Luigi V. Mancini

Scalable and efficient provable data possession

Storage outsourcing is a rising trend which prompts a number of interesting security issues, many of which have been extensively investigated in the past. However, Provable Data Possession (PDP) is a topic that has only recently appeared in the research literature. The main issue is how to frequently, efficiently and securely verify that a storage server is faithfully storing its clients (potentially very large) outsourced data. The storage server is assumed to be untrusted in terms of both security and reliability. (In other words, it might maliciously or accidentally erase hosted data; it might also relegate it to slow or off-line storage.) The problem is exacerbated by the client being a small computing device with limited resources. Prior work has addressed this problem using either public key cryptography or requiring the client to outsource its data in encrypted form. In this paper, we construct a highly efficient and provably secure PDP technique based entirely on symmetric key cryptography, while not requiring any bulk encryption. Also, in contrast with its predecessors, our PDP technique allows outsourcing of dynamic data, i.e, it efficiently supports operations, such as block modification, deletion and append.

Random key-assignment for secure Wireless Sensor Networks

A distributed Wireless Sensor Network (WSN) is a collection of n sensors with limited hardware resources. Sensors can exchange messages via Radio Frequency (RF), whose range usually covers only a limited number of other sensors. An interesting problem is how to implement secure pair-wise communications among any pair of sensors in a WSN. A WSN requires completely distributed solutions which are particularly challenging due to the limited resources and the size of the network. Moreover, WSNs can be subject to several security threats, including the physical compromising of a sensor. Hence, any solution for secure pairwise communications should tolerate the collusion of a set of corrupted sensors. This paper describes a probabilistic model and two protocols to establish a secure pair-wise communication channel between any pair of sensors in the WSN, by assigning a small set of random keys to each sensor. We build, based on the first Direct Protocol, a second Co-operative Protocol. The Co-operative Protocol is adaptive: its security properties can be dynamically changed during the life-time of the WSN. Both protocols also guarantee implicit and probabilistic mutual authentication without any additional overhead and without the presence of a base station. The performance of the Direct Protocol is analytically characterized while, for the Co-operative Protocol, we provide both analytical evaluations and extensive simulations. For example, the results show that, assuming each sensor stores 120 keys, in a WSN composed of 1024 sensors with 32 corrupted sensors the probability of a channel corruption is negligible in the case of the Co-operative Protocol.

A randomized, efficient, and distributed protocol for the detection of node replication attacks in wireless sensor networks

Wireless sensor networks are often deployed in hostile environments, where anadversary can physically capture some of the nodes. Once a node is captured, the attackercan re-program it and replicate the node in a large number of clones, thus easily taking over the network. The detection of node replication attacks in a wireless sensor network is therefore a fundamental problem. A few distributed solutions have recently been proposed. However, these solutions are not satisfactory. First, they are energy and memory demanding: A serious drawback for any protocol that is to be used in resource constrained environment such as a sensor network. Further, they are vulnerable to specific adversary models introduced in this paper. The contributions of this work are threefold. First, we analyze the desirable properties of a distributed mechanism for the detection of node replication attacks. Second, we show that the known solutions for this problem do not completely meet our requirements. Third, we propose a new Randomized, Efficient, and Distributed (RED) protocol for the detection of node replication attacks and we show that it is completely satisfactory with respect to the requirements. Extensive simulations also show that our protocol is highly efficient in communication, memory, and computation, that it sets out an improved attack detection probability compared to the best solutions in the literature, and that it is resistant to the new kind of attacks we introduce in this paper, while other solutions are not.

A graph-based formalism for RBAC

Role-Based Access Control (RBAC) is supported directly or in a closely related form, by a number of products. This article presents a formalization of RBAC using graph transformations that is a graphical specification technique based on a generalization of classical string grammars to nonlinear structures. The proposed formalization provides an intuitive description for the manipulation of graph structures as they occur in information systems access control and a precise specification of static and dynamic consistency conditions on graphs and graph transformations. The formalism captures the RBAC models published in the literature, and also allows a uniform treatment of user roles and administrative roles, and a detailed analysis of the decentralization of administrative roles.

Catch Me (If You Can): Data Survival in Unattended Sensor Networks

Unattended sensor networks operating in hostile environments might collect data that represents a high-value target for the adversary. The unattended sensors inability to off-load - in real time - sensitive data to a safe external entity makes it easy for the adversary to mount a focused attack aimed at eliminating certain target data. In order to facilitate survival of this data, sensors can collectively attempt to confuse the adversary by changing its location and content, i.e., by periodically moving the data around the network and encrypting it. In this paper, we focus on data survival in unattended sensor networks faced with an adversary intent on surgically destroying data which it considers to be of high value. After motivating the problem and considering several attack flavors, we propose several simple techniques and provide their detailed evaluation.

