Project guide Dr. G. Sudha Sadhasivam Asst Professor, Dept of CSE Presented by C. Geetha Jini (07MW03)

Slides:



Advertisements
Similar presentations
A key agreement protocol using mutual Authentication for Ad-Hoc Networks IEEE 2005 Authors : Chichun Lo, Chunchieh Huang, Yongxin Huang Date : 2005_11_29.
Advertisements

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.
A Survey of Key Management for Secure Group Communications Celia Li.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
Policy-based Virtual Network Embedding across Multiple Domains
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006.
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
Military Technical Academy Bucharest, 2006 SECURITY FOR GRID INFRASTRUCTURES - Grid Trust Model - ADINA RIPOSAN Department of Applied Informatics.
1.1 Distributed and Collaborative Key Agreement Protocols with Authentication and Implementation for Dynamic Peer Groups Patrick Pak-Ching LEE.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Scalable Application Layer Multicast Suman Banerjee Bobby Bhattacharjee Christopher Kommareddy ACM SIGCOMM Computer Communication Review, Proceedings of.
Secure Group Communications Using Key Graphs Chung Kei Wong, Member, IEEE, Mohamed Gouda Simon S. Lam, Fellow, IEEE Evgenia Gorelik Yuksel Ucar.
Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.
Establishment of Conference Keys in Heterogeneous Networks Wade Trappe, Yuke Wang, K. J. Ray Liu ICC IEEE International Conference.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Database caching in MANETs Based on Separation of Queries and Responses Author: Hassan Artail, Haidar Safa, and Samuel Pierre Publisher: Wireless And Mobile.
Group Key Distribution Chih-Hao Huang
Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European.
Slide 1 Comparison of Inter-Area Rekeying Algorithms for Secure Mobile Group Communication C. Zhang*, B. DeCleene +, J. Kurose*, D. Towsley* * Dept. Computer.
Scientific Computing Department Faculty of Computer and Information Sciences Ain Shams University Supervised By: Mohammad F. Tolba Mohammad S. Abdel-Wahab.
Overview of Security Research in Ad Hoc Networks Melanie Agnew John Folkerts Cory Virok.
Brian Padalino Sammy Lin Arnold Perez Helen Chen
Computer Science 1 CSC 774 Advanced Network Security Secure Group Communications Using Key Graphs Presented by: Siddharth Bhai 9 th Nov 2005.
1 TAPAS Workshop Nicola Mezzetti - TAPAS Workshop Bologna Achieving Security and Privacy on the Grid Nicola Mezzetti.
Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups David Insel John Stephens Shawn Smith Shaun Jamieson.
SANE: A Protection Architecture for Enterprise Networks
TRIGON BASED AUTHENTICATION, AUTHORIZATION AND DISTRIBUTION OF ENCRYPTED KEYS WITH GLOBUS MIDDLEWARE Anitha Kumari K 08MW01 II ME – Software Engineering.
Overlay Network Physical LayerR : router Overlay Layer N R R R R R N.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Secure Group Communication: Key Management by Robert Chirwa.
Improving Capacity and Flexibility of Wireless Mesh Networks by Interface Switching Yunxia Feng, Minglu Li and Min-You Wu Presented by: Yunxia Feng Dept.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
New Cryptographic Techniques for Active Networks Sandra Murphy Trusted Information Systems March 16, 1999.
Distributed Authentication in Wireless Mesh Networks Through Kerberos Tickets draft-moustafa-krb-wg-mesh-nw-00.txt Hassnaa Moustafa
Cryptanalysis and Improvement of an Access Control in User Hierarchy Based on Elliptic Curve Cryptosystem Reporter : Tzer-Long Chen Information Sciences.
Summary of Distributed Computing Security Yifeng Zou Georgia State University
1 Distributed and Collaborative Key Agreement Protocols with Authentication and Implementation for Dynamic Peer Groups Patrick P. C. Lee.
A secure re-keying scheme Introduction Background Re-keying scheme User revocation User join Conclusion.
SAODV and Distributed Key Management Mark Guzman, Jeff Walter, Dan Bress, Pradhyumna Wani.
Scalable Grid system– VDHA_Grid: an e-Science Grid with virtual and dynamic hierarchical architecture Huang Lican College of Computer.
Self-Healing Group-Wise Key Distribution Schemes with Time-Limited Node Revocation for Wireless Sensor Networks Minghui Shi, Xuemin Shen, Yixin Jiang,
October 21th, 2009 HGP Team Hyunho Park, Gianni M. Ricciardi, Pierre Alauzet Hyunho Park, Gianni M. Ricciardi, Pierre Alauzet CS642 - Distributed Systems.
Password-only Authenticated Key Agreement Protocols Based on Self-certified Approach Tzong-Chen Wu and Yen-Ching Lin Department of Information Management.
Group Key Distribution Xiuzhen Cheng The George Washington University.
Grid technology Security issues Andrey Nifatov A hacker.
Time-Space Trust in Networks Shunan Ma, Jingsha He and Yuqiang Zhang 1 College of Computer Science and Technology 2 School of Software Engineering.
J.-H. Cho, I.-R. Chen, M. Eltoweissy ACM/Springer Wireless Networks, 2007 Presented by: Mwaffaq Otoom CS5214 – Spring © 2007 On optimal batch re-keying.
An Adaptive Protocol for Efficient & Secure Multicasting in Wireless LANS Sandeep Gupta & Sriram Cherukuri Arizona State University
Brief Announcement : Measuring Robustness of Superpeer Topologies Niloy Ganguly Department of Computer Science & Engineering Indian Institute of Technology,
Efficient Group Key Management in Wireless LANs Celia Li and Uyen Trang Nguyen Computer Science and Engineering York University.
A Security Framework with Trust Management for Sensor Networks Zhiying Yao, Daeyoung Kim, Insun Lee Information and Communication University (ICU) Kiyoung.
KAIS T A Secure Group Key Management Scheme for Wireless Cellular Network Hwayoung Um and Edward J. Delp, ITNG’ Kim Pyung.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai Supervised.
Presented by Edith Ngai MPhil Term 3 Presentation
Intrusion Tolerant Architectures
Zueyong Zhu† and J. William Atwood‡
Security of Grid Computing Environments
CSC 774 Advanced Network Security
به نام آنکه هستی نام از او یافت
Distributed security – Dynamic Group Key Management by Jaman Bhola
Key Management Protocols
Presentation transcript:

