Naming and sharing resources across administrative boundaries

I tackle the problem of naming and sharing resources across administrative boundaries. Conventional systems manifest the hierarchy of typical administrative structure in the structure of their own mechanism. While natural for communication that follows hierarchical patterns, such systems interfere with naming and sharing that cross administrative boundaries, and therefore cause headaches for both users and administrators. I propose to organize resource naming and security, not around administrative domains, but around the sharing patterns of users. The dissertation is organized into four main parts. First, I discuss the challenges and tradeoffs involved in naming resources and consider a variety of existing approaches to naming. Second, I consider the architectural requirements for user-centric sharing. I evaluate existing systems with respect to these requirements. Third, to support the sharing architecture, I develop a formal logic of sharing that captures the notion of restricted delegation. Restricted delegation ensures that users can use the same mechanisms to share resources consistently, regardless of the origin of the resource, or with whom the user wishes to share the resource next. A formal semantics gives unambiguous meaning to the logic. I apply the formalism to the Simple Public Key Infrastructure and discuss how the formalism either supports or discourages potential extensions to such a system. Finally, I use the formalism to drive a user-centric sharing implementation for distributed systems. I show how this implementation enables end-to-end authorization, a feature that makes heterogeneous distributed systems more secure and easier to audit. Conventionally, gateway services that bridge administrative domains, add abstraction, or translate protocols typically impede the flow of authorization information from client to server. In contrast, end-to-end authorization enables us to build gateway services that preserve authorization information, hence we reduce the size of the trusted computing base and enable more effective auditing. I demonstrate my implementation and show how it enables end-to-end authorization across various boundaries. I measure my implementation and argue that its performance tracks that of similar authorization mechanisms without end-to-end structure. I conclude that my user-centric philosophy of naming and sharing benefits both users and administrators

Secure communication in IP-based wireless sensor network via a trusted gateway

As the IP-integration of wireless sensor networks enables end-to-end interactions, solutions to appropriately secure these interactions with hosts on the Internet are necessary. At the same time, burdening wireless sensors with heavy security protocols should be avoided. While Datagram TLS (DTLS) strikes a good balance between these requirements, it entails a high cost for setting up communication sessions. Furthermore, not all types of communication have the same security requirements: e.g. some interactions might only require authorization and do not need confidentiality. In this paper we propose and evaluate an approach that relies on a trusted gateway to mitigate the high cost of the DTLS handshake in the WSN and to provide the flexibility necessary to support a variety of security requirements. The evaluation shows that our approach leads to considerable energy savings and latency reduction when compared to a standard DTLS use case, while requiring no changes to the end hosts themselves

Authentication and Authorization for the front-end web developer

Traditional web pages are hosted and served through a web server that are executed in a web browser in the user’s devices. Advancement in technologies used to create web pages has led to a paradigm shift in web development, leading to concepts such as front-end and back-end. Browser-based technologies, particularly JavaScript, has seen enormous advancements in functionalities and capabilities. This led to a possibility of creating standalone web applications capable of running in the browser and relying on the back-end server only for data. This is corroborated by the rise and popularity of various JavaScript frameworks that are used by default when creating web applications in modern times. As code running on a web browser can be inspected by anyone, this led to a challenge in incorporating authentication and authorization. Particularly because storing user credentials and secrets on the web browser code is not secure in any way. This thesis explores and documents authentication and authorization methods that can be securely implemented in a front-end web application. Token-based authentication and authorization has become widely accepted as the solution. OpenID Connect and OAuth 2.0 protocols were explored, which are the most commonly used token-based solution for authentication and authorization. Furthermore, three use-cases were described that used token-based solutions in real world client projects

Authorization Framework for the Internet-of-Things

This paper describes a framework that allows fine-grained and flexible access control to connected devices with very limited processing power and memory. We propose a set of security and performance requirements for this setting and derive an authorization framework distributing processing costs between constrained devices and less constrained back-end servers while keeping message exchanges with the constrained devices at a minimum. As a proof of concept we present performance results from a prototype implementing the device part of the framework

AAA architectures applied in multi-domain IMS (IP multimedia subsystem)

