Security, Edge and Cloud Lab

Abstract

The security model relying on the traditional defense of the perimeter cannot protect modern dynamic organizations. The emerging paradigm called zero trust proposes a modern alternative that enforces access control on every request and avoids implicit trust based on the physical location of people and devices. These architectures rely on several trusted components, but existing proposals make the unrealistic assumption that attackers cannot compromise some of them. We overcome these assumptions and present a novel survivable zero trust architecture that can guarantee the necessary security level for cloud computing environments. The proposed architecture guarantees a high level of security and robustness and under specific conditions it can tolerate intrusions and can recover from failures and successful attacks.

Year: 2021 | Pages: 102419 - 102419

ISSN: 0167-4048 | DOI: 10.1016/j.cose.2021.102419

Abstract

Modern industrial systems are enriched by cyber–physical devices and interconnections with business processes that enable flexible production, remote monitoring, control and maintenance. These systems are typically subject to multiple authorities which must cooperate with each other, as in the case of segmented industrial environments and supply chains. In similar contexts, voluntary or unintentional damages may be caused by cyber attacks or by misbehaving authorized parties. We propose an original architecture that regulates accesses to industrial systems’ resources through authorization delegation procedures. It guarantees several benefits that include the possibility of auditing authorizations released by delegated third parties, of detecting misconducts and possible attacks, and of assuring attribution of misconducts. The proposed solution is compatible with constraints characterizing industrial environments and with security and performance requirements of industrial architectures. The performance and latencies of the auditing mechanisms are evaluated through a prototype.

Year: 2021 | Pages: 102848 - 102848

ISSN: 2214-2134 | DOI: 10.1016/j.jisa.2021.102848

Abstract

Designing secure, scalable, and resilient IoT networks is a challenging task because of resource-constrained devices and no guarantees of reliable network connectivity. Fog computing improves the resiliency of IoT, but its security model assumes that fog nodes are fully trusted. We relax this latter constraint by proposing a solution that guarantees confidentiality of messages exchanged through semi-honest fog nodes thanks to a lightweight proxy re-encryption scheme. We demonstrate the feasibility of the solution by applying it to IoT networks of low-power devices through experiments on microcontrollers and ARM-based architectures.

Year: 2019 | Pages: 1 - 21

ISSN: 1533-5399 | DOI: 10.1145/3284554

Abstract

Cloud database services represent a great opportunity for companies and organizations in terms of management and cost savings. However, outsourcing private data to external providers leads to risks of confidentiality and integrity violations. We propose an original solution based on encrypted Bloom filters that addresses the latter problem by allowing a cloud service user to detect unauthorized modifications to his outsourced data. Moreover, we propose an original analytical model that can be used to minimize storage and network overhead depending on the database structure and workload. We assess the effectiveness of the proposal as well as its performance improvements with respect to existing solutions by evaluating storage and network costs through micro-benchmarks and the TPC-C workload standard.

Year: 2018 | Pages: 497 - 515

ISSN: 0020-0255 | DOI: 10.1016/j.ins.2017.09.033

Abstract

The success of the cloud database paradigm is strictly related to strong guarantees in terms of service availability, scalability and security, but also of data confidentiality. Any cloud provider assures the security and availability of its platform, while the implementation of scalable solutions to guarantee confidentiality of the information stored in cloud databases is an open problem left to the tenant. Existing solutions address some preliminary issues through SQL operations on encrypted data. We propose the first complete architecture that combines data encryption, key management, authentication and authorization solutions, and that addresses the issues related to typical threat scenarios for cloud database services. Formal models describe the proposed solutions for enforcing access control and for guaranteeing confidentiality of data and metadata. Experimental evaluations based on standard benchmarks and real Internet scenarios show that the proposed architecture satisfies also scalability and performance requirements.

Year: 2014 | Pages: 448 - 458

ISSN: 2168-7161 | DOI: 10.1109/TCC.2014.2378782

Abstract

The cloud database as a service is a novel paradigm that can support several Internet-based applications, but its adoption requires the solution of information confidentiality problems. We propose a novel architecture for adaptive encryption of public cloud databases that offers an interesting alternative to the trade-off between the required data confidentiality level and the flexibility of the cloud database structures at design time. We demonstrate the feasibility and performance of the proposed solution through a software prototype. Moreover, we propose an original cost model that is oriented to the evaluation of cloud database services in plain and encrypted instances and that takes into account the variability of cloud prices and tenant workload during a medium-term period.

