Lightweight MPI Communicators with Applications to Perfectly Balanced Quicksort

MPI uses the concept of communicators to connect groups of processes. It provides nonblocking collective operations on communicators to overlap communication and computation. Flexible algorithms demand flexible communicators. E.g., a process can work on different subproblems within different process groups simultaneously, new process groups can be created, or the members of a process group can change. Depending on the number of communicators, the time for communicator creation can drastically increase the running time of the algorithm. Furthermore, a new communicator synchronizes all processes as communicator creation routines are blocking collective operations. We present RBC, a communication library based on MPI, that creates range-based communicators in constant time without communication. These RBC communicators support (non)blocking point-to-point communication as well as (non)blocking collective operations. Our experiments show that the library reduces the time to create a new communicator by a factor of more than 400 whereas the running time of collective operations remains about the same. We propose Janus Quicksort, a distributed sorting algorithm that avoids any load imbalances. We improved the performance of this algorithm by a factor of 15 for moderate inputs by using RBC communicators. Finally, we discuss different approaches to bring nonblocking (local) communicator creation of lightweight (range-based) communicators into MPI

A Survey on Cryptography Key Management Schemes for Smart Grid

A Smart grid is a modern electricity delivery system. It is an integration of energy systems and other necessary elements including traditional upgrades and new grid technologies with renewable generation and increased consumer storage. It uses information and communication technology (ICT) to operate, monitor and control data between the generation source and the end user. Smart grids have duplex power flow and communication to achieve high efficiency, reliability, environmental, economics, security and safety standards. However, along with unique facilities, smart grids face security challenges such as access control, connectivity, fault tolerance, privacy, and other security issues. Cyber-attacks, in the recent past, on critical infrastructure including smart grids have highlighted security as a major requirement for smart grids. Therefore, cryptography and key management are necessary for smart grids to become secure and realizable. Key management schemes are processes of key organizational frameworks, distribution, generation, refresh and key storage policies. Currently, several secure schemes, related to key management for smart grid have been proposed to achieve end-to-end secure communication. This paper presents a comprehensive survey and discussion on the current state of the key management of smart grids

Anonymous Key Generation Technique with Contributory Broadcast Encryption

Encryption is used in a communication system to secure information in the transmitted messages from anyone other than the well-intended receiver. To perform the encryption and decryption the transmitter and receiver should have matching encryption and decryption keys. For sending safeguard information to group needed broadcast encryption (BE). BE allows a sender to securely broadcast to any subset of members and require a trusted party to distribute decryption keys. Group key agreement (GKA) protocol allows a number of users to establish a common secret channel via open networks. Observing that a major goal of GKA for most applications is to create a confidential channel among group members, but a sender cannot omit any particular member from decrypting the cipher texts. By bridging BE and GKA notion with a hybrid primitive referred to as contributory broadcast encryption (CBE). With these primitives, a group of members move through a common public encryption key while each member having there decryption key. A sender seeing the public group encryption key can limit the decryption to subset of members of sender’s choice. A simple way to generate these keys is to use the public key distribution system invented by Diffie and Hellman. That system, however, pass only one pair of communication stations to share a particular pair of encryption and decryption keys. Key distribution sets are used to generate keys and Elliptic Curve Cryptography (ECC) is used for the encryption and decryption of documents; and this going to provide the security for the documents over group communication

Efficient Security Protocols for Fast Handovers in Wireless Mesh Networks

Wireless mesh networks (WMNs) are gaining popularity as a flexible and inexpensive replacement for Ethernet-based infrastructures. As the use of mobile devices such as smart phones and tablets is becoming ubiquitous, mobile clients should be guaranteed uninterrupted connectivity and services as they move from one access point to another within a WMN or between networks. To that end, we propose a novel security framework that consists of a new architecture, trust models, and protocols to offer mobile clients seamless and fast handovers in WMNs. The framework provides a dynamic, flexible, resource-efficient, and secure platform for intra-network and inter-network handovers in order to support real-time mobile applications in WMNs. In particular, we propose solutions to the following problems: authentication, key management, and group key management. We propose (1) a suite of certificate-based authentication protocols that minimize the authentication delay during handovers from one access point to another within a network (intra-network authentication). (2) a suite of key distribution and authentication protocols that minimize the authentication delay during handovers from one network to another (inter-network authentication). (3) a new implementation of group key management at the data link layer in order to reduce the group key update latency from linear time (as currently done in IEEE 802.11 standards) to logarithmic time. This contributes towards minimizing the latency of the handover process for mobile members in a multicast or broadcast group

Ternary Tree Based Approach For Accessing the Resources By Overlapping Members in Cloud Computing

