Maintaining High Assurance in Asynchronous Messaging

Abstract

Asynchronous messaging is the delivery of a message without waiting for the intended recipient to respond or acknowledge the message. This solution works for distributed systems communication, in which different systems may or may not be available at the same time. Asynchronous messaging solutions often use a message queue that holds messages to be picked up by the recipient. Although communication with the queue can be secured using lower layer protocols, such as Transport Layer Security (TLS), this does not provide end-to-end security for the sender and receiver. The queuing system acts as a man-in-the-middle, negating authentication, integrity, and confidentiality guarantees. End-to-end security for asynchronous messaging must be provided by the asynchronous messaging layer itself. This paper discusses current asynchronous messaging models and proposes methods for providing end-to-end asynchronous messaging security in a high assurance environment.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 24, 2015
Accession Number
AD1013646

Entities

People

  • Kevin E. Foltz
  • William R. Simpson

Organizations

  • Institute for Defense Analyses

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Application Protocols
  • Communication Channels
  • Computer Networks
  • Computer Science
  • Computers
  • Electronic Mail
  • Electronic Messaging
  • Information Systems
  • Mobile Phones
  • Network Protocols
  • Network Science
  • Security
  • Text Messaging
  • Transport Protocols

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Cybersecurity.