Year: 2014 | Pages: 10 - 25

ISSN: 2168-7161 | DOI: 10.1109/TCC.2014.2314644

Abstract

Placing critical data in the hands of a cloud provider should come with the guarantee of security and availability for data at rest, in motion, and in use. Several alternatives exist for storage services, while data confidentiality solutions for the database as a service paradigm are still immature. We propose a novel architecture that integrates cloud database services with data confidentiality and the possibility of executing concurrent operations on encrypted data. This is the first solution supporting geographically distributed clients to connect directly to an encrypted cloud database, and to execute concurrent and independent operations including those modifying the database structure. The proposed architecture has the further advantage of eliminating intermediate proxies that limit the elasticity, availability, and scalability properties that are intrinsic in cloud-based solutions. The efficacy of the proposed architecture is evaluated through theoretical analyses and extensive experimental results based on a prototype implementation subject to the TPC-C standard benchmark for different numbers of clients and network latencies.

Year: 2014 | Pages: 437 - 446

ISSN: 1045-9219 | DOI: 10.1109/TPDS.2013.154

Abstract

The transportation sector is undergoing rapid changes to reduce pollution and increase life quality in urban areas. One of the most effective approaches is flexible car rental and sharing to reduce traffic congestion and parking space issues. In this paper, we envision a flexible car sharing framework where vehicle owners want to make their vehicles available for flexible rental to other users. The owners delegate the management of their vehicles to intermediate services under certain policies, such as municipalities or authorized services, which manage the due infrastructure and services that can be accessed by users. We investigate the design of an accountable solution that allow vehicles owners, who want to share their vehicles securely under certain usage policies, to control that delegated services and users comply with the policies. While monitoring users behavior, our approach also takes care of users privacy, preventing tracking or profiling procedures by other parties. Existing approaches put high trust assumptions on users and third parties, do not consider users' privacy requirements, or have limitations in terms of flexibility or applicability. We propose an accountable protocol that extends standard delegated authorizations and integrate it with Security Credential Management Systems (SCMS), while considering the requirements and constraints of vehicular networks. We show that the proposed approach represents a practical approach to guarantee accountability in realistic scenarios with acceptable overhead.

Year: 2021 | Pages: 1 - 7

ISBN: 9781665495509 | DOI: 10.1109/NCA53618.2021.9685942

Abstract

Emerging Cooperative Intelligent Transportation Systems (C-ITS) enable improved driving experience and safety guarantees, but require secure Vehicular Ad-hoc NETworks (VANETs) that must comply to strict performance constraints. Specialized standards have been defined to these aims, such as the IEEE 1609.2 that uses network-efficient cryptographic protocols to reduce communication latencies. The reduced latencies are achieved through a combination of the Elliptic Curve Qu-Vantstone (ECQV) implicit certificate scheme and the Elliptic Curve Digital Signature Algorithm (ECDSA), to guarantee data integrity and authenticity. However, literature lacks implementations and evaluations for vehicular systems. In this paper, we consider the IEEE 1609.2 standard for secure VANETs and investigate the feasibility of ECQV and ECDSA schemes when deployed in C-ITSs. We propose a prototype implementation of the standard ECQV scheme to evaluate its performance on automotive-grade hardware. To the best of our knowledge, this is the first open implementation of the scheme for constrained devices that are characterized by low computational power and low memory. We evaluate its performance against C-ITS communication latency constraints and show that, although even highly constrained devices can support the standard, complying with stricter requirements demands for higher computational resources.

Year: 2020 | Pages: 1 - 6

ISSN: 1550-2252 | DOI: 10.1109/VTC2020-Fall49728.2020.9348712

Abstract

None

Year: 2019 | Pages: 1 - 6

ISBN: 978-1-7281-2522-0 | DOI: 10.1109/NCA.2019.8935038

Abstract

None

Year: 2019 | Pages: 1 - 18

ISBN: 978-9949-9904-5-0 | DOI: 10.23919/CYCON.2019.8756865

Abstract

Highly distributed smart environments, such as Smart Cities, require scalable architectures to support a large number of stakeholders that share Internet of Things (IoT) resources and services. We focus on authorization solutions that regulate access of users to smart objects and consider scenarios where a large number of smart objects owners want to share the resources of their devices in a secure way. A popular solution is to delegate third parties, such as public Cloud services, to mediate authorization procedures among users and smart objects. This approach has the disadvantage of assuming third parties as trusted proxies that guarantee correctness of all authorization procedures. In this paper, we propose a system that allows to audit authorizations managed by third parties, to detect and expose their misbehaviors to users, smart objects owners and, possibly, to the public. The proposed system is inspired by the transparency projects used to monitor Web Certification Authorities, but improves over existing proposals through a twofold contribution. First, it is specifically designed for IoT devices, provided with little resources and distributed in constrained environments. Second, it complies to current standard authorization protocols and available open-source software, making it ready to be deployed.

