Mohit Sethi

End-to-end security for sleepy smart object networks

We develop a new secure and energy-efficient communication model for the Constrained Application Protocol (CoAP), a light-weight communication protocol designed for smart object networks. This architecture and the communication model ensures data integrity and authenticity over a multi-hop network topology. It provides a mirroring mechanism that uses a proxy to serve data on behalf of sleeping smart objects, thereby allowing them to act as always-online web servers. A working prototype implementation of the architecture is also developed. The security features in the architecture presented in this paper are based on using strong public-key cryptography. Contrary to popular belief, our performance evaluation shows that asymmetric public-key cryptography can be implemented on small 8-bit microcontrollers without modifying the underlying cryptographic algorithms using public libraries.

Secure Networking for Virtual Machines in the Cloud

Cloud computing improves utilization and flexibility of allocating computing resources while reducing the infrastructural costs. However, cloud technology is still proprietary in many cases and is tainted by security issues rooted in the multi-tenant environment of the cloud. For instance, the virtual machines of two competing companies could be served by the same underlying host machine in an Infrastructure as a Service (IaaS) type of cloud and this represents a security threat to be addressed. As a solution to this multi-tenancy problem, the Host Identity Protocol (HIP) offers a standardized way to authenticate and protect data flows between tenants belonging to the same security domain. In this paper, we have experimented with HIP in order to address the multi-tenant challenges for public and hybrid IaaS clouds. In our design, developers and administrators can access cloud services directly over HIP, whereas consumers access the cloud without HIP using a reverse HTTP proxy. The proxy also acts as a load balancer for a distributed test service deployed both in an EC2 public cloud and a private cloud. The performance of the system offers efficiency comparable to SSL and essentially utilizes the same cryptographic algorithms with similar processing costs. Consequently, this implies that the proposed scheme is a viable alternative to mitigate some of the privacy issues related to multi-tenancy within a single data center and to secure communications between two clouds in the case of a hybrid cloud.

Secure bootstrapping of cloud-managed ubiquitous displays

Eventually, all printed signs and bulletins will be replaced by electronic displays, which are wirelessly connected to the Internet and cloud-based services. Deploying such ubiquitous displays can be cumbersome since they need to be correctly configured and authorized to access both the Internet and the necessary services, despite the fact that they have minimal input capabilities and may be in inaccessible locations. Our goal is to enable easy and secure configuration of ubiquitous displays such as digital signage and advertisements, which are managed by cloud services and show HTML5 content. In our solution, the display shows a QR code which, when scanned by the user with a camera phone, allows automatic configuration of the wireless network along with the content to be shown. This is accomplished by a long-term trust relation configured between the cloud service and the wireless access network. We build on existing technologies and standard protocols, including RADIUS and EAP, without requiring new software to be installed on the phone or changes to the network infrastructure.

Commitment-based device pairing with synchronized drawing

Secure device pairing is a widely studied problem. Local wireless connections such as Bluetooth and WiFi typically rely on user-entered secret keys or manually verified authentication codes. Several recent proposals replace these with contextual or location-dependent sensor inputs, which are assumed to be secret from anyone not present at the location where the pairing takes place. These protocols have to cope with a fuzzy secret, i.e. noisy secret input that differs between the devices. In this paper, we overview such protocols and propose a new variation using time-based opening of commitments. Our protocol has the advantage of treating the fuzzy secret as one piece of data rather than requiring it to be partitioned into time intervals, and being more robust against variations in input entropy than those based on error correction codes. The protocol development is motivated by the discovery of a novel human source for the fuzzy secret: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. Metrics for measuring the distance between the drawings are described and evaluated. We implement a prototype of this surprisingly simple and natural pairing mechanism and show that it accurately differentiates between true positives and man-in-the-middle attackers.

Secure and low-power authentication for resource-constrained devices

The Internet of Things (IoT) refers to an interconnected world where physical devices seamlessly integrate into a global network and become active participants of business, information, and social processes. These physical devices are referred to as smart objects since they understand and react to the environment they reside in. However, deploying such Internet-connected smart objects is challenging, since they need to be correctly configured with appropriate network and security credentials. This is exacerbated by the fact that they have minimal input capabilities and may be in inaccessible locations. In this article, we describe how to employ the 3rd Generation Partnership Project (3GPP) Generic Bootstrapping Architecture (GBA) to ensure secure authentication and communication among a variety of devices and services. Although GBA relies on the infrastructure of mobile network operators, it requires no mobile network access but only IP connectivity to perform authentication. We show the feasibility of our approach with a prototype implementation that incurs in a minimal memory overhead. Experimental results also show that our solution is energy-efficient.

A survey of identifier–locator split addressing architectures

Abstract The TCP/IP architecture of the Internet was originally designed around the contemporary restrictions of large computers that were difficult to move around. However, electronics followed Moore’s law, resulting in cheaper and smaller electronics for consumers, and portable devices, such as laptops and cellular phones, became pervasive. Consequently, the original restriction on static hosts was no longer true even though is still present in the design of the TCP/IP networking stack. The TCP/IP stack remains still constrained by its original design, which was effectively a design compromise to make the addressing model simpler. As TCP connections are created based on the same addresses used by the underlying network layer, the connections break when the address changes or is removed. Thus, the TCP/IP architecture is challenged in the temporal dimension of addressing as it was designed to assume stable addresses. This is not only problematic from the viewpoint of initial connectivity but also critical in sustaining of active data flows. In this paper, we first outline the challenges related to the inflexible nature of the TCP/IP architecture resulting from the fact that the same namespace is shared between the transport and network layers. We then discuss existing solutions for these challenges that arise from the transient nature of addresses in the TCP/IP architecture. Finally, we perform a qualitative analysis of the solutions discussed in the paper.

Flexible Management of Cloud-Connected Digital Signage

Electronic displays and digital signage have become ubiquitous over the years, and we view or interact with them on a daily basis. With the emergence of cloud computing and web technologies, electronic displays can be connected directly to cloud services from which they retrieve both configuration commands and HTML5 content. Cloud-based management makes it easy to update the displays, and the use of standard web languages enables rapid development of new dynamic applications. However, the remote management aspects and scalability from small personal deployments upwards have received limited attention in the literature. To this regard, our major contributions are the collection of requirements from actual digital signage deployments and the design of a system that encompasses all the different phases involved in the related lifecycle. We specifically design, implement and evaluate a flexible and user-friendly digital signage management system.

Replication of web-based pervasive display applications

Pervasive displays are increasingly employing web-based applications served by the cloud to show dynamic content and provide services to end users. In several important use cases, the content shown by one display needs to be replicated at multiple locations, for instance, to increase coverage in large spaces or to allow remote monitoring and management. Screen content can be cloned from one display to other hosts through a virtual (remote) desktop connection or video streaming. However, these solutions are not efficient, as they only consider the visual content of the display without leveraging higher-level information about the actual application. This article investigates several methods to efficiently replicate the content of a web-based pervasive display. We consider different classes of applications for both digital signage and interactive displays. We characterize the performance of the proposed solutions and their suitability for diverse scenarios through an experimental evaluation. We conclude by providing insightful considerations from the perspective of a pervasive display application developer.