-
[show abstract]
[hide abstract]
ABSTRACT: To be considered a viable storage solution, modern peer-to-peer (P2P) storage systems must exhibit high availability and data persistence characteristics. In an attempt to provide these, most systems assume a continuously connected and available underlying communication infrastructure. This however is not warranted in any real large-scale distributed system, and thus needs to be addressed. Continuous update systems that allow updating data by multiple writers have harder problems to overcome since the ordering of updates needs to be maintained independently of connectivity conditions. In this paper we propose a solution for maintaining a global view of the ordering even when severe connectivity disruptions take place, allowing the system to continue functioning while connectivity is disrupted and to recover from the disruption smoothly when connectivity is restored. To this end, we introduce and discuss three new concepts to the realm of P2P storage systems: 1) the maintenance of additional state information to detect and trace object updates during partitioning, 2) the usage of active decentralized object replication through shadow roots, and 3) the deployment of cryptographic technologies to allow for the recovery of private state information.
Security in Storage Workshop, 2005. SISW '05. Third IEEE International; 01/2006
-
[show abstract]
[hide abstract]
ABSTRACT: Corporate IT as well as individuals show increasing interest in reliable outsourcing of storage infrastructure. Decentralized solutions with their resilience against partial outages are among the most attractive approaches. Irrespective of the form of the relationship, be it based on a contract or on the more flexible cooperative model, the problem of verifying whether someone promising to store one's data actually does so remains to be solved, especially in the presence of multiple replicas. We introduce a lightweight mechanism that allows the data originator or a dedicated verification agent to build up trust in the replica holder by means of protocols that do not require prior trust or key establishment. We show how naive versions of the protocol do not prevent cheating, and then strengthen it by adding means that make it economically attractive to be honest. This provides a foundation for further work in providing trustworthy distributed storage.
Peer-to-Peer Computing, 2003. (P2P 2003). Proceedings. Third International Conference on; 10/2003
-
[show abstract]
[hide abstract]
ABSTRACT: One of the solutions to deter copyright violations consists of embedding hard to detect watermarks in digital media. Current developments have focused on how to embed watermarks, and on one-to-one exchanges on how to securely convey tagged data to the end consumer Assuming a large customer base or predistributed media, it may become prohibitively expensive or time consuming to tag each separate copy of data individually before it is delivered to the customer We present two mechanisms that allow the preparation and distribution of tagged data in a more scalable way than existing approaches. The first one, called hierarchical tagging, is preferable for on-line multi-level distribution, where producer and consumer are not in direct contact, but intermediate agents provide distribution channels and sales platforms. The second method is well Suited to pre-produced bulk-media distribution (such as through CDROMs or DVDs), with only small amounts of on-line information being transferred to each consumer We call it bulk-tagging.
Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual; 01/2002
-
[show abstract]
[hide abstract]
ABSTRACT: We present a vision of computing environments in which enterprise networks are built using untrusted public infrastructures. The vision allows for networks to dynamically change depending on the need of their users, rather than forcing the users to build organizations around networks. This vision is realized through a design abstraction called virtual enterprise networking, or short Supernetworking. A first prototype of such a Supernet has been implemented on Linux. Supernetworking introduces a new layer of abstraction in a layered model of computer networking. The Supernet layer sits directly above the network layer and includes its own addressing structure and security services which protect all data transmitted by the network layer. A key component of a Supernet is communications tunneling. Instead of the traditional two endpoints, our tunnels have as many endpoints as there are computers participating in a Supernet. While tunneling has been repeatedly used to implement infrastructure services such as multicasting, virtual private networks, and support for mobility, we distill these technologies into a single, simple abstraction. This new abstraction enables the ability to out-source network infrastructure services in a transparent and secure manner, mobility, and the creation and administration of secure ad-hoc virtual computer networks
Computer Security Applications, 2000. ACSAC '00. 16th Annual Conference; 01/2001
-
G. Caronni
[show abstract]
[hide abstract]
ABSTRACT: Most currently deployed public key infrastructures (PKIs) are hierarchically oriented and rely on a centralized design. Hierarchical PKIs may be appropriate solutions for many usage-scenarios, but there exists the viable alternative of the `Web of Trust'. In a web of trust, each user of the system can choose for himself whom he elects to trust, and whom not. After contrasting the properties of web-of-trust based PKIs to those of hierarchical PKIs, an introduction to webs of trust and to quantitative trust calculations is given. The paper concludes with the presentation of an efficient, sub-exponential algorithm that allows heuristic computations of trust paths in a web of trust
Enabling Technologies: Infrastructure for Collaborative Enterprises, 2000. (WET ICE 2000). Proeedings. IEEE 9th International Workshops on; 02/2000
-
[show abstract]
[hide abstract]
ABSTRACT: Middleware supporting secure applications in a distributed
environment faces several challenges. Scalable security in the context
of multicasting or broadcasting is especially hard when privacy and
authenticity is to be assured to highly dynamic groups where the
application allows participants to join and leave at any time. Unicast
security is well-known and has widely advanced into production state.
