Exploiting the Network for Securing Personal Devices

  • Chris Dalton
  • Antonio Lioy
  • Diego Lopez
  • Fulvio Risso
  • Roberto Sassu
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 470)


Personal devices (such as smartphones and laptops) often experience incoherent levels of security due to the different protection applications available on the various devices. This paper presents a novel approach that consists in offloading security applications from personal devices and relocating them inside the network; this will be achieved by enriching network devices with the appropriate computational capabilities to execute generic security applications. This approach is fostered by the Secured project, which will define the architecture, data and protocols needed to turn this vision into reality.


Network-based personal security Personal security protection Remote attestation Network functions virtualization 



The research described in this paper is part of the Secured project, co-funded by the European Commission (FP7 grant agreement no. 611458).


  1. 1.
    Armknecht, F., Gasmi, Y., Sadeghi, A.R., Stewin, P., Unger, M., Ramunno, G., Vernizzi, D.: An efficient implementation of trusted channels based on OpenSSL. In: ACM Workshop on Scalable Trusted Computing, pp. 41–50 (2008)Google Scholar
  2. 2.
    Goldman, K., Perez, R., Sailer, R.: Linking remote attestation to secure tunnel endpoints. In: ACM Workshop on Scalable Trusted Computing, pp. 21–24 (2006)Google Scholar
  3. 3.
    Gringoli, F., Salgarelli, L., Dusi, M., Cascarano, N., Risso, F., Claffy, K.: GT: picking up the truth from the ground for Internet traffic. ACM SIGCOMM Comput. Commun. Rev. 39(5), 12–18 (2009)CrossRefGoogle Scholar
  4. 4.
    Trusted Computing Group: TPM Main Specification, Version 1.2, Revision 103 (2007).
  5. 5.
    McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S., Turner, J.: Openflow: enabling innovation in campus networks. SIGCOMM Comput. Commun. Rev. 38(2), 69–74 (2008)CrossRefGoogle Scholar
  6. 6.
    Network Functions Virtualisation Industry Specification Group (NFV ISG): Network Functions Virtualisation - update white paper, October 2013.
  7. 7.
    Risso, F., Cerrato, I.: Customizing data-plane processing in edge routers. In: European Workshop on Software Defined Networks, pp. 114–120 (2012)Google Scholar
  8. 8.
    Sadeghi, A.-R., Schulz, S.: Extending IPsec for efficient remote attestation. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) FC 2010 Workshops. LNCS, vol. 6054, pp. 150–165. Springer, Heidelberg (2010)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Chris Dalton
    • 1
  • Antonio Lioy
    • 2
  • Diego Lopez
    • 3
  • Fulvio Risso
    • 2
  • Roberto Sassu
    • 2
  1. 1.HP LaboratoriesBristolUK
  2. 2.Dipartimento di Automatica e InformaticaPolitecnico di TorinoTorinoItaly
  3. 3.Teléfonica I+DMadridSpain

Personalised recommendations