Mamadou H. Diallo

Architectural support for trust models in decentralized applications

Decentralized applications are composed of distributed entities that directly interact with each other and make local autonomous decisions in the absence of a centralized coordinating authority. Such decentralized applications, where entities can join and leave the system at any time, are particularly susceptible to the attacks of malicious entities. Each entity therefore requires protective measures to safeguard itself against these entities. Trust management solutions serve to provide effective protective measures against such malicious attacks. Trust relationships help an entity model and evaluate its confidence in other entities towards securing itself. Trust management is, thus, both an essential and intrinsic ingredient of decentralized applications. However, research in trust management has not focused on how trust models can be composed into a decentralized architecture. The PACE architectural style, described previously [21], provides structured and detailed guidance on the assimilation of trust models into a decentralized entitys architecture. In this paper, we describe our experiments with incorporating four different reputation-based trust models into a decentralized application using the PACE architectural style. Our observations lead us to conclude that PACE not only provides an effective and easy way to integrate trust management into decentralized applications, but also facilitates reuse while supporting different types of trust models. Additionally, PACE serves as a suitable platform to aid the evaluation and comparison of trust models in a fixed setting towards providing a way to choose an appropriate model for the setting.

CloudProtect: Managing Data Privacy in Cloud Applications

This paper describes the CloudProtect middleware that empowers users to encrypt sensitive data stored within various cloud applications. However, most web applications require data in plaintext for implementing the various functionalities and in general, do not support encrypted data management. Therefore, CloudProtect strives to carry out the data transformations (encryption/decryption) in a manner that is transparent to the application, i.e., preserves all functionalities of the application, including those that require data to be in plaintext. Additionally, CloudProtect allows users flexibility in trading off performance for security in order to let them optimally balance their privacy needs and usage-experience.

Indexing Encrypted Documents for Supporting Efficient Keyword Search

We propose a scheme to index encrypted documents on an untrusted server and evaluate keyword search queries against them. The proposed scheme provides better security than deterministic encryption schemes and is far more efficient than existing searchable encryption schemes in literature. Furthermore, it provides the user with a set of control parameters to adjust the level of exposure against the efficiency of the indexing scheme. It also allows easy updates and deletions unlike most existing encrypted searching schemes. We carry out preliminary experiments to test the effectiveness of the proposed scheme and give an intuition for the security properties along with a fairly detailed outline of the security formalism that we are currently developing to analyze the security of our scheme.

Case study, interrupted: the paucity of subject systems that span the requirements-architecture gap

A number of approaches for spanning the requirements-architecture gap have been published in recent years, and we sought to rigorously characterize the gap and to conduct a comparative evaluation of approaches to span the gap using a case study method on a realistic problem. However, our intentions were impeded by the problem of finding appropriate subject systems that included sufficient information in both requirements and architecture document. Most subject systems that we found contained either detailed requirements or detailed architecture description, but not both. In this paper, we report on our search and the seventeen most suitable subject systems with the hope of aiding others undertaking a similar study. We speculate on the reasons for the paucity of suitable subject systems and invite contributions and suggestions for our ongoing work.

Architecting trust-enabled peer-to-peer file-sharing applications

Decentralized peer-to-peer (P2P) resource sharing applications lack a centralized authority that can facilitate peer and resource look-ups and coordinate resource sharing between peers. Instead, peers directly interact and exchange resources with other peers. These systems are often open and do not regulate the entry of peers into the system. Thus, there can be malicious peers in the system who threaten others by offering Trojan horses and viruses disguised as seemingly innocent resources. Several trust-based solutions exist to address such threats; unfortunately there is a lack of design guidance on how these solutions can be integrated into a resource sharing application. In this paper, we describe how two teams of undergraduate students separately integrated XREP, a third-party reputation-based protocol for file-sharing applications, with PACE, our software architecture-based approach for decentralized trust management. This was done in order to construct trust-enabled P2P file-sharing application prototypes. Our observations have revealed that using an architecture-based approach in incorporating trust into P2P resource-sharing applications is not only feasible, but also significantly beneficial. Our efforts also demonstrate both the ease of adoption and ease of use of the PACE-based approach in constructing such trust-enabled decentralized applications.

Toward Architecture Evaluation through Ontology-Based Requirements-Level Scenarios

A data processing system is disclosed in which a high-speed processor is added to a slow-speed processor and in which both processors have access to a first memory unit with the slow processor having access priority over the fast processor. In order to allow the fast processor to operate without losing data when a conflict occurs during a write operation, a second memory is coupled to the fast processor in which is stored all the data stored in the first memory. When the fast processor attempts to write into both memories but fails to write into the first memory due to a conflict with the slow processor, the data stored in the second memory is then transferred to the first memory subsequent to the completion of the access operation by the slow processor. This arrangement allows the fast processor to complete the write operation interrupted by the conflicts with the slow processor, thereby allowing the fast processor and the slow processor to have access to the same data. Both memories are continuously balanced by the fast processor so that each memory will contain the same data allowing both processors access to the same data.

Trustworthy Privacy Policy Translation in Untrusted IoT Environments.

Internet of Thing (IoT) systems, such as smart buildings and smart cities, provide services to users (individuals and organizations) in various aspect of our lives. To provide such services, IoT systems need to handle data captured from multiple devices/sensors, and translation of data processing policies agreed by users (high-level) into commands for devices (device-level). The underlying assumption is that users trust IoT systems in honoring their policies. However, this trust assumption is incorrectly positioned since IoT systems may not be honest or may fall victim to cyberattacks. We address such concerns by providing mechanisms to help in ensuring trust and accountability at the time of translating a contract (agreed and signed policies). The objective of the proposed scheme is two fold, (1) translation of contracts from a high-level to device-level, (2) attestation of the translation. We have implemented the proposed scheme for contract translation and attestation of translation as a module and integrated it with the TIPPERS system (our IoT testbed under development). The results of our experiments highlight the feasibility of our proposed schemes.