Project guide Dr. G. Sudha Sadhasivam Asst Professor, Dept of CSE Presented by C. Geetha Jini (07MW03)

 Objective  Grid Security Issues  Dynamic VO in Grid  Group Communication in Grid  Tree Based Group Diffie Hellman Protocol  Interval based Rekeying  Domain to domain Communication  Establishment of Trust  Results  Conclusion  Future Work  References 2

 To use Tree Based Group Diffie Hellman Protocol to generate and update the group key dynamically.  To compare the performance of individual and interval based rekeying approachs.  Securing domain to domain communication by establishing trust relationship among entities.  Simulating the protocol using GridSim toolkit. 3

The activities that need to be secured in a grid environment are:  Naming and authentication  Secure communication – TLS/SSL  Trust, policy, and authorization  Access control. 4

Virtual organizations (VOs) are collections of diverse and distributed individuals that seek to share and use diverse resources in a coordinated fashion. Users can join into several VOs, while resource providers also partition their resources to several Vos. 5

 Dynamic VO establishment ◦ A VO is organized for some goal and disorganized after the goal is achieved. ◦ Users can join into or leave VOs. ◦ Resource providers can join into or leave VOs.  Dynamic policy management ◦ Resource providers dynamically change their resources policies. ◦ VO managers manage VO users’ rights dynamically.  Interoperability with different host environments 6

7

 A binary key tree is formed. Each node v represents a secret (private) key K v and a blinded (public) key BK v.  BK v = α K v mod p, where α and p are public parameters.  Every member holds the secret keys along the key path  Assume each member knows the all blinded keys in the key tree. 0 M1M1 M2M M3M3 M4M4 M5M5 M6M K 0 = Group Key 8

K v = (BK 2v+1 ) K 2v+2 = (α K 2v+1 ) K 2v+2 mod p v The secret key of a non-leaf node v can be generated by: K v = (BK 2v+2 ) K 2v+1 = (α K 2v+2 ) K 2v+1 mod p 2v+12v+2 BK 2v+1 BK 2v+2 K v = α K 2v+1 K 2v+2 mod p The secret key of a leaf node is randomly selected by the corresponding member. 9

E.g., M 1 generates the group key via: 0 M1M1 M2M M3M3 M4M4 M5M5 M6M6 K 7, BK 8  K 3 K 3, BK 4  K 1 K 1, BK 2  K 0 (Group Key)