Year: 2019 | Pages: 91 - 99

ISBN: 9781728127149 | DOI: 10.1109/ICIOT.2019.00027

Abstract

None

Year: 2018 | Pages: xxx - n/a

DOI: 10.1109/SMARTCOMP.2018.00016

Abstract

None

Year: 2018 | Pages: 371 - 389

ISBN: 978-9-9499-9042-9; 978-9-9499-9043-6 | DOI: 10.23919/CYCON.2018.8405026

Abstract

Modern vehicles are complex cyber physical systems where communication protocols designed for physically isolated networks are now employed to connect Internet-enabled devices. This unforeseen increase in connectivity creates novel attack surfaces, and exposes safety-critical functions of the vehicle to cyber attacks. As standard security solutions are not applicable to vehicles due to resource constraints and compatibility issues, research is proposing tailored approaches to cope with existing systems and to design next generations vehicles. In this paper we focus on solutions based on cryptographic protocols to protect in-vehicle communications and prevent unauthorized manipulation of the vehicle behaviors. Existing proposals consider vehicles as monolithic systems and evaluate performance and costs of the proposed solutions without considering the complex life-cycle of automotive components and the multifaceted automotive ecosystem that includes a large number of actors. The main contribution of this paper is a study of the impact of security solutions by considering vehicles life-cycle. We model existing proposals and highlight their impacts on vehicles production and maintenance operations by taking into consideration interactions among multiple players. Finally, we give insights on the requirements of architectures for secure intra-vehicular protocols.

Year: 2018 | Pages: 452 - 457

ISBN: 9781538647059 | DOI: 10.1109/SMARTCOMP.2018.00045

Abstract

Delegated authorization protocols have become wide-spread to implement Web applications and services, where some popular providers managing people identity information and personal data allow their users to delegate third party Web services to access their data. In this paper, we analyze the risks related to untrusted providers not behaving correctly, and we solve this problem by proposing the first verifiable delegated authorization protocol that allows third party services to verify the correctness of users data returned by the provider. The contribution of the paper is twofold: we show how delegated authorization can be cryptographically enforced through authenticated data structures protocols, we extend the standard OAuth2 protocol by supporting efficient and verifiable delegated authorization including database updates and privileges revocation.

Year: 2017 | Pages: 718 - 723

ISSN: 0730-3157 | DOI: 10.1109/COMPSAC.2017.260

Abstract

This paper proposes an efficient protocol for verifiable delegation of computation over outsourced set collections. It improves state of the art protocols by using asymmetric bilinear pairing settings for improved performance with respect to previous proposals based on symmetric settings. Moreover, it extends update operations by supporting efficient modifications over multiple sets. With respect to previous work the proposed protocol has a modular design, that clearly identifies its main building blocks and well-defined interfaces among them. This novel conceptualization allows easier auditing of the protocol security properties and serves as the blueprint of a novel implementation that is released publicly (https://weblab.ing.unimore.it/people/ferretti/versop/). To the best of our knowledge, this is the first public implementation of a protocol for verifiable sets operations.

Year: 2016 | Pages: 626 - 636

ISSN: 0302-9743 | DOI: 10.1007/978-3-319-48965-0_41

Abstract

The adoption of public cloud services, as well as other data outsourcing solutions, raises concerns about confidentiality and integrity of information managed by a third party. By focusing on data integrity, we propose a novel protocol that allows cloud customers to verify the correctness of results produced by key-value databases. The protocol is designed for supporting efficient insertion and retrieval of large sets of data through bulk operations in read and append-only workloads. In these contexts, the proposed protocol improves state-of-the-art by reducing network overheads thanks to an original combination of aggregate bilinear map signatures and extractable collision resistant hash functions.

