1 / 11

Secure distributed applications: a case study

Italian Networking Workshop. Secure distributed applications: a case study. Luca Maria Aiello, Federica Cesano, Marco Milanesio, Giancarlo Ruffo, Rossano Schifanella. Speaker: Luca Maria Aiello SecNet Group Dipartimento di Informatica, Università degli Studi di Torino

murray
Download Presentation

Secure distributed applications: a case study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Italian Networking Workshop Secure distributed applications:a case study Luca Maria Aiello, Federica Cesano, Marco Milanesio, Giancarlo Ruffo, Rossano Schifanella Speaker: Luca Maria Aiello SecNet Group Dipartimento di Informatica, Università degli Studi di Torino Corso Svizzera, 185 – 10149, Torino, Italy aiello@di.unito.it Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

  2. Motivations • In distributed identity-based commercial applications, user data are retained by central servers. • Secure infrastructure • Loss of user privacy • Exploiting DHT systems for data storage could preserve privacy… • Respect of user data secrecy • Infrastructure prone to common attacks • Our contribution: • Likir: a secure p2p middleware • LiCha: the first Likir application, is a demonstrative Likir service Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

  3. Likir Layered Identity-based Kademlia-like InfRastructure • A novel DHT layer • Identity: user identity management at middleware level • Security: • Protection against known overlay attacks (Routing poisoning, • Sybil attack, MITM, Pollution…) Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

  4. Likir architecture • Many other attempts to secure overlay networks: • Myrmic • KadSec • Maelstrom • … • By introducing a strong binding between user ID and node ID, Likir solves (or effectively mitigates) DHT security problems Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

  5. Likir protocol Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

  6. Likir • Other good features • No Single Point Of Failure • No additional system constraints (e.g. clock synchronization) • Likir middleware is transparent to application developers • Ease of developement and integration of id-based applications • Limited computational overhead respect to Kademlia • Simple API • Possible enhancements • Replace RSA with IBS • … Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

  7. LiCha The Likir Chat • Fully distributed IM application • User data stored in the DHT • Personal data are encrypted before being stored • Every content is signed by Likir layer Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

  8. ID How LiCha works Password Find(“cedric.myopenid.com”) Cedric Dynaer TCP Application Hi! LiCha Contact Personal info Get(“cedric.myopenid.com”) Lookup(UDP) Overlay net Likir ID Store DHT storage Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

  9. A possible future? Likir becomes an ideal framework for privacy aware social networks • Security • Identity • Privacy • Scalability Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

  10. Contacts and Credits To get Likir/Licha code, or to contact us: http://likir.di.unito.it likir@di.unito.it aiello@di.unito.it We would thank Edoardo Rossi, cooperated with us for Licha developement Elton Kola, built Likir registration portal with OpenID verification Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

  11. Thank you! Luca Maria Aiello. Università degli Studi di Torino – Dipartimento di Informatica – SecNet Group

More Related