But proposals for multicast security solutions that have been published
so far are complex, often require trust in network components, or are
inefficient. In this paper, we propose a framework of new approaches for
achieving scalable security in IP multicasting. Our solutions assure
that newly joining members are not able to understand past group traffic
and that leaving members may not follow future communication. For
versatility, our framework supports a range of closely related schemes
for key management, ranging from tightly centralized to fully
distributed, and even allows switching between these schemes on-the-fly
with low overhead. Operations have low complexity [O(log N) for joins or
leaves], thus granting scalability even for very large groups. We also
present a novel concurrency-enabling scheme, which was devised for fully
distributed key management. In this paper, we discuss the requirements
for secure multicasting, present our flexible system, and evaluate its
properties based on the existing prototype implementation
IEEE Journal on Selected Areas in Communications 10/1999; · 3.41 Impact Factor
-
[show abstract]
[hide abstract]
ABSTRACT: Proposals for multicast security that have been published so far
are complex, often require trust in network components or are
inefficient. We propose a series of novel approaches for achieving
scalable security in IP multicast, providing privacy and authentication
on a group-wide basis. They can be employed to efficiently secure multi
party applications where members of highly dynamic groups of arbitrary
size may participate. Supporting dynamic groups implies that newly
joining members must not be able to understand past group
communications, and that leaving members may not follow future
communications. Key changes are required for all group members when a
leave or join occurs, which poses a problem if groups are large. The
algorithms presented here require no trust in third parties, support
either centralized or fully distributed management of keying material,
and have low complexity (O(log N) or less). This grants scalability even
for large groups
Enabling Technologies: Infrastructure for Collaborative Enterprises, 1998. (WET ICE '98) Proceedings., Seventh IEEE International Workshops on; 07/1998
-
[show abstract]
[hide abstract]
ABSTRACT: Currently, two different approaches are being pursued for securing the Internet with respect to commercial use on a broad scale. The properties of these two approaches-application-coupled security vs. network-coupled security-are discussed and compared. We then focus on SKIP (Simple Key-management in the Internet Protocol) as an example of network-coupled security, and show how it can be used to provide easily upgradable `plug & play' cryptographic security. Providing upgradable security is an ideal base for the employment of organically-growing security infrastructures, whose members still need to communicate with unsecured peers
Enabling Technologies: Infrastructure for Collaborative Enterprises, 1996. Proceedings of the 5th Workshop on; 07/1996
-
[show abstract]
[hide abstract]
ABSTRACT: Shared window systems allow collaboration transparent, single-user applications interacted with on multiple users' workstations, enabling the members of a cooperative ensemble to simultaneously share and revise information. The paper presents a system capable of sharing applications running under the X Window System. In contrast to previously implemented systems, the present shared window system addresses issues that are crucial for general-purpose use. The shared window system is policy-free, i.e., there are no preferred policies for handling issues such as admission and floor control. Instead, it offers a set of essential mechanisms on top of which various policies and user paradigms may be realized. Further, the system distributes the sharing functionality among all sites involved in a cooperative activity. Measurements have shown a positive impact of this on the overall performance of the system and thus justified the viability of the design decisions taken
IEEE/ACM Transactions on Networking 03/1995; 3(1):51-62. · 2.03 Impact Factor
-
[show abstract]
[hide abstract]
ABSTRACT: We present a vision of computing environments in which enterprise networks are built using untrusted public infrastructures. The vision allows for networks to dynamically change depending on the need of their users, rather than forcing the users to build organizations around networks. This vision is realized through a design abstraction called virtual enterprise networking, or short Supernetworking. A first prototype of such a Supernet has been implemented on Linux. Supernetworking introduces a new layer of abstraction in a layered model of computer networking. The Supernet layer sits directly above the network layer and includes its own addressing structure and security services which protect all data transmitted by the network layer. A key component of a Supernet is communications tunneling. Instead of the traditional two endpoints, our tunnels have as many endpoints as there are computers participating in a Supernet. While tunneling has been repeatedly used to implement infrastructure services such as multicasting, virtual private networks, and support for mobility, we distill these technologies into a single, simple abstraction. This new abstraction enables the ability to out-source network infrastructure services in a transparent and secure manner, mobility, and the creation and administration of secure ad-hoc virtual computer networks.
Computer Security Applications Conference, Annual.