Distributed Detection of Clone Attacks in Wireless Sensor Networks

Wireless Sensor Networks (WSNs) are often deployed in hostile environments where an adversary can physically capture some of the nodes, first can reprogram, and then, can replicate them in a large number of clones, easily taking control over the network. A few distributed solutions to address this fundamental problem have been recently proposed. However, these solutions are not satisfactory. First, they are energy and memory demanding: A serious drawback for any protocol to be used in the WSN-resource-constrained environment. Further, they are vulnerable to the specific adversary models introduced in this paper. The contributions of this work are threefold. First, we analyze the desirable properties of a distributed mechanism for the detection of node replication attacks. Second, we show that the known solutions for this problem do not completely meet our requirements. Third, we propose a new self-healing, Randomized, Efficient, and Distributed (RED) protocol for the detection of node replication attacks, and we show that it satisfies the introduced requirements. Finally, extensive simulations show that our protocol is highly efficient in communication, memory, and computation; is much more effective than competing solutions in the literature; and is resistant to the new kind of attacks introduced in this paper, while other solutions are not.

Redoubtable Sensor Networks

We give, for the first time, a precise mathematical analysis of the connectivity and security properties of sensor networks that make use of the random predistribution of keys. We also show how to set the parameters---pool and key ring size---in such a way that the network is not only connected with high probability via secure links but also provably resilient, in the following sense: We formally show that any adversary that captures sensors at random with the aim of compromising a constant fraction of the secure links must capture at least a constant fraction of the nodes of the network. In the context of wireless sensor networks where random predistribution of keys is employed, we are the first to provide a mathematically precise proof, with a clear indication of parameter choice, that two crucial properties---connectivity via secure links and resilience against malicious attacks---can be obtained simultaneously. We also show in a mathematically rigorous way that the network enjoys another strong security property. The adversary cannot partition the network into two linear size components, compromising all the links between them, unless it captures linearly many nodes. This implies that the network is also fault tolerant with respect to node failures. Our theoretical results are complemented by extensive simulations that reinforce our main conclusions.

Fault-tolerant rate-monotonic first-fit scheduling in hard-real-time systems

Hard-real-time systems require predictable performance despite the occurrence of failures. In this paper, fault tolerance is implemented by using a novel duplication technique where each task scheduled on a processor has either an active backup copy or a passive backup copy scheduled on a different processor. An active copy is always executed, while a passive copy is executed only in the case of a failure. First, the paper considers the ability of the widely-used rate-monotonic scheduling algorithm to meet the deadlines of periodic tasks in the presence of a processor failure. In particular, the completion time test is extended so as to check the schedulability on a single processor of a task set including backup copies. Then, the paper extends the well-known rate-monotonic first-fit assignment algorithm, where all the task copies, included the backup copies, are considered by rate-monotonic priority order and assigned to the first processor in which they fit. The proposed algorithm determines which tasks must use the active duplication and which can use the passive duplication. Passive duplication is preferred whenever possible, so as to overbook each processor with many passive copies whose primary copies are assigned to different processors. Moreover, the space allocated to active copies is reclaimed as soon as a failure is detected. Passive copy overbooking and active copy deallocation allow many passive copies to be scheduled sharing the same time intervals on the same processor, thus reducing the total number of processors needed. Simulation studies reveal a remarkable saving of processors with respect to those needed by the usual active duplication approach in which the schedule of the non-fault-tolerant case is duplicated on two sets of processors.

Emergent properties: detection of the node-capture attack in mobile wireless sensor networks

One of the most vexing problems in wireless sensor network security is the node capture attack. An adversary can capture a node from the network as the first step for further different types of attacks. For example, the adversary can collect all the cryptographic material stored in the node. Also, the node can be reprogrammed and re-deployed in the network in order to perform malicious activities. To the best of our knowledge no distributed solution has been proposed to detect a node capture in a mobile wireless sensor network. In this paper we propose an efficient and distributed solution to this problem leveraging emergent properties of mobile wireless sensor networks. In particular, we introduce two solutions: SDD, that does not require explicit information exchange between the nodes during the local detection, and CCD, a more sophisticated protocol that uses local node cooperation in addition to mobility to greatly improve performance. We also introduce a benchmark to compare these solutions with. Experimental results demonstrate the feasibility of our proposal. For instance, while the benchmark requires about 9,000 seconds to detect node captures, CDD requires less than 2,000 seconds. These results support our intuition that node mobility, in conjunction with a limited amount of local cooperation, can be used to detect emergent global properties.

Energy efficient node-to-node authentication and communication confidentiality in wireless sensor networks

A distributed Wireless Sensor Network (WSN) is a collection of low-end devices with wireless message exchange capabilities. Due to the scarcity of hardware resources, the lack of network infrastructures, and the threats to security, implementing secure pair-wise communications among any pair of sensors is a challenging problem in distributed WSNs. In particular, memory and energy consumption as well as resilience to sensor physical compromise are the most stringent requirements. In this paper, we introduce a new threat model to communications confidentiality in WSNs, the smart attacker model. Under this new, more realistic model, the security features of previously proposed schemes decrease drastically. We then describe a novel pseudo-random key pre-deployment strategy ESP that combines all the following properties: (a) it supports an energy-efficient key discovery phase requiring no communications; (b) it provides node to node authentication; (c) it is highly resistant to the smart attacker.We provide both asymptotic results and extensive simulations of the schemes that are beingproposed.