1,091 research outputs found
A Trust-Based Group Key Management Protocol for Non-Networks
In this paper, a secure and trust-based group key management protocol (GKMP) is presented for non-networks such as MANET/VANET. The scheme provides secure communication for group members in a dynamic network environment and does not restrict the users (registered or non-registered), allowing for flexible group communication. The proposed scheme is designed to address the challenges of key distribution, secure grouping, and secure communication. For result evaluation, first of all formal and informal security analysis was done and then compared with existing protocols. The proposed trust-based GKMP protocol satisfies the authentication, confidentiality of messages, forward/backward security concurrently as well as shows robustness in terms of packet delivery ratio and throughput
Byzantine fault-tolerant agreement protocols for wireless Ad hoc networks
Tese de doutoramento, Informática (Ciências da Computação), Universidade de Lisboa, Faculdade de Ciências, 2010.The thesis investigates the problem of fault- and intrusion-tolerant consensus
in resource-constrained wireless ad hoc networks. This is a fundamental
problem in distributed computing because it abstracts the need
to coordinate activities among various nodes. It has been shown to be a
building block for several other important distributed computing problems
like state-machine replication and atomic broadcast.
The thesis begins by making a thorough performance assessment of existing
intrusion-tolerant consensus protocols, which shows that the performance
bottlenecks of current solutions are in part related to their system
modeling assumptions. Based on these results, the communication failure
model is identified as a model that simultaneously captures the reality
of wireless ad hoc networks and allows the design of efficient protocols.
Unfortunately, the model is subject to an impossibility result stating that
there is no deterministic algorithm that allows n nodes to reach agreement
if more than n2 omission transmission failures can occur in a communication
step. This result is valid even under strict timing assumptions (i.e.,
a synchronous system).
The thesis applies randomization techniques in increasingly weaker variants
of this model, until an efficient intrusion-tolerant consensus protocol
is achieved. The first variant simplifies the problem by restricting the
number of nodes that may be at the source of a transmission failure at
each communication step. An algorithm is designed that tolerates f dynamic
nodes at the source of faulty transmissions in a system with a total
of n 3f + 1 nodes.
The second variant imposes no restrictions on the pattern of transmission
failures. The proposed algorithm effectively circumvents the Santoro-
Widmayer impossibility result for the first time. It allows k out of n nodes
to decide despite dn
2 e(nk)+k2 omission failures per communication
step. This algorithm also has the interesting property of guaranteeing
safety during arbitrary periods of unrestricted message loss.
The final variant shares the same properties of the previous one, but relaxes
the model in the sense that the system is asynchronous and that a
static subset of nodes may be malicious. The obtained algorithm, called
Turquois, admits f < n
3 malicious nodes, and ensures progress in communication
steps where dnf
2 e(n k f) + k 2. The algorithm is
subject to a comparative performance evaluation against other intrusiontolerant
protocols. The results show that, as the system scales, Turquois
outperforms the other protocols by more than an order of magnitude.Esta tese investiga o problema do consenso tolerante a faltas acidentais
e maliciosas em redes ad hoc sem fios. Trata-se de um problema fundamental
que captura a essência da coordenação em actividades envolvendo
vários nós de um sistema, sendo um bloco construtor de outros importantes
problemas dos sistemas distribuídos como a replicação de máquina
de estados ou a difusão atómica.
A tese começa por efectuar uma avaliação de desempenho a protocolos
tolerantes a intrusões já existentes na literatura. Os resultados mostram
que as limitações de desempenho das soluções existentes estão em parte
relacionadas com o seu modelo de sistema. Baseado nestes resultados, é
identificado o modelo de falhas de comunicação como um modelo que simultaneamente
permite capturar o ambiente das redes ad hoc sem fios e
projectar protocolos eficientes. Todavia, o modelo é restrito por um resultado
de impossibilidade que afirma não existir algoritmo algum que permita
a n nós chegaram a acordo num sistema que admita mais do que n2
transmissões omissas num dado passo de comunicação. Este resultado é
válido mesmo sob fortes hipóteses temporais (i.e., em sistemas síncronos)
A tese aplica técnicas de aleatoriedade em variantes progressivamente
mais fracas do modelo até ser alcançado um protocolo eficiente e tolerante
a intrusões. A primeira variante do modelo, de forma a simplificar
o problema, restringe o número de nós que estão na origem de transmissões
faltosas. É apresentado um algoritmo que tolera f nós dinâmicos na
origem de transmissões faltosas em sistemas com um total de n 3f + 1
nós.
A segunda variante do modelo não impõe quaisquer restrições no padrão
de transmissões faltosas. É apresentado um algoritmo que contorna efectivamente
o resultado de impossibilidade Santoro-Widmayer pela primeira
vez e que permite a k de n nós efectuarem progresso nos passos de comunicação
em que o número de transmissões omissas seja dn
2 e(n
k) + k 2. O algoritmo possui ainda a interessante propriedade de tolerar
períodos arbitrários em que o número de transmissões omissas seja
superior a .
