Wheel of Trust: A Secure Framework for Overlay-Based Services

Lu, Guor-Huar

doi:10.1109/icc.2007.195

Cited by 6 publications

(5 citation statements)

References 8 publications

(11 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A previous generation P2P architectures addressed scalability problems outside the serverless computing domain-e.g., Chord [34,39], Kademlia [27]. The distributed nature of these architectures exposes them inherently to important attacks [36,37], and thus many extensions provide authentication in distributed systems using a single root of trust [13,14] or identity-based cryptography [12,25]. Other works try to overcome single points of failure by using threshold cryptography [6,33], consensus protocols [30,31] and reputation mechanisms [11,17].…”

Section: Related Workmentioning

confidence: 99%

Themis: A Secure Decentralized Framework for Microservice Interaction in Serverless Computing

Aktypi

Karnikis²,

Vasilakis

et al. 2022

Proceedings of the 17th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

In serverless computing, applications are composed of stand-alone microservices that are invoked and scale up independently. Peerto-peer protocols can be used to enable decentralized communication among the services that compose each application. This paper presents Themis, a framework for secure service-to-service interaction targeting these environments and the underlying service mesh architectures. Themis builds on a notion of decentralized identity management to allow confidential and authenticated service-toservice interaction without the need for a centralized certificate authority. Themis adopts a layered architecture. Its lower layer forms a core communication protocol pair that offers strong security guarantees without depending on a centralized point of authority. Building on this pair, an upper layer provides a series of actions related to communication and identifier management-e.g., store, find, and join. This paper analyzes the security properties of Themis's protocol suite and shows how it provides a decentralized and flexible communication platform. The evaluation of our Themis prototype targeting serverless applications written in JavaScript shows that these security benefits come with small runtime latency and throughput overheads, and modest startup overheads. CCS CONCEPTS• Security and privacy → Security protocols.

show abstract

Section: Related Workmentioning

confidence: 99%

Themis: A Secure Decentralized Framework for Microservice Interaction in Serverless Computing

Aktypi

Karnikis²,

Vasilakis

et al. 2022

Proceedings of the 17th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

show abstract

“…So far, many studies are centered on introducing IBC into P2P security applications. Lu et al in [7] combined distributed hash tables (DHTs [8]) and identity-based encryption (IBE) to defend against man-in-the-middle attacks, however, the scheme assumed that each noble had a pre-assigned distinctive identifier, and has obtained the corresponding nonpublic key through a secure offline channel. This is often costly and troublesome to attain on a large scale P2P overlay network.…”

Section: Related Workmentioning

confidence: 99%

Secure Key Issuing Scheme in Bit-Torrent Network

Majumder

Nath²,

Laskar³

et al. 2018

ijarcs

View full text Add to dashboard Cite

Bittorrent Protocol was introduced as a means of transferring large files efficiently. But, with progressing time, security issues are consuming the Bittorrent traffic like parasites. In this paper, we propose a secured key issuing scheme for Bittorrent to remove these security threats. We will combine both Identity Based Cryptography (IBC) and SKIP to generate secured keys for the peer in order to isolate the malicious ones and hence, secure the network.

show abstract

“…Lu et al in [7] combined distributed hash tables (DHTs [8]) and identity based encryption (IBE) to defend against man-in-the-middle attacks, however, the scheme assumed that each node has had a pre-assigned unique identifier, and has obtained the corresponding private key through a secure offline channel. This is expensive and difficult to achieve in a large scale P2P overlay network.…”

Section: Related Workmentioning

confidence: 99%

“…In this paper, a secure key issuing scheme for P2P networks, which addresses the shortcomings of [7], [9], [10], [11], and makes IBC more applicable in the real world is presented.…”

Section: Related Workmentioning

confidence: 99%

Implementing a Secure Key Issuing Scheme for Communication in P2P Networks

Azharuddin¹

2012

IJWMN

View full text Add to dashboard Cite

Key issuing scheme focuses on the confidentiality maintained in using the secret key for communication in p2p networks. Identity based cryptography (IBC) was introduced into peer-to-peer (P2P) networks BACKGROUNDWith its distributed, self-organization and self maintenance nature, P2P networks are extremely vulnerable to a large spectrum of attacks [1], mainly due to the lack of a certification service responsible for peers identity verification and for authentication purposes. Traditional certificate-based public key infrastructure (PKI) was used to solve some of the problems by verifying the authenticity of nodes' identities and issuing public key certificate to each node. However, as the node churn is highly frequent in the P2P network, many nodes that stored certificates may quickly become invalid, hence PKI based security protocol is difficult to be deployed. Besides, each node requires large amounts of space to store public key certificates, which can be difficult to implement in practice.Furthermore, secured P2P overlay communication is efficient if the overlay nodes have a common, shared key for securing the communication. This is difficult to achieve in dynamic P2P overlay networks, as a new key must be generated every time an overlay node membership change occurs in order to preserve forward secrecy. Compared with the PKI technique, identity based cryptography (IBC) can simplify the key management process in P2P networks significantly. The identity of a peer (e.g., peer identifier or peer geometric coordinate) in P2P overlay networks is used to create its public key, thus avoiding the use of any certificates. These IBC-based systems are scalable, simple to administer, and each user can carry out anytime/anywhere encryption, establish secure communication channels, prove its identity to other nodes, verify protected messages and produce a form of signature with non-repudiation property.

show abstract

Wheel of Trust: A Secure Framework for Overlay-Based Services

Cited by 6 publications

References 8 publications

Themis: A Secure Decentralized Framework for Microservice Interaction in Serverless Computing

Themis: A Secure Decentralized Framework for Microservice Interaction in Serverless Computing

Secure Key Issuing Scheme in Bit-Torrent Network

Implementing a Secure Key Issuing Scheme for Communication in P2P Networks

Contact Info

Product

Resources

About