Eduardo Solana

Flexible Internet Secure Transactions Based on Collaborative Domains

The absence of manageable global key distribution schemes is seriously hindering the deployment of basic security services in the Internet. The emergence of cryptosystems based on public key technology has represented a significant improvement in this direction by removing the need of a mutual agreement on the encryption key. However, the certificate structures that bind a user to his public key are difficult to deploy especially in inter-domain environments. As a consequence, although the need for security services like encryption or authentication is becoming crucial, most Internet transactions currently take place without the use of any of these services. This paper proposes a novel approach for simplifying key manageability relying on the notion of security domains. The fundamental idea relies on the fact that key management and thus security services are easier to achieve inside a well confined domain. Consequently, large scale security might be seen as a combination of intra-domain security and a secure framework for transactions between domains. In other words, user keys are managed internally and only domain keys need to be handled globally. We present the cryptographic schemes needed to achieve confidentiality and authentication based on the collaboration of security domains.

I(FIB)F: Iterated bloom filters for routing in named data networks

Named Data Networks provide a clean-slate redesign of the Future Internet for efficient content distribution. Because Internet of Things are expected to compose a significant part of Future Internet, most content will be managed by constrained devices. Such devices are often equipped with limited CPU, memory, bandwidth, and energy supply. However, the current Named Data Networks design neglects the specific requirements of Internet of Things scenarios and many data structures need to be further optimized. The purpose of this research is to provide an efficient strategy to route in Named Data Networks by constructing a Forwarding Information Base using Iterated Bloom Filters defined as I(FIB)F. We propose the use of content names based on iterative hashes. This strategy leads to reduce the overhead of packets. Moreover, the memory and the complexity required in the forwarding strategy are lower than in current solutions. We compare our proposal with solutions based on hierarchical names and Standard Bloom Filters. We show how to further optimize I(FIB)F by exploiting the structure information contained in hierarchical content names. Finally, two strategies may be followed to reduce: (i) the overall memory for routing or (ii) the probability of false positives.

PISCES: A framework for privacy by design in IoT

We present PISCES (Privacy Incorporated and SeCurity Enhanced Systems) framework, which aims at establishing foundations for implementing Privacy and Security by Design (PSD) in the scope of the Internet of Things (IoT). PISCES operates a strict separation between data provider and data controller, where providers are managers of their data privacy, and controllers are accountable for the privacy and protection of the data provided. This role separation is ensured by the Controller Smart Data System (CSDS) of the Smart Data System (SDS), that handles data along with its privacy settings (metadata), defined by the user, offering the possibility of private data management for IoT. The SDS also balances user privacy against the need to access information in case of law-enforcement organization activities (e.g., police investigations in fight against crime). This is made possible thanks to the building of a Privacy Validation Chain (PVC) allowing the data owner and/or any intermediary (data controllers, data processors) to know easily by whom, and to which purpose, the data is used, thus asserting that the user rights are respected or not. Finally, PISCES is thought for Internet users and service providers to get a reasonable bargain when monetizing user data; it makes necessary to define fair and mutually acceptable conditions for using the services and the data. These conditions can give incentives for the user to allow more access to his data and for the service provider to allow free usage to some services.

Privacy Verification Chains for IoT

The present paper establishes foundations for implementing Privacy and Security by Design in the scope of the Internet of Things (IoT) by using a new paradigm namely the Privacy Verification Chains (PVC). PVCs will act as a “privacy ledgers” allowing participating entities to prove that they are entitled to hold privacy-related information, regardless of how this information is handled or stored. Furthermore, the PVC structure provides the two following benefits: In case of a security breach resulting in a user data leak, the affected company may browse all the relevant PVCs in order to identify the users affected and trigger the corresponding informative and corrective measures. The PVC will also provide support for bidirectional browsing which means that the data owner will be capable of browsing all the PVCs involving the data he owns in order to find out all the data processors that hold his personal information. From a wider perspective, we enforce a strict separation between data providers and data controllers, where providers are managers of their data privacy, and controllers are accountable for the privacy and protection of the data provided. This role separation will be ensured by a data controller of a so-called Smart Data System (SDS). The SDS handles information along with its privacy settings (metadata), defined by the data owner. In order to control this privacy-preserving framework, our system introduces a Forensic and Auditing System that will enforce the data protection from the processor to a third party. This component will also provide a comprehensive logging functionality that will constitute a legally-binding support to respond to audit procedures, police investigations and(or) law enforcement obligations.

Performance Evaluation of Searchable Symmetric Encryption in Wireless Sensor Networks

The distributed nature of Wireless Sensor Networks leads to the use of cloud databases that need to be protected when dealing with sensitive content. In this context, Searchable Symmetric Encryption provides the appropriate framework to perform secure searches. This work proposes a combination of secure indexes with Bloom Filters to efficiently address searches in encrypted content. We evaluate the performance of two different strategies to populate Bloom Filters in XM1000, Z1 and TelosB wireless sensor devices: (1) we first consider four cryptographic hash functions using the double hashing technique and truncating message digests; (2) we then select five symmetric encryption algorithms and two fast hash functions also with double hashing. We conclude that the best strategy for securing indexes is AES plus a fast FNV hash function and double hashing.

The distributed management tree—applying a new concept for managing distributed applications to e-mail (poster)

The “Distributed Management Tree” (DMT) is a hierarchical structure designed for the management of distributed systems. The DMT has the form of an inverted tree, with nodes representing small active units for processing elements of management information. The DMT is not integrated into the system it manages but built next to it, supervising it “from the outside”. The DMT has two main functionalities: (1) it extracts and refines information concerning the managed system, and (2) provides a mechanism for specifying and handling actions on the managed system. The nodes are programmed to permanently analyze the information about the managed system and to find out if it is in a normal operational state or not. If a faulty behaviour is detected, the DMT can either fix it autonomously or alert a human administrator, depending on the nature of the error. The different hierarchy levels in the tree represent the information obtained at the terminal nodes views with different levels of detail. Furthermore, they provide means to trigger complex commands and propagate them downwards, decomposing them into more elementary commands. This concept has been applied to the management of E-mail systems. A prototype has been developed for managing an important and heterogeneous fraction of the University’s E-mail system.