In cloud computing, immediate access of resources is important due to cost incurred to customer by pay per use model of cloud computing. Usually resource is protected by using cryptography technique. The resource may be shared by multiple members in group. There can be overlapping members to access the multiple resources. Group key management is important to form the group key to access the resource. Group key formation time is crucial for immediate access of protected resource in cloud computing. Thus ternary tree based approach is proposed to form the key for overlapping members accessing resources. Membership event such as join and leave also considered. Through the analysis, it is found that computational overhead is reduced by 23% if ternary key trees are combined than independent ternary key trees. It is also observed that combined ternary key tree outperforms the combined binary key tree approach for group key formation by considering overlapping members. Security requirement analysis of group membership for key formation is also provided in the paper

Securing Fog Federation from Behavior of Rogue Nodes

As the technological revolution advanced information security evolved with an increased need for confidential data protection on the internet. Individuals and organizations typically prefer outsourcing their confidential data to the cloud for processing and storage. As promising as the cloud computing paradigm is, it creates challenges; everything from data security to time latency issues with data computation and delivery to end-users. In response to these challenges CISCO introduced the fog computing paradigm in 2012. The intent was to overcome issues such as time latency and communication overhead and to bring computing and storage resources close to the ground and the end-users. Fog computing was, however, considered an extension of cloud computing and as such, inherited the same security and privacy challenges encountered by traditional cloud computing. These challenges accelerated the research community\u27s efforts to find practical solutions. In this dissertation, we present three approaches for individual and organizational data security and protection while that data is in storage in fog nodes or in the cloud. We also consider the protection of these data while in transit between fog nodes and the cloud, and against rogue fog nodes, man-in-the-middle attacks, and curious cloud service providers. The techniques described successfully satisfy each of the main security objectives of confidentiality, integrity, and availability. Further we study the impact of rogue fog nodes on end-user devices. These approaches include a new concept, the Fog-Federation (FF): its purpose to minimize communication overhead and time latency between the Fog Nodes (FNs) and the Cloud Service Provider (CSP) during the time the system is unavailable as a rogue Fog Node (FN) is being ousted. Further, we considered the minimization of data in danger of breach by rogue fog nodes. We demonstrate the efficiency and feasibility of each approach by implementing simulations and analyzing security and performance

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Scalable and Secure Dynamic Key Management and Channel Aware Routing in Mobile Adhoc Networks

A MANET (Mobile Ad-hoc Network) is an infrastructure-less self configuring wireless networks of routers. Key management is at the center of providing network security via cryptographic mechanisms with a high-availability feature. Dynamic key is the efficient assistance for network scalability. Routing protocol used here is a form of reactive routing called CA-AOMDV and compared with Table driven routing called DSDV. Channel aware routing protocol quality of the channel which can be measured in terms of suitable metrics. This paper leads to an emphasis on Black hole attack and to develop a dynamic key framework using RSA algorithm

User-Centric Security and Privacy Mechanisms in Untrusted Networking and Computing Environments

Our modern society is increasingly relying on the collection, processing, and sharing of digital information. There are two fundamental trends: (1) Enabled by the rapid developments in sensor, wireless, and networking technologies, communication and networking are becoming more and more pervasive and ad hoc. (2) Driven by the explosive growth of hardware and software capabilities, computation power is becoming a public utility and information is often stored in centralized servers which facilitate ubiquitous access and sharing. Many emerging platforms and systems hinge on both dimensions, such as E-healthcare and Smart Grid. However, the majority information handled by these critical systems is usually sensitive and of high value, while various security breaches could compromise the social welfare of these systems. Thus there is an urgent need to develop security and privacy mechanisms to protect the authenticity, integrity and confidentiality of the collected data, and to control the disclosure of private information. In achieving that, two unique challenges arise: (1) There lacks centralized trusted parties in pervasive networking; (2) The remote data servers tend not to be trusted by system users in handling their data. They make existing security solutions developed for traditional networked information systems unsuitable. To this end, in this dissertation we propose a series of user-centric security and privacy mechanisms that resolve these challenging issues in untrusted network and computing environments, spanning wireless body area networks (WBAN), mobile social networks (MSN), and cloud computing. The main contributions of this dissertation are fourfold. First, we propose a secure ad hoc trust initialization protocol for WBAN, without relying on any pre-established security context among nodes, while defending against a powerful wireless attacker that may or may not compromise sensor nodes. The protocol is highly usable for a human user. Second, we present novel schemes for sharing sensitive information among distributed mobile hosts in MSN which preserves user privacy, where the users neither need to fully trust each other nor rely on any central trusted party. Third, to realize owner-controlled sharing of sensitive data stored on untrusted servers, we put forward a data access control framework using Multi-Authority Attribute-Based Encryption (ABE), that supports scalable fine-grained access and on-demand user revocation, and is free of key-escrow. Finally, we propose mechanisms for authorized keyword search over encrypted data on untrusted servers, with efficient multi-dimensional range, subset and equality query capabilities, and with enhanced search privacy. The common characteristic of our contributions is they minimize the extent of trust that users must place in the corresponding network or computing environments, in a way that is user-centric, i.e., favoring individual owners/users