Decentralized trust in the inter-domain routing infrastructure

Inter-domain routing security is of critical importance to the Internet since it prevents unwanted traffic redirections. The current system is based on a Public Key Infrastructure (PKI), a centralized repository of digital certificates. However, the inherent centralization of such design creates tensions between its participants and hinders its deployment. In addition, some technical drawbacks of PKIs delay widespread adoption. In this paper we present IPchain, a blockchain to store the allocations and delegations of IP addresses. IPchain leverages blockchains' properties to decentralize trust among its participants, with the final goal of providing flexible trust models that adapt better to the ever-changing geopolitical landscape. Moreover, we argue that Proof of Stake is a suitable consensus algorithm for IPchain due to the unique incentive structure of this use-case, and that blockchains offer relevant technical advantages when compared to existing systems, such as simplified management. In order to show its feasibility and suitability, we have implemented and evaluated IPchain's performance and scalability storing around 350k IP prefixes in a 2.5 GB chain.Peer ReviewedPostprint (published version

Modelling, validating, and ranking of secure service compositions

This is the author accepted manuscript. The final version is available from the publisher via the DOI in this recordIn the world of large-scale applications, software as a service (SaaS) in general and use of microservices, in particular, is bringing service-oriented architectures to a new level: Systems in general and systems that interact with human users (eg, sociotechnical systems) in particular are built by composing microservices that are developed independently and operated by different parties. At the same time, SaaS applications are used more and more widely by enterprises as well as public services for providing critical services, including those processing security or privacy of relevant data. Therefore, providing secure and reliable service compositions is increasingly needed to ensure the success of SaaS solutions. Building such service compositions securely is still an unsolved problem. In this paper, we present a framework for modelling, validating, and ranking secure service compositions that integrate both automated services as well as services that interact with humans. As a unique feature, our approach for ranking services integrates validated properties (eg, based on the result of formally analysing the source code of a service implementation) as well as contractual properties that are part of the service level agreement and, thus, not necessarily ensured on a technical level

PLACES'10: The 3rd Workshop on Programmng Language Approaches to concurrency and Communication-Centric Software

Paphos, Cyprus. March 201

Security Issues in Distributed Systems - A survey

One important technology area in which researchers are interested is distributed systems technology. Distributed systems in general involve the interaction between diverse independent entities using a common language and protocols to achieve different conventional goals. Enterprises are now particularly growing, involving data sharing among distinct participating entities with the need of distributed resources and computing. This internet growth has meant that many distributed systems are open to the world, from where this has brought to a major problem: certifying that such systems are secure. By this approach it is essential tocover security and protection in distributed environments. This report survey emphasizes this aspect that provides a literature review between the collected papersto discuss some general security issues. The key ideas and techniques involved at these systems are studied. It defines what a secure system is, observes security policies from security mechanisms including authentication and authorization as major processes. Considers encryption as a cryptographic technique that is useful for data confidentiality and privacy than similarly, access control as an important feature that enables authority is also assessed monitoring some proposal models. Atthe same time denials of service attacks attempting to prevent legitimate users from accessing services are described observing different scenarios

Novel mechanism for evaluating feedback in the grid environment on resource allocation

The primary concern in proffering an infrastructure for general purpose computational grids formation is security. Grid implementations have been devised to deal with the security concerns. The chief factors that can be problematic in the secured selection of grid resources are the wide range of selection and the high degree of strangeness. Moreover, the lack of a higher degree of confidence relationship is likely to prevent efficient resource allocation and utilization. In this paper, we propose an efficient approach for the secured selection of grid resources, so as to achieve secure execution of the jobs. The presented approach utilizes trust and reputation for securely selecting the grid resources by also evaluation user’s feedback on the basis of the feedback already available about the entities. The proposed approach is scalable for an increased number of resources

A model of trust applied to the management ofinformation technology

This work presents a model of trust as it relates to the management of informationtechnology (IT). We comment on the definition of trust as applied to contemporarybusiness environments, and discuss the associated risks due to the complexity of modernglobalized relationships. This work focuses on IT management, emphasizing the necessityof aligning organizational strategies with a company’s activities as recent studies haveconcluded that organizations that exhibit “business-focused” IT management are subjectto less risk. In this context, our proposed model enables the evaluation of trust as itrelates to IT management, by means of metrics that are related to business factors. Afield application of this model demonstrates the relevance of measuring trust as a meansto mitigate business risks related to IT management

Access Control and Service-Oriented Architectures.

Access Control and Service-Oriented Architectures" investigates in which way logical access control can be achieved effectively, in particular in highly dynamic environments such as service-oriented architectures (SOA's). The author combines state-of-the-art best-practice and projects these onto the SOA. In doing so, he identifies strengths of current approaches, but also pinpoints weaknesses. These weaknesses are subsequently mitigated by introducing an innovative new framework called EFSOC. The framework is validated empirically and preliminary implementations are discussed.

Access control and service-oriented architectures

Access Control and Service-Oriented Architectures" investigates in which way logical access control can be achieved effectively, in particular in highly dynamic environments such as service-oriented architectures (SOA's). The author combines state-of-the-art best-practice and projects these onto the SOA. In doing so, he identifies strengths of current approaches, but also pinpoints weaknesses. These weaknesses are subsequently mitigated by introducing an innovative new framework called EFSOC. The framework is validated empirically and preliminary implementations are discussed.

An efficient approach based on trust and reputation for secured selection of grid resources

Security is a principal concern in offering an infrastructure for the formation of general-purpose computational grids. A number of grid implementations have been devised to deal with the security concerns by authenticating the users, hosts and their interactions in an appropriate fashion. Resource management systems that are sophisticated and secured are inevitable for the efficient and beneficial deployment of grid computing services. The chief factors that can be problematic in the secured selection of grid resources are the wide range of selection and the high degree of strangeness. Moreover, the lack of a higher degree of confidence relationship is likely to prevent efficient resource allocation and utilisation. In this paper, we present an efficient approach for the secured selection of grid resources, so as to achieve secure execution of the jobs. This approach utilises trust and reputation for securely selecting the grid resources. To start with, the self-protection capability and reputation weightage of all the entities are computed, and based on those values, the trust factor (TF) of all the entities are determined. The reputation weightage of an entity is the measure of both the user’s feedback and other entities’ feedback. Those entities with higher TF values are selected for the secured execution of jobs. To make the proposed approach more comprehensive, a novel method is employed for evaluating the user’s feedback on the basis of the existing feedbacks available regarding the entities. This approach is proved to be scalable for an increased number of user jobs and grid entities. The experimentation portrays that this approach offers desirable efficiency in the secured selection of grid resources