 Rekeying (renewing the keys of the nodes) is performed at every single join/leave event to ensure backward and forward confidentiality.  A special member called sponsor is elected to be responsible for broadcasting updated blinded keys. 11

M4M4 0  M 8 broadcasts its individual blinded key BK 12 on joining.  M 4 becomes the sponsor. It rekeys K 5, K 2 and K 0 and broadcasts the blinded keys.  Now everyone can compute the new group key M 4(S) M 8 joins 2 5 M8M8 M1M1 M2M M3M3 M6M M7M

 M 4 becomes the sponsor. It rekeys the secret keys K 2 and K 0 and broadcasts the blinded keys.  M 1, M 2 and M 3 compute K 0 given BK 2.  M 6 and M 7 compute K 2 and then K 0 given BK M4M4 M5M5 0 2 M1M1 M2M M3M3 M6M M7M M 5 leaves 5 M 4(S) 13

Tree T * 3 M2M2 M5M5 M3M3 sponsor M6M6 sponsor Tree T 3 M1M1 M3M3 M4M4 M6M6 sponsor M2M2 sponsor M5M5 14

15

 Interval-based rekeying is proposed such that rekeying is performed on a batch of join and leave requests at regular rekey intervals.  Interval-based rekeying improves system performance.  Queue-batch algorithm is used for interval based rekeying. 16

 T’ is attached to node 6.  M 10, the sponsor, will broadcast BK 6.  M 1 rekeys K 1. M 6 rekeys K 2.  M 1 broadcasts BK 1. M 6 broadcasts BK M1M1 M2M M3M3 M4M4 M5M5 M6M M7M7 M 8, M 9, M 10 join M 2, M 7 leave 36 8 M 1(S) M8M8 M9M9 T’ 2728 M 10(S) 17 M8M M9M9 T’ 2728 M 10(S)

 Group key Secrecy  Forward Secrecy  Backward Secrecy  Key Independence 18

Domain1 d1 Domain2 d2 Domain3 d3 Admin VO1 Group2 19

Trust Evaluation Entity A’s opinion about entity B’s trustworthiness Combining Trust If b A > b B ; d A < d B and u A < u B, then opinion O A is over a threshold presented by O B. Comparing Trust 20

Initialize the GridSim Package Create grid entities- users and resources Build the Network topology (mesh) Form the group Entity joins to different domain Evaluate trust Joins the entity to group Join the entity to group Perform rekeying Initialize the GridSim Package Create grid entities- users and resources Build the Network topology (mesh) Form the group Entity joins to different domain Evaluate trust Joins the entity to group Join the entity to group Perform rekeying yes No 21

Leave = 0Leave = 5 Leave = 10 22

Leave = 10 23

24

25

26

 TGDH is used for securing group communication in grid.  Here each member contribute an equal share to the common group session key. This will enhance the security and avoid the problems with centralized trust and single point failure.  In order to reduce rekeying complexity, interval based approach is carried out.  Simulations are done using GridSim toolkit.  Domain to domain communication is enhanced by establishing a trust relationship. 27

 The group key management protocol can be further enhanced by coupling the session based group key with permanent private components of the group members to improve security.  Groups can be formed within a virtual organization based on trust relationships, separate keys can be generated for each group and these keys can be managed hierarchically based on trust.  The proposed system can be tested in a real grid environment using globus. 28

[1] Y. Kim, A. Perrig, and G. Tsudik. Tree-Based Group Key Agreement. ACM Trans. on Information and System Security, 7(1):60–96, Feb [2] Distributed and Collaborative Key Agreement Protocols with Authentication and Implementation for Dynamic Peer Groups by Patrick P. C. Lee, John C. S. Lui, and David K. Y. Yau,, Vol. 14, No. 2, April 2006 [3] Grid Security Services Simulator (G3S) – A Simulation Tool for the Design and Analysis of Grid Security Solutions, Syed Naqvi, Michel Riguidel Proceedings of the First International Conference on e-Science and Grid Computing (e- Science’05) 2005 IEEE [4] [5] Ching Lin, Vijay Varadharajan and Yan Wang, Vineet Pruthi, “Enhancing Grid Security with Trust Management”, Proceedings of the 2004 IEEE International Conference on Services Computing (SCC’04). [6] Marty Humphrey, Mary R. Thompson, and Keith R. Jackson, Security for Grids, Proceedings of the IEEE, Vol. 93, No. 3, March

THANK YOU 30

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.