Year: 2016 | Pages: 37 - 51

ISSN: 1611-3349 | DOI: 10.1007/978-3-319-41483-6_3

Abstract

Traditional computation outsourcing and modern cloud computing are affected by a common risk of distrust between service requestor and service provider. We propose a novel protocol, named Probus, that offers guarantees of correct behavior to both parts without assuming any trust relationship between them in the context of cloud-based key-value databases. Probus allows a service requestor to have evidence of cloud provider misbehavior on its data, and a cloud provider to defend itself from false accusations by demonstrating the correctness of its operations. Accusation and defense proofs are based on cryptographic mechanisms that can be verified by a third party. Probus improves the state-of-the-art by introducing novel solutions that allow for efficient verification of data security properties and by limiting the overhead required to provide its security guarantees. Thanks to Probus it is possible to check the correctness of all the results generated by a cloud service, thus improving weaker integrity assurance based on probabilistic verifications that are adopted by related work.

Year: 2015 | Pages: 157 - 164

ISBN: 9781467392990; 9781467392990 | DOI: 10.1109/CSCloud.2015.51

Abstract

Cloud services represent an unprecedented opportunity, but their adoption is hindered by confidentiality and integrity issues related to the risks of outsourcing private data to cloud providers. This paper focuses on integrity and proposes an innovative solution that allows cloud tenants to detect unauthorized modifications to outsourced data while minimizing storage and network overheads. Our approach is based on encrypted Bloom filters, and is designed to allow efficient integrity verification for databases stored in the cloud. We assess the effectiveness of the proposal as well as its performance improvements with respect to existing solutions by evaluating storage and network costs.

Year: 2014 | Pages: 1 - 6

ISBN: 9781479942763 | DOI: 10.1109/ISCC.2014.6912574

Abstract

Using cloud infrastructures to store and backup data is becoming a popular alternative that guarantees performance and scalability at reasonable prices. However, standard cloud solutions could raise some concerns about data confidentiality and dependency on a single provider. We aim to address these issues by using cloud storage of multiple cloud providers. Our solution ciphers, partitions and replicates data among multiple cloud architectures, thus augmenting availability and confidentiality, and avoiding lock-in of one cloud provider. The proposed model is implemented through open source software that leverages data storage offered by multiple providers. This prototype demonstrates the effectiveness of the geographically distributed architecture in several real case scenarios.

Year: 2013 | Pages: 201 - 207

ISBN: 978-1-61208-271-4 | DOI: n/a

Abstract

The users perception that the confidentiality of their data is endangered by internal and external attacks is limiting the diffusion of public cloud database services. In this context, the use of cryptography is complicated by high computational costs and restrictions on supported SQL operations over encrypted data. In this paper, we propose an architecture that takes advantage of adaptive encryption mechanisms to guarantee at runtime the best level of data confidentiality for any type of SQL operation. We demonstrate through a large set of experiments that these encryption schemes represent a feasible solution for achieving data confidentiality in public cloud databases, even from a performance point of view.

Year: 2013 | Pages: 36 - 42

ISBN: 9781612082981 | DOI: n/a

Abstract

The diffusion of cloud database services requires a lot of efforts to improve confidentiality of data stored in external infrastructures. We propose a novel scheme that integrates data encryption with users access control mechanisms. It can be used to guarantee confidentiality of data with respect to a public cloud infrastructure, and to minimize the risks of internal data leakage even in the worst case of a legitimate user colluding with some cloud provider personnel. The correctness and feasibility of the proposal is demonstrated through formal models, while the integration in a cloud-based architecture is left to future work.

Year: 2013 | Pages: 717 - 722

ISBN: 9780769550954 | DOI: 10.1109/CloudCom.2013.172

Abstract

Typical Cloud database services guarantee high availability and scalability, but they rise many concerns about data confidentiality. Combining encryption with SQL operations is a promising approach although it is characterized by many open issues. Existing proposals, which are based on some trusted intermediate server, limit availability and scalability of original cloud database services. We propose an alternative architecture that avoids any intermediary component, thus achieving availability and scalability comparable to that of unencrypted cloud database services. Moreover, our proposal guarantees data consistency in scenarios in which independent clients concurrently execute SQL queries, and the structure of the database can be modified.

Year: 2012 | Pages: 179 - 193

ISBN: 978-3-642-35361-1 | DOI: 10.1007/978-3-642-35362-8_15