There is a group of communication services that use\ud resources from multiple domains in order to deliver their service.\ud Authorization of the end-user is important for such services,\ud because several domains are involved. There are no current\ud solutions for delivering authentication, authorization and\ud accounting (AAA) to multi-domain services. In our study we\ud present two architectures for the delivery of AAA to such\ud services. The architectures are analyzed on their qualitative\ud aspects. A result of this analysis is that direct interconnection of\ud AAA servers is an effective architectural solution. In current\ud multi-domain IP Multimedia Subsystem (IMS) architectures,\ud direct interconnection of AAA servers, such as the Home\ud Subscriber Servers (HSS), is not yet possible. In this paper we\ud argue and recommend to extend the IMS specification by adding\ud a new interface to HSS in order to support the direct\ud interconnection of HSS/AAA servers located in different IMS\ud administrative domains

Providing Authentication & Authorization Mechanisms for Active Service Charging

Active network technology enables fast deployment of new network services tailored to the specific needs of end users, among others features. Nevertheless proper charging for these new added value services require suitable authentication and authorization mechanisms. In this article we describe a security architecture for SARA (Simple Active Router-Assistant) architecture, an active network platform deployed in the context of the IST-GCAP project. The proposed solution provides all the required security features, and it also grants proper scalability of the overall system, by using a distributed key-generation algorithm.Publicad

The Long Arm of the Law: Executive Overreach and the AUMF

Since World War II, the executive branch has dominated foreign policy and national security decisions, expanding war powers well beyond the president’s constitutional purview. Aided by a complicit Congress, the president has bypassed the legislator and unilaterally prosecuted some of the United States’ bloodiest conflicts. Continuing this tradition of executive overreach, Congress passed the Authorization for the Use of Military Force (AUMF) on September 14, 2001, which ostensibly empowered the president to pursue those responsible for the 9/11 attacks, namely al Qaeda and the nations supporting them. However, the broadly-worded force authorization and equally far-reaching legal interpretations by the executive branch turned the AUMF into a nearly limitless authorization. Since its passage, the AUMF has provided the legal backstop for the war in Afghanistan, drone strikes in Yemen, Somalia, Pakistan, and elsewhere, National Security Agency surveillance, and the Guantanamo Bay detention facility. Enabled by the AUMF, the “war on terror” has eroded civil liberties, allowed extrajudicial killings, and transformed the conflict with al Qaeda into a war without end. In order to end the destructive legacies of the war on terror and begin to reverse the trend of executive overreach, Congress and the president should repeal the AUMF and update the force authorization regime

DCSS protocol for data caching and sharing security in a 5G network

Fifth Generation mobile networks (5G) promise to make network services provided by various Service Providers (SP) such as Mobile Network Operators (MNOs) and third-party SPs accessible from anywhere by the end-users through their User Equipment (UE). These services will be pushed closer to the edge for quick, seamless, and secure access. After being granted access to a service, the end-user will be able to cache and share data with other users. However, security measures should be in place for SP not only to secure the provisioning and access of those services but also, should be able to restrict what the end-users can do with the accessed data in or out of coverage. This can be facilitated by federated service authorization and access control mechanisms that restrict the caching and sharing of data accessed by the UE in different security domains. In this paper, we propose a Data Caching and Sharing Security (DCSS) protocol that leverages federated authorization to provide secure caching and sharing of data from multiple SPs in multiple security domains. We formally verify the proposed DCSS protocol using ProVerif and applied pi-calculus. Furthermore, a comprehensive security analysis of the security properties of the proposed DCSS protocol is conducted

Semi-autonomous, context-aware, agent using behaviour modelling and reputation systems to authorize data operation in the Internet of Things

In this paper we address the issue of gathering the "informed consent" of an end user in the Internet of Things. We start by evaluating the legal importance and some of the problems linked with this notion of informed consent in the specific context of the Internet of Things. From this assessment we propose an approach based on a semi-autonomous, rule based agent that centralize all authorization decisions on the personal data of a user and that is able to take decision on his behalf. We complete this initial agent by integrating context-awareness, behavior modeling and community based reputation system in the algorithm of the agent. The resulting system is a "smart" application, the "privacy butler" that can handle data operations on behalf of the end-user while keeping the user in control. We finally discuss some of the potential problems and improvements of the system.Comment: This work is currently supported by the BUTLER Project co-financed under the 7th framework program of the European Commission. published in Internet of Things (WF-IoT), 2014 IEEE World Forum, 6-8 March 2014, Seoul, P411-416, DOI: 10.1109/WF-IoT.2014.6803201, INSPEC: 1425565