Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security Practice and Experience

ISPEC 2013: Information Security Practice and Experience pp 16–30Cite as

Trusted Identity Management for Overlay Networks

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7863))

Abstract

A critical requirement in overlay networks is to have unique, undeniable and verifiable identifiers for each node in the system.Without them, every node in such an overlay network would be able to impersonate other nodes or create an arbitrary amount of bogus nodes. Thus, a node or a group of nodes, could easily gain control over an overlay network by orchestrating such artificial nodes. Most proposed solutions are based on public key cryptography and public key infrastructures. Unfortunately, the process of issuing and distributing certificates is not solved for large scale overlay networks. In this work we provide a solution for creating unique, undeniable and verifiable identifiers for large-scale overlay networks using mechanisms provided by the Trusted Computing Group. We facilitate the use of a unique asymmetric key pair which has been created on a Trusted Platform Module and is vouched for by the manufacturer.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aberer, K., Despotovic, Z.: Managing trust in a peer-2-peer information system. In: Proc. CIKM 2001, pp. 310–317. ACM, New York (2001)

    Google Scholar 

  2. Balfe, S., Lakhani, A.D., Paterson, K.G.: Trusted computing: providing security for peer-to-peer networks. In: Proc. Fifth IEEE Int. Conf. Peer-to-Peer Computing, P2P 2005, pp. 117–124 (2005)

    Google Scholar 

  3. Bellovin, S.M.: Security aspects of Napster and Gnutella. In: Proc. USENIX (2001)

    Google Scholar 

  4. Bickson, D., Reinman, T., Dolev, D., Pinkas, B.: Peer-to-peer secure multi-party numerical computation facing malicious adversaries. Peer-to-Peer Networking and Applications 3(2), 129–144 (2010)

    Article  Google Scholar 

  5. Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: Secure routing for structured peer-to-peer overlay networks. SIGOPS Oper. Syst. Rev. 36(SI), 299–314 (2002)

    Article  Google Scholar 

  6. Dinger, J., Hartenstein, H.: Defending the sybil attack in p2p networks: taxonomy, challenges, and a proposal for self-registration. In: Proc. ARES 2006 (2006)

    Google Scholar 

  7. Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Eger, K., Killat, U.: Bandwidth trading in bittorrent-like p2p networks for content distribution. Comput. Commun. 31(2), 201–211 (2008)

    Article  Google Scholar 

  9. Grawrock, D.: Dynamics of a Trusted Platform: A Building Block Approach. Intel Press (February 2009) ISBN 978-1934053171

    Google Scholar 

  10. Hoffman, K., Zage, D., Nita-Rotaru, C.: A survey of attack and defense techniques for reputation systems. ACM Comput. Surv. 42(1), 1:1–1:31 (2009)

    Article  Google Scholar 

  11. Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43(2), 618–644 (2007)

    Article  Google Scholar 

  12. Jyothi, B.S., Dharanipragada, J.: Symon: Defending large structured p2p systems against sybil attack. In: Proc. IEEE Ninth Int. Conf. Peer-to-Peer Computing, P2P 2009, pp. 21–30 (2009)

    Google Scholar 

  13. Kauer, B.: Oslo: improving the security of trusted computing. In: SS 2007: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, pp. 1–9. USENIX Association, Berkeley (2007)

    Google Scholar 

  14. Kursawe, K., Schellekens, D., Preneel, B.: Analyzing trusted platform communications. In: Cryptographic Advances in Secure Hardware Workshop (2005)

    Google Scholar 

  15. Lowe, G.: Breaking and fixing the needham-schroeder public-key protocol using fdr. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  16. Martucci, L.A., Kohlweiss, M., Andersson, C., Panchenko, A.: Self-certified sybil-free pseudonyms. In: Proceedings of the First ACM Conference on Wireless Network Security, pp. 154–159. ACM, Alexandria (2008)

    Chapter  Google Scholar 

  17. Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)

    Article  MATH  Google Scholar 

  18. Pirker, M., Toegl, R., Hein, D., Danner, P.: A PrivacyCA for anonymity and trust. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 101–119. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  19. Pirker, M., Winter, J., Toegl, R.: Lightweight Distributed Heterogeneous Attested Android Clouds. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 122–141. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  20. Ryu, S., Butler, K., Traynor, P., McDaniel, P.: Leveraging identity-based cryptography for node id assignment in structured p2p systems. In: Proc. AINAW 2007, pp. 519–524 (2007)

    Google Scholar 

  21. Shim, R., Mainelli, T., O’Donnell, B., Chute, C., Pulskamp, F., Rau, S.: Worldwide interfaces and technologies embedded in PCs 2010-2014 forecast. Tech. rep., IDC (2010)

    Google Scholar 

  22. Sit, E., Morris, R.: Security considerations for peer-to-peer distributed hash tables. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 261–269. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  23. Srivatsa, M., Liu, L.: Vulnerabilities and security threats in structured overlay networks: a quantitative analysis. In: 20th Annual Computer Security Applications Conference, pp. 252–261 (2004)

    Google Scholar 

  24. Tarnovsky, C.: Hacking the smartcard chip. Blackhat Conference (2010)

    Google Scholar 

  25. Trusted Computing Group: TCG infrastructure specifications, https://www.trustedcomputinggroup.org/specs/IWG/

  26. Trusted Computing Group: TCG TPM specification version 1.2 revision 103 (2007)

    Google Scholar 

  27. Wakeman, I., Chalmers, D., Fry, M.: Reconciling privacy and security in pervasive computing: the case for pseudonymous group membership. In: Proceedings of the 5th International Workshop on Middleware for Pervasive and Ad-Hoc Computing: Held at the ACM/IFIP/USENIX 8th International Middleware Conference, pp. 7–12. ACM (2007)

    Google Scholar 

  28. Wallach, D.S.: A survey of peer-to-peer security issues. In: Okada, M., Babu, C. S., Scedrov, A., Tokuda, H. (eds.) ISSS 2002. LNCS, vol. 2609, pp. 42–57. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Inffeldgasse 16a, A–8010, Graz, Austria

    Stefan Kraxberger, Ronald Toegl, Martin Pirker, Elisa Pintado Guijarro & Guillermo Garcia Millan

Authors
  1. Stefan Kraxberger
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ronald Toegl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Martin Pirker
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Elisa Pintado Guijarro
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Guillermo Garcia Millan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Systems, Singapore Management University, 178902, Singapore, Singapore

    Robert H. Deng

  2. School of Computer and Communication, University of technology, 730050, Lanzhou, China

    Tao Feng

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kraxberger, S., Toegl, R., Pirker, M., Guijarro, E.P., Millan, G.G. (2013). Trusted Identity Management for Overlay Networks. In: Deng, R.H., Feng, T. (eds) Information Security Practice and Experience. ISPEC 2013. Lecture Notes in Computer Science, vol 7863. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38033-4_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38033-4_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38032-7

  • Online ISBN: 978-3-642-38033-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation