13,466 research outputs found
Anonymity and Confidentiality in Secure Distributed Simulation
Research on data confidentiality, integrity and availability is gaining
momentum in the ICT community, due to the intrinsically insecure nature of the
Internet. While many distributed systems and services are now based on secure
communication protocols to avoid eavesdropping and protect confidentiality, the
techniques usually employed in distributed simulations do not consider these
issues at all. This is probably due to the fact that many real-world simulators
rely on monolithic, offline approaches and therefore the issues above do not
apply. However, the complexity of the systems to be simulated, and the rise of
distributed and cloud based simulation, now impose the adoption of secure
simulation architectures. This paper presents a solution to ensure both
anonymity and confidentiality in distributed simulations. A performance
evaluation based on an anonymized distributed simulator is used for quantifying
the performance penalty for being anonymous. The obtained results show that
this is a viable solution.Comment: Proceedings of the IEEE/ACM International Symposium on Distributed
Simulation and Real Time Applications (DS-RT 2018
Pretty Private Group Management
Group management is a fundamental building block of today's Internet
applications. Mailing lists, chat systems, collaborative document edition but
also online social networks such as Facebook and Twitter use group management
systems. In many cases, group security is required in the sense that access to
data is restricted to group members only. Some applications also require
privacy by keeping group members anonymous and unlinkable. Group management
systems routinely rely on a central authority that manages and controls the
infrastructure and data of the system. Personal user data related to groups
then becomes de facto accessible to the central authority. In this paper, we
propose a completely distributed approach for group management based on
distributed hash tables. As there is no enrollment to a central authority, the
created groups can be leveraged by various applications. Following this
paradigm we describe a protocol for such a system. We consider security and
privacy issues inherently introduced by removing the central authority and
provide a formal validation of security properties of the system using AVISPA.
We demonstrate the feasibility of this protocol by implementing a prototype
running on top of Vuze's DHT
Recommended from our members
Secure Anonymous Routing for MANETs Using Distributed Dynamic Random Path Selection
Most of the MANET security research has so far focused on providing routing security and confidentiality to the data packets, but less has been done to ensure privacy and anonymity of the communicating entities. In this paper, we propose a routing protocol which ensures anonymity, privacy of the user. This is achieved by randomly selecting next hop at each intermediate. This protocol also provides data security using public key ciphers. The protocol is simulated using in-house simulator written in C with OpenSSL crypto APIs. The robustness of our protocol is evaluated against known security attacks
On Secure Workflow Decentralisation on the Internet
Decentralised workflow management systems are a new research area, where most
work to-date has focused on the system's overall architecture. As little
attention has been given to the security aspects in such systems, we follow a
security driven approach, and consider, from the perspective of available
security building blocks, how security can be implemented and what new
opportunities are presented when empowering the decentralised environment with
modern distributed security protocols. Our research is motivated by a more
general question of how to combine the positive enablers that email exchange
enjoys, with the general benefits of workflow systems, and more specifically
with the benefits that can be introduced in a decentralised environment. This
aims to equip email users with a set of tools to manage the semantics of a
message exchange, contents, participants and their roles in the exchange in an
environment that provides inherent assurances of security and privacy. This
work is based on a survey of contemporary distributed security protocols, and
considers how these protocols could be used in implementing a distributed
workflow management system with decentralised control . We review a set of
these protocols, focusing on the required message sequences in reviewing the
protocols, and discuss how these security protocols provide the foundations for
implementing core control-flow, data, and resource patterns in a distributed
workflow environment
- …