Methodology For Securing Networked Self-Adaptive Embedded Systems

Taddeo - PhD Review

Methodology For Securing Networked

Self-Adaptive Embedded Systems

Antonio Vincenzo Taddeo

antonio.

[email protected]

Academic Advisor:

Prof. Mariagiovanna Sami

[email protected]

Research Advisor:

Dr. Alberto Ferrante

Problem Statement

Self-Adaptive Systems (SAS) introduce new

security challenges

–

_{Need for new security principles and design}

Solution:

(Self-)Adaptive Security

My research work is part of the AETHER - FET FP6 EU Project on

Why is the subject innovative?

Typically,

security mechanisms are

designed as

static

and

non-flexible

Adaptation

focuses on a single security aspects

Self-adaptive embedded systems require

innovative

dynamic and adaptive security

approaches

–

_{characterized by strong resource constraints}

(processing capacity, memory space, energy

availability…)

My contributions

(1) A new

model of SAS

–

_{Defined through coordinated management of}

HW & SW self-adaptivity

(2) A framework for

security self-adaptation

–

_{instance of the model in (1)}

–

_{run-time adaptation of security services}

(3) Enhancement of

(2)

for networked SAS

–

_{Dynamic Service Negotiation}

(1)

New SAS Model

Decentralized control algorithm

RTE as interface between SW

and HW.

Separation of adaptivity

concerns at each level.

Each level uses

MCA paradigm

to handle self-adaptation.

Recommender module

as

coordination mechanism.

Extensive simulations have

been performed to validate and

evaluate the recommender

(2)

Security Self-Adaptation

How can we have self-adaptive security?

MCA Paradigm

–

_Goals

_:



Satisfy the Application requirements;

Maximize the # of Running Applications;



Minimize the Cost of Security Configurations;

–

_Monitorable

_Space:



Running Application;

Current Cost;



System Cost Threshold;

–

_Adaptation

_Space:



Requirement satisfaction;

Running Applications;

Security Configurations;

Security Self-Adaptation:

Configurations and Costs

Different sets of

security configuration

are enforced at

different instants of time

A

cost

is associated with each configuration

–

_{e.g. power consumption}

A

cost threshold

is introduced as the maximum cost

for the current system status.

Each application has its specific

requirements

,

hard

or

soft

Multiple applications run on a given ES

Critical applications have precedence over non critical

ones.

Security Self-Adaptation Logic

Searches a cost sub-optimal solution that:



Satisfies the Application requirements;



Maximizes the # of Running Applications;



Minimizes the Cost of Security Configurations;

by means of:

–

_{Exact solutions (coverage table);}

–

_{Heuristic solutions (branch and bound);}

Cost reached is below the system threshold

Extensive simulations have been performed

to validate and evaluate the adaptive

(3a)

Security Services Negotiation

Nodes establish an agreement for secure

communication

–

_{How can nodes}

_{select the most efficient security}

services

?

–

_{Are the used security services}

_{the “cheapest”}

_?

–

_{Are the used security services}

_{the “most}

Security Service Negotiation Protocol

Nodes provides different

security services

–

_{Symmetric cipher, hash algorithms, ...}

Services are organized in homogeneous

groups

–

_{Same functionalities different performances}

Each data transmission has associated a

price.

Security Service Price Cost??

Each node

computes its

costs for each

security service

–

_{Identical services can have different costs on}

different nodes

Each node has a

global budget

that can be

consumed

–

_{A portion of the global budget is assigned to}

Service Selection Concept

Apply Linear Programming (LP) to

–

_{minimize the cost for transmission of bytes}

between the two nodes.

subject to:

–

_{Security services must be available in both}

nodes

–

_{cost paid by each node must be below node's}

(3b)

GoS Trusting Protocol

Will the node

perform the

tasks assigned

to it?

Trusting computation

A node is

trusted

if respects service

agreements

Reputation-based

protocol

–

_{By mixing}



Personal

experience



Indirect

experience

Update using:

Simulation Results

• 50% of nodes are 10% faulty

Evaluation of protocol w.r.t attacks

Bad mounting attack

–

_{a large number of malicious nodes are required}

to perform an efficient attack

On-Off attack

–

_{Nodes quickly reach a trust value of 7}

Sybil attack

–

_{Prevented by using identity check mechanism}

(not in our case)

Conflicting behavior

–

_{influences systems where there is a rating of the}

Publications (1/2)

Journals

– _{Derin Onur, Alberto Ferrante, and Antonio V. Taddeo, “Coordinated Management of Hardware and}

Software Self-adaptivity,” to appear in Elsevier Journal of Systems Architecture. (Authors appear in alphabetical order).

– Antonio Vincenzo Taddeo, Alberto Ferrante, “Scheduling Small Packets in IPSec Multi-accelerator Based Systems,” in Journal of Communications (JCM). Academy Publisher, Mar. 2007, vol. 2, no. 2, pp. 53–60.

Conferences and Workshops

– _{Antonio Vincenzo Taddeo, Alberto Ferrante, “A Security Service Protocol for MANETs,” to appear}

as a short paper in IEEE CCNC 2008, Las Vegas, 10-13 January 2009.

– Alberto Ferrante, Roberto Pompei, Anastasia Stulova, Antonio Taddeo, “A Protocol for Guarantee of Service in Pervasive Distributed Systems”, 2nd _{AETHER-Morpheus Workshop (AMWAS’08),}

Lugano, October 2008.(Authors appear in alphabetical order).

– _{Alberto Ferrante, Roberto Pompei, Anastasia Stulova, Antonio Taddeo, “A Protocol For Pervasive}

Distributed Computing Reliability,”. In proceedings of SecPri_WiMob 2008, Avignon, France, October 12, 2008. (Authors appear in alphabetical order).

– Alberto Ferrante, Antonio Vincenzo Taddeo, Mariagiovanna Sami, Fabrizio Mantovani, and Jurijs Fridkins, “Self-adaptive Security at Application Level: a Proposal,” in ReCoSoC 2007. Montpellier, France, Jun. 2007.

Publications (2/2)

Conferences and Workshops (minor research on

e-learning)

– _{Alessandro Bozzon and Tereza Iofciu and Wolfgang Nejdl and Antonio Vincenzo Taddeo and}

Sascha Tonnies."Role Based Access Control for the interaction with Search Engines" in COOPER Workshop in conjunction with ECTEL07 Conference, 17 September 2007.(Authors appear in alphabetical order).

– _{Bas Giesbers and Antonio Vincenzo Taddeo and Wim van der Vegt and Jan van Bruggen and}

Rob Koper. "A Question Answering service for information retrieval in Cooper" in COOPER Workshop in conjunction with ECTEL07 Conference, 17 September 2007.

– Carola Salvioni and Antonio Vincenzo Taddeo. "Remote Cooperation on Project-centred

Learning: a Working Implemented Solution in Academia", in COOPER Workshop in conjunction with ECTEL07 Conference, 17 September 2007.(Authors appear in alphabetical order).

– Aldo Bongio, Jan van Bruggen, Stefano Ceri, Valentin Cristea, Peter Dolog, Andreas Hoffmann, Maristella Matera, Marzia Mura, Antonio V. Taddeo, Xuan Zhou, and Larissa Zoni. "COOPER: Towards a Collaborative Open En-vironment of Project-Centred Learning. In Innovative

Approaches for Learning and Knowledge Sharing", volume Volume 4227/2006 of Lecture Notes in Computer Science, pages 561–566. Springer Berlin / Heidelberg, 2006..(Authors appear in alphabetical order).