12,627 research outputs found
The Secrecy Graph and Some of its Properties
A new random geometric graph model, the so-called secrecy graph, is
introduced and studied. The graph represents a wireless network and includes
only edges over which secure communication in the presence of eavesdroppers is
possible. The underlying point process models considered are lattices and
Poisson point processes. In the lattice case, analogies to standard bond and
site percolation can be exploited to determine percolation thresholds. In the
Poisson case, the node degrees are determined and percolation is studied using
analytical bounds and simulations. It turns out that a small density of
eavesdroppers already has a drastic impact on the connectivity of the secrecy
graph.Comment: 5 pages. Accepted at 2008 IEEE Symposium on Information Theory
(ISIT'08
Wireless Secrecy in Large-Scale Networks
The ability to exchange secret information is critical to many commercial,
governmental, and military networks. The intrinsically secure communications
graph (iS-graph) is a random graph which describes the connections that can be
securely established over a large-scale network, by exploiting the physical
properties of the wireless medium. This paper provides an overview of the main
properties of this new class of random graphs. We first analyze the local
properties of the iS-graph, namely the degree distributions and their
dependence on fading, target secrecy rate, and eavesdropper collusion. To
mitigate the effect of the eavesdroppers, we propose two techniques that
improve secure connectivity. Then, we analyze the global properties of the
iS-graph, namely percolation on the infinite plane, and full connectivity on a
finite region. These results help clarify how the presence of eavesdroppers can
compromise secure communication in a large-scale network.Comment: To appear: Proc. IEEE Information Theory and Applications Workshop
(ITA'11), San Diego, CA, Feb. 2011, pp. 1-10, Invited Pape
Percolation and Connectivity in the Intrinsically Secure Communications Graph
The ability to exchange secret information is critical to many commercial,
governmental, and military networks. The intrinsically secure communications
graph (iS-graph) is a random graph which describes the connections that can be
securely established over a large-scale network, by exploiting the physical
properties of the wireless medium. This paper aims to characterize the global
properties of the iS-graph in terms of: (i) percolation on the infinite plane,
and (ii) full connectivity on a finite region. First, for the Poisson iS-graph
defined on the infinite plane, the existence of a phase transition is proven,
whereby an unbounded component of connected nodes suddenly arises as the
density of legitimate nodes is increased. This shows that long-range secure
communication is still possible in the presence of eavesdroppers. Second, full
connectivity on a finite region of the Poisson iS-graph is considered. The
exact asymptotic behavior of full connectivity in the limit of a large density
of legitimate nodes is characterized. Then, simple, explicit expressions are
derived in order to closely approximate the probability of full connectivity
for a finite density of legitimate nodes. The results help clarify how the
presence of eavesdroppers can compromise long-range secure communication.Comment: Submitted for journal publicatio
Techniques for Enhanced Physical-Layer Security
Information-theoretic security--widely accepted as the strictest notion of
security--relies on channel coding techniques that exploit the inherent
randomness of propagation channels to strengthen the security of communications
systems. Within this paradigm, we explore strategies to improve secure
connectivity in a wireless network. We first consider the intrinsically secure
communications graph (iS-graph), a convenient representation of the links that
can be established with information-theoretic security on a large-scale
network. We then propose and characterize two techniques--sectorized
transmission and eavesdropper neutralization--which are shown to dramatically
enhance the connectivity of the iS-graph.Comment: Pre-print, IEEE Global Telecommunications Conference (GLOBECOM'10),
Miami, FL, Dec. 201
Continuum Percolation in the Intrinsically Secure Communications Graph
The intrinsically secure communications graph (iS-graph) is a random graph
which captures the connections that can be securely established over a
large-scale network, in the presence of eavesdroppers. It is based on
principles of information-theoretic security, widely accepted as the strictest
notion of security. In this paper, we are interested in characterizing the
global properties of the iS-graph in terms of percolation on the infinite
plane. We prove the existence of a phase transition in the Poisson iS-graph,
whereby an unbounded component of securely connected nodes suddenly arises as
we increase the density of legitimate nodes. Our work shows that long-range
communication in a wireless network is still possible when a secrecy constraint
is present.Comment: Accepted in the IEEE International Symposium on Information Theory
and its Applications (ISITA'10), Taichung, Taiwan, Oct. 201
CamFlow: Managed Data-sharing for Cloud Services
A model of cloud services is emerging whereby a few trusted providers manage
the underlying hardware and communications whereas many companies build on this
infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS
applications. From the start, strong isolation between cloud tenants was seen
to be of paramount importance, provided first by virtual machines (VM) and
later by containers, which share the operating system (OS) kernel. Increasingly
it is the case that applications also require facilities to effect isolation
and protection of data managed by those applications. They also require
flexible data sharing with other applications, often across the traditional
cloud-isolation boundaries; for example, when government provides many related
services for its citizens on a common platform. Similar considerations apply to
the end-users of applications. But in particular, the incorporation of cloud
services within `Internet of Things' architectures is driving the requirements
for both protection and cross-application data sharing.
These concerns relate to the management of data. Traditional access control
is application and principal/role specific, applied at policy enforcement
points, after which there is no subsequent control over where data flows; a
crucial issue once data has left its owner's control by cloud-hosted
applications and within cloud-services. Information Flow Control (IFC), in
addition, offers system-wide, end-to-end, flow control based on the properties
of the data. We discuss the potential of cloud-deployed IFC for enforcing
owners' dataflow policy with regard to protection and sharing, as well as
safeguarding against malicious or buggy software. In addition, the audit log
associated with IFC provides transparency, giving configurable system-wide
visibility over data flows. [...]Comment: 14 pages, 8 figure
- …