPS 2008, the 7th international workshop on peer-to-peer systems, pp 423–434
Vojnovic M, Ganesh AJ (2008) On the race of worms, alerts, and patches. IEEE/ACM Trans Netw 16:1066–1079
Xie L, Song H, Zhu S (2008) On the effectiveness of internal patching against file-sharing worms. In: Proceedings of the 6th international conference on applied cryptography and network security, ACNS’08. Springer-Verlag, Berlin, Heidelberg, pp 1–20
Johansen HD, Johansen D, van Renesse R (2007) Firepatch: secure and time-critical dissemination of software patches. In: SEC, pp 373–384
Capistrano. http://en.wikipedia.org/wiki/Capistrano. Accessed Feb 2011
Distributed hash table (dht). http://en.wikipedia.org/wiki/Distributed_hash_table. Accessed Dec 2011
Samuel J, Mathewson N, Cappos J, Dingledine R (2010) Survivable key compromise in software update systems. In: Proceedings of the 17th ACM conference on computer and communications security, CCS ’10. ACM, New York, NY, USA, pp 61–72
Levine BN, Shields C, Margolin NB (2006) A survey of solutions to the Sybil attack. Tech Rep 2006-052, University of Massachusetts Amherst
Maymounkov P, Mazières D (2002) Kademlia: a peer-to-peer information system based on the xor metric. In: IPTPS ’01: revised papers from the first international workshop on peer-to-peer systems. Springer-Verlag, London, UK, pp 53–65
PGM Reliable Transport Protocol Specification (2001) RFC 3208 (Experimental)2001
Openssl library. http://www.openssl.org/. Accessed Feb 2011
Author information
Authors and Affiliations
Corresponding author
Additional information
The work is partially supported by Los Alamos National Laboratory, NM. Los Alamos National Laboratory Publication No. LA-UR 11-02386
Rights and permissions
About this article
Cite this article
Rahman, M.S., Yan, G., Madhyastha, H.V. et al. iDispatcher: A unified platform for secure planet-scale information dissemination. Peer-to-Peer Netw. Appl. 6, 46–60 (2013). https://doi.org/10.1007/s12083-012-0128-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-012-0128-8