Introduction
Online-auctioning of high-volume securities is one of the application domains with the highest security and dependability requirements. One of the problems with current solutions is that clients of the auctioning system typically deliver a vast number of bids in the very last seconds of an auction phase. Outages due to excessive load, security attacks, node, or link failures may result in significant financial losses for the auctioneer, not even to mention the immeasurable damage of customer confidence.
The solution approach of TRADE is based on the general concept of temporal decoupling: By relaxing the requirements for timeliness, the system properties for security and dependability can adaptively be optimized. In order to actually achieve the temporal decoupling, the client has to be provided with a facility for secure, accurate, and tamper-proof timestamps. For this purpose, smart cards with clocks will be used as secure client within the untrusted client computer and deploy a secure clock synchronization protocol.
The major research contributions of TRADE are well focused around three significant innovations: First, to provide a secure client within a given timeframe by focusing on the optimal software partitioning between smart card and untrusted operating system. Second, to provide for secure time synchronization between a server and a smart card. Third, to provide for adaptive run-time balancing of performance, security, and dependability, in order to foster the true potential of the integration of dependability and security concepts.
|