Juan Caubet scite author profile

Peer-to-peer (P2P) overlay networks have been proposed to solve routing problems of big distributed infrastructures, even for Internet scale. But the research community has been questioning the security of these networks for years. Most prior work in security services was focused on trust and reputation systems, anonymity, and secure routing. However, the proper management of identities in overlays is an important prerequisite to provide most of these security services. In this paper, we propose a protocol to control the access to a P2P overlay and to assign identities in a secure way; all this preserving the anonymity of users. This protocol involves two trusted third parties (TTPs), thanks to which it is possible to preserve the users' anonymity within the network without losing traceability. Users are authenticated by a TTP using real-world digital certificates, they select their network identifier jointly with the other TTP, and finally, the two TTPs issue the internal certificate to them. The protocol also provides revocability and protection against Sybil attacks, Eclipse attacks, whitewashers, and so on. A detailed protocol description is presented, and a performance and security analysis of the protocol is also provided.

show abstract

Securing Identity Assignment Using Implicit Certificates in P2P Overlays

Caubet

Esparza

Alins

et al. 2013

View full text Add to dashboard Cite

Abstract. The security of the Peer-to-Peer (P2P) overlays networks has been questioned for years. Many works have been proposed to provide secure routing, anonymity, reputation systems, confidentiality, etc. However, the identity assignment has been less considered. These networks are designed so that each user has a unique identifier (nodeID), but the most of identity assignment systems allow malicious users to obtain a set of nodeIDs or even select certain identifiers. Thus, these users can disrupt the proper operation of a P2P overlay. In this paper, we propose a nodeID assignment protocol based on the issue of implicit certificates. Our purpose is to provide security services to struggle against the most of security threats in these networks with special attention to the identity assignment. This approach is based on the use of certificates and the joint generation of nodeIDs between a Certification Authority (CA) and the user. In addition, the use of implicit certificates presents certain advantages over the use of traditional certificates (explicit certificates).

show abstract

STOP-IT - Strategic, Tactical, Operational Protection of Water Infrastructure Against Cyber-Physical Threats

Ugarelli¹,

Koti²,

Bonet³

et al.

View full text Add to dashboard Cite

Water supply and sanitation infrastructures are essential for our welfare, but vulnerable to several attack types facilitated by the ever-changing landscapes of the digital world. A cyber-attack on critical infrastructures could for example evolve along these threat vectors: chemical/biological contamination, physical or communications disruption between the network and the supervisory SCADA. Although conceptual and technological solutions to security and resilience are available, further work is required to bring them together in a risk management framework, strengthen the capacities of water utilities to systematically protect their systems, determine gaps in security technologies and improve risk management approaches. In particular, robust adaptable/flexible solutions for prevention, detection and mitigation of consequences in case of failure due to physical and cyber threats, their combination and cascading effects (from attacks to other critical infrastructure, i.e. energy) are still missing. There is (i) an urgent need to efficiently tackle cyber-physical security threats, (ii) an existing risk management gap in utilities' practices and (iii) an un-tapped technology market potential for strategic, tactical and operational protection solutions for water infrastructure: how the H2020 STOP-IT project aims to bridge these gaps is presented in this paper.Engineering

show abstract

Certificate Revocation List Distribution System for the KAD Network

Caubet

Gañán

Esparza

et al. 2013

The Computer Journal

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Juan Caubet

Protecting Water Infrastructure From Cyber and Physical Threats: Using Multimodal Data Fusion and Adaptive Deep Learning to Monitor Critical Systems

RIAPPA: a Robust Identity Assignment Protocol for P2P overlays

Securing Identity Assignment Using Implicit Certificates in P2P Overlays

STOP-IT - Strategic, Tactical, Operational Protection of Water Infrastructure Against Cyber-Physical Threats

Certificate Revocation List Distribution System for the KAD Network

Contact Info

Product

Resources

About