998 research outputs found
Transiently Consistent SDN Updates: Being Greedy is Hard
The software-defined networking paradigm introduces interesting opportunities
to operate networks in a more flexible, optimized, yet formally verifiable
manner. Despite the logically centralized control, however, a Software-Defined
Network (SDN) is still a distributed system, with inherent delays between the
switches and the controller. Especially the problem of changing network
configurations in a consistent manner, also known as the consistent network
update problem, has received much attention over the last years. In particular,
it has been shown that there exists an inherent tradeoff between update
consistency and speed. This paper revisits the problem of updating an SDN in a
transiently consistent, loop-free manner. First, we rigorously prove that
computing a maximum (greedy) loop-free network update is generally NP-hard;
this result has implications for the classic maximum acyclic subgraph problem
(the dual feedback arc set problem) as well. Second, we show that for special
problem instances, fast and good approximation algorithms exist
Towards Transiently Secure Updates in Asynchronous SDNs
© ACM 2016. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Proceedings of the 2016 Conference on ACM SIGCOMM 2016 Conference - SIGCOMM ’16, http://dx.doi.org/10.1145/2934872.2959083.Software-Defined Networks (SDNs) promise to overcome the often complex and error-prone operation of tradi- tional computer networks, by enabling programmabil- ity, automation and verifiability. Yet, SDNs also in- troduce new challenges, for example due to the asyn- chronous communication channel between the logically centralized control platform and the switches in the data plane. In particular, the asynchronous commu- nication of network update commands (e.g., OpenFlow FlowMod messages) may lead to transient inconsisten- cies, such as loops or bypassed waypoints (e.g., fire- walls). One approach to ensure transient consistency even in asynchronous environments is to employ smart scheduling algorithms: algorithms which update subsets of switches in each communication round only, where each subset in itself guarantees consistency. In this demo, we show how to change routing policies in a transiently consistent manner. We demonstrate two al- gorithms, namely, Wayup [5] and Peacock [4], which partition the network updates sent from SDN controller towards OpenFlow software switches into multiple rounds as per respective algorithms. Later, the barrier mes- sages are utilized to ensure reliable network updates.EC/FP7/619609/EU/Unifying Cloud and Carrier Networks/UNIF
SecuCode: Intrinsic PUF Entangled Secure Wireless Code Dissemination for Computational RFID Devices
The simplicity of deployment and perpetual operation of energy harvesting
devices provides a compelling proposition for a new class of edge devices for
the Internet of Things. In particular, Computational Radio Frequency
Identification (CRFID) devices are an emerging class of battery-free,
computational, sensing enhanced devices that harvest all of their energy for
operation. Despite wireless connectivity and powering, secure wireless firmware
updates remains an open challenge for CRFID devices due to: intermittent
powering, limited computational capabilities, and the absence of a supervisory
operating system. We present, for the first time, a secure wireless code
dissemination (SecuCode) mechanism for CRFIDs by entangling a device intrinsic
hardware security primitive Static Random Access Memory Physical Unclonable
Function (SRAM PUF) to a firmware update protocol. The design of SecuCode: i)
overcomes the resource-constrained and intermittently powered nature of the
CRFID devices; ii) is fully compatible with existing communication protocols
employed by CRFID devices in particular, ISO-18000-6C protocol; and ii) is
built upon a standard and industry compliant firmware compilation and update
method realized by extending a recent framework for firmware updates provided
by Texas Instruments. We build an end-to-end SecuCode implementation and
conduct extensive experiments to demonstrate standards compliance, evaluate
performance and security.Comment: Accepted to the IEEE Transactions on Dependable and Secure Computin
Optimal Checkpointing for Secure Intermittently-Powered IoT Devices
Energy harvesting is a promising solution to power Internet of Things (IoT)
devices. Due to the intermittent nature of these energy sources, one cannot
guarantee forward progress of program execution. Prior work has advocated for
checkpointing the intermediate state to off-chip non-volatile memory (NVM).
Encrypting checkpoints addresses the security concern, but significantly
increases the checkpointing overheads. In this paper, we propose a new online
checkpointing policy that judiciously determines when to checkpoint so as to
minimize application time to completion while guaranteeing security. Compared
to state-of-the-art checkpointing schemes that do not account for the overheads
of encrypted checkpoints we improve execution time up to 1.4x.Comment: ICCAD 201
The Value of User-Visible Internet Cryptography
Cryptographic mechanisms are used in a wide range of applications, including
email clients, web browsers, document and asset management systems, where
typical users are not cryptography experts. A number of empirical studies have
demonstrated that explicit, user-visible cryptographic mechanisms are not
widely used by non-expert users, and as a result arguments have been made that
cryptographic mechanisms need to be better hidden or embedded in end-user
processes and tools. Other mechanisms, such as HTTPS, have cryptography
built-in and only become visible to the user when a dialogue appears due to a
(potential) problem. This paper surveys deployed and potential technologies in
use, examines the social and legal context of broad classes of users, and from
there, assesses the value and issues for those users
Fault Discrimination in Wireless Sensor Networks
In current times, one of the promising and interesting areas of research is Wireless Sensor Networks. A Wireless Sensor Network consists of spatially distributed sensors to monitor environmental and physical conditions such as temperature, sound, pressure etc. It is built of nodes where each node is connected to one or more sensors. They are used for Medical applications, Security monitoring, Structural monitoring and Traffic monitoring etc. The number of sensor nodes in a Wireless Sensor Network can vary in the range of hundreds to thousands. In this project work we propose a distributed algorithm for detection of faults in a Wireless Sensor Network and to classify the faulty nodes. In our algorithm the sensor nodes are classified as being Fault Free, Transiently Faulty or Intermittently Faulty considering the energy differences from its neighbors in different rounds of the algorithm run. We have shown the simulation results in the form of the output messages from the nodes depicting their health and also compared the results in form of graphs for different average node degrees and different number of rounds of our algorithm run
- …