Time filter

Source Type

Borran F.,Ecole Polytechnique Federale de Lausanne | Hutle M.,Fraunhofer Institute for Applied and Integrated Security | Santos N.,Ecole Polytechnique Federale de Lausanne | Schiper A.,Ecole Polytechnique Federale de Lausanne
IEEE Transactions on Dependable and Secure Computing | Year: 2012

Consensus is one of the key problems in fault-tolerant distributed computing. Although the solvability of consensus is now a well-understood problem, comparing different algorithms in terms of efficiency is still an open problem. In this paper, we address this question for round-based consensus algorithms using communication predicates, on top of a partial synchronous system that alternates between good and bad periods (synchronous and nonsynchronous periods). Communication predicates together with the detailed timing information of the underlying partially synchronous system provide a convenient and powerful framework for comparing different consensus algorithms and their implementations. This approach allows us to quantify the required length of a good period to solve a given number of consensus instances. With our results, we can observe several interesting issues, such as the number of rounds of an algorithm is not necessarily a good metric for its performance. © 2006 IEEE. Source

Rottondi C.,Polytechnic of Milan | Verticale G.,Polytechnic of Milan | Krauss C.,Fraunhofer Institute for Applied and Integrated Security
IEEE Journal on Selected Areas in Communications | Year: 2013

The widespread deployment of Automatic Metering Infrastructures in Smart Grid scenarios rises great concerns about privacy preservation of user-related data, from which detailed information about customer's habits and behaviors can be deduced. Therefore, the users' individual measurements should be aggregated before being provided to External Entities such as utilities, grid managers and third parties. This paper proposes a security architecture for distributed aggregation of additive data, in particular energy consumption metering data, relying on Gateways placed at the customers' premises, which collect the data generated by local Meters and provide communication and cryptographic capabilities. The Gateways communicate with one another and with the External Entities by means of a public data network. We propose a secure communication protocol aimed at preventing Gateways and External Entities from inferring information about individual data, in which privacy-preserving aggregation is performed by means of a cryptographic homomorphic scheme. The routing of information flows can be centralized or it can be performed in a distributed fashion using a protocol inspired by Chord. We compare the performance of both approaches to the optimal solution minimizing the data aggregation delay. © 1983-2012 IEEE. Source

Krauss C.,Fraunhofer Institute for Applied and Integrated Security | Fusenig V.,Siemens AG
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2013

In cloud networking users may want to control where their virtual resources are stored or processed, e.g., only in western Europe and not in the US. Cloud networking is the combined management of cloud computing and network infrastructures of different providers and enables dynamic and flexible placement of virtual resources in this distributed environment. In this paper, we propose a mechanism for verifying the geographic location of a virtual resource. Our approach uses Trusted Platform Modules (TPM) to identify physical machines and a trusted authority which verifies the actual location. In addition, our approach enables the verification of the trustworthiness of the machine of the cloud operator. © 2013 Springer-Verlag. Source

Milosevic Z.,Ecole Polytechnique Federale de Lausanne | Hutle M.,Fraunhofer Institute for Applied and Integrated Security | Schiper A.,Ecole Polytechnique Federale de Lausanne
Distributed Computing | Year: 2014

Transmission faults allow us to reason about permanent and transient value faults in a uniform way. However, all existing solutions to consensus in this model are either in the synchronous system, or require strong conditions for termination, that exclude the case where all messages of a process can be corrupted. In this paper we introduce eventual consistency in order to overcome this limitation. Eventual consistency denotes the existence of rounds in which processes receive the same set of messages. We show how eventually consistent rounds can be simulated from eventually synchronous rounds, and how eventually consistent rounds can be used to solve consensus. Depending on the nature and number of permanent and transient transmission faults, we obtain different conditions on n n, the number of processes, in order to solve consensus in our weak model. © 2013 Springer-Verlag Berlin Heidelberg. Source

Schutte J.,Fraunhofer Institute for Applied and Integrated Security
Proceedings - International Conference on Advanced Information Networking and Applications, AINA | Year: 2012

With the constantly growing complexity and heterogeneity of distributed system, the ability to control their security mechanisms in a human-understandable way becomes increasingly important. Policies, for specifying the behavior of a system in terms of non-functional requirements, have been in use for several years and the Event-Condition-Action (ECA) pattern has been applied in various systems in order to define appropriate reactions to changing conditions. However, ECA policies do not reflect the desired system state but rather on specific actions the system should perform upon the occurrence of certain events, thereby demanding in-depth knowledge about the inner workings of a system and preventing the development of truly "self-protecting" systems, i.e. systems which are able to automatically adapt themselves so as to achieve certain security goals. In this paper, we present a policy framework that abstracts the ECA model to situation-goal (SG) policies, stating which security requirements should hold in a certain situation and thereby bring policies closer to the actual security model the user has in mind. A prototypical implementation of the framework has been done in form of a module for the Apollon policy system. © 2012 IEEE. Source

Discover hidden collaborations