A última variante do modelo partilha das mesmas características da variante
anterior, mas com pressupostos mais fracos sobre o sistema. Em particular,
assume-se que o sistema é assíncrono e que um subconjunto estático
dos nós pode ser malicioso. O algoritmo apresentado, denominado
Turquois, admite f < n
3 nós maliciosos e assegura progresso nos passos
de comunicação em que dnf
2 e(n k f) + k 2. O algoritmo é
sujeito a uma análise de desempenho comparativa com outros protocolos
na literatura. Os resultados demonstram que, à medida que o número de
nós no sistema aumenta, o desempenho do protocolo Turquois ultrapassa
os restantes em mais do que uma ordem de magnitude.FC
Lex Informatica: The Formulation of Information Policy Rules through Technology
Historically, law and government regulation have established default rules for information policy, including constitutional rules on freedom of expression and statutory rights of ownership of information. This Article will show that for network environments and the Information Society, however, law and government regulation are not the only source of rule-making. Technological capabilities and system design choices impose rules on participants. The creation and implementation of information policy are embedded in network designs and standards as well as in system configurations. Even user preferences and technical choices create overarching, local default rules. This Article argues, in essence, that the set of rules for information flows imposed by technology and communication networks form a “Lex Informatica” that policymakers must understand, consciously recognize, and encourage
Intrusion tolerant routing with data consensus in wireless sensor networks
Dissertação para obtenção do Grau de Mestre em
Engenharia InformáticaWireless sensor networks (WSNs) are rapidly emerging and growing as an important
new area in computing and wireless networking research. Applications of WSNs are numerous,
growing, and ranging from small-scale indoor deployment scenarios in homes
and buildings to large scale outdoor deployment settings in natural, industrial, military
and embedded environments. In a WSN, the sensor nodes collect data to monitor physical
conditions or to measure and pre-process physical phenomena, and forward that
data to special computing nodes called Syncnodes or Base Stations (BSs). These nodes
are eventually interconnected, as gateways, to other processing systems running applications.
In large-scale settings, WSNs operate with a large number of sensors – from hundreds
to thousands of sensor nodes – organised as ad-hoc multi-hop or mesh networks, working
without human supervision. Sensor nodes are very limited in computation, storage,
communication and energy resources. These limitations impose particular challenges in
designing large scale reliable and secure WSN services and applications. However, as
sensors are very limited in their resources they tend to be very cheap. Resilient solutions
based on a large number of nodes with replicated capabilities, are possible approaches to
address dependability concerns, namely reliability and security requirements and fault
or intrusion tolerant network services.
This thesis proposes, implements and tests an intrusion tolerant routing service for
large-scale dependable WSNs. The service is based on a tree-structured multi-path routing
algorithm, establishing multi-hop and multiple disjoint routes between sensors and
a group of BSs. The BS nodes work as an overlay, processing intrusion tolerant data consensus
over the routed data. In the proposed solution the multiple routes are discovered,
selected and established by a self-organisation process. The solution allows the WSN
nodes to collect and route data through multiple disjoint routes to the different BSs, with
a preventive intrusion tolerance approach, while handling possible Byzantine attacks and
failures in sensors and BS with a pro-active recovery strategy supported by intrusion and
fault tolerant data-consensus algorithms, performed by the group of Base Stations
Quantum cryptography: key distribution and beyond
Uniquely among the sciences, quantum cryptography has driven both
foundational research as well as practical real-life applications. We review
the progress of quantum cryptography in the last decade, covering quantum key
distribution and other applications.Comment: It's a review on quantum cryptography and it is not restricted to QK
Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage
This is the author accepted manuscript. The final version is available from the publisher via the DOI in this record.Remote data integrity checking (RDIC) enables a
data storage server, such as a cloud server, to prove to a
verifier that it is actually storing a data owner’s data honestly.
To date, a number of RDIC protocols have been proposed in
the literature, but almost all the constructions suffer from the
issue of a complex key management, that is, they rely on the
expensive public key infrastructure (PKI), which might hinder
the deployment of RDIC in practice. In this paper, we propose
a new construction of identity-based (ID-based) RDIC protocol
by making use of key-homomorphic cryptographic primitive
to reduce the system complexity and the cost for establishing
and managing the public key authentication framework in PKI
based RDIC schemes. We formalize ID-based RDIC and its
security model including security against a malicious cloud server
and zero knowledge privacy against a third party verifier. We
then provide a concrete construction of ID-based RDIC scheme
which leaks no information of the stored files to the verifier
during the RDIC process. The new construction is proven secure
against the malicious server in the generic group model and
achieves zero knowledge privacy against a verifier. Extensive
security analysis and implementation results demonstrate that
the proposed new protocol is provably secure and practical in
the real-world applications.This work is supported by
the National Natural Science Foundation of China
(61501333,61300213,61272436,61472083), Fok Ying Tung
Education Foundation (141065), Program for New Century
Excellent Talents in Fujian University (JA1406
Security in Distributed, Grid, Mobile, and Pervasive Computing
This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security
- …