Export 20 results:
Sort by: Author Title [ Type  (Asc)] Year
Book Chapter
Joy, SP, Chandran P.  2013.  Towards a Computational Trust Model for Secure Peer-to-Peer Communication. Managing Trust in Cyberspace. , Boca Raton, Florida, USA: CRC Press, Taylor and Francis Group Abstract

Group communication is important for applications requiring high availability and collaboration among group members. Secure communication in group applications based on the peer-to-peer communication paradigm, is done using a shared secret key, the session key, computed from the contributions of the participants of the group. Group key agreement (GKA) protocols allow members of a group to compute this key without explicitly transmitting it. A P2P application is inherently dynamic, allowing participants to join or leave the group while the application is running. A complete verifiability of all actions and transactions at run time is computationally infeasible within time constraints. Therefore there is a requirement for a trust model for p2p communications, based on which individual members can take decisions about joining and leaving a group and groups can take decisions about allowing individuals to join or leave groups. This chapter describes a proposal for a trust model for p2p applications, and a framework for computing the trustworthiness of a group as a metric called the group trust score. The group trust score represents the probability with which the transactions and messages in the p2p application would remain secret, and can be used by prospective members to decide whether to join a group. The group trust score is based on the concept of forward secrecy of GKA protocols.
Perfect forward secrecy is one of the security requirements of GKA protocols. Perfect forward secrecy considers the secrecy of the session key, when all contributions from the members are compromised. However many GKA protocols provide only partial forward secrecy. The secrecy of the session key, when some of the contributions are compromised, is addressed by partial forward secrecy. Among the protocols that satisfy partial forward secrecy, those with higher probability of loss of session key, given that the contributions have been compromised with some probability, will be weaker than those with a lower probability of loss of session key under the same assumptions. This chapter presents a novel formal framework which enables the comparison of GKA protocols providing partial forward secrecy. The framework defines a metric, the degree of partial forward secrecy, to compare protocols, and an algorithm to compute the metric. The proposed framework is illustrated by comparing a set of GKA protocols. The set includes six GKA protocols which use the Diffie-Hellman key exchange scheme (DH). Perfect forward secrecy is considered to be an attribute of GKA protocols based on DH. However, under strong corruptions, these protocols fail to satisfy perfect forward secrecy. But they satisfy varying degrees of partial forward secrecy, owing to their design. The analysis of the results of comparison of the collection of DH based GKA protocols using the proposed framework points out the strongest protocol with respect to partial forward secrecy. The analysis of three protocols using different cryptographic primitives is also presented demonstrating the applicability of the framework for protocols with different cryptographic primitives.
The framework for assessing the degree of partial forward secrecy of protocols is extended to evaluate the group trust score of protocols, and the trust strength, or stability of the group trust score in the event of low trust members joining the group. As different applications have different dynamic behavior and requirements on the trust strength, three different group applications, a cloud based subscribed journal, an interactive whiteboard and a boardroom meeting are chosen for discussion. The requirements on the group trust and trust strength for these applications is described and the GKA protocols in the test set are analyzed for their suitability to the applications. The analysis shows that the suitability of different GKA protocols to applications is independent of the cryptographic paradigm used in the protocol.
The analysis provides some useful insights for application designers. The choice of a GKA protocol for an application should not be based on the underlying cryptographic primitive, or purely the computational complexity of the key. The suitability of GKA protocols for p2p applications depends on the degree of partial forward secrecy, the trust metrics for the group, the trust values of the individual participants and the dynamic behavior of the application. A systematic analysis of the trust strength using the framework described in this chapter would help the application designers to make better choices of GKA protocols. A research problem that emerges as a very important one from the analysis presented in the chapter is that of developing underlay awareness in groups, and methods for evaluating the trust to be placed on individuals using underlay awareness. The formulation of statistical approaches for evaluating the trust metrics of groups, with different GKA protocols, for use by the application designer, is another important research topic that evolved from the analysis.

Conference Paper
Jithin, R, Chandran P.  2016.  Dynamic partitioning of physical memory among virtual machines: {ASMI:} architectural support for memory isolation. Proceedings of the 31st Annual {ACM} Symposium on Applied Computing, Pisa, Italy, April 4-8, 2016. :474–476. Abstract
Lee, OT, MadhuKumar SD, Chandran P.  2016.  ECSim: A simulation tool for performance evaluation of erasure coded storage systems. Advances in Computing, Communications and Informatics (ICACCI), 2016 International Conference on. :2713–2718.: IEEE Abstract

Simulation environments provide a comprehensive set of advantages to users, like cost effectiveness and capability to understand the shortcomings of the system under design, without physical implementation. Simulation platforms help the industry and academia, to document and publish their research outputs in a timely and cost efficient manner. The ECSim tool presented here, is meant for academic use in the initial stages of research. The platform provides an environment where the performance of erasure coded storage systems can be tested without much effort. The main highlight of the simulator is that it provides a very simple environment which can run on a standalone system. The environment does not require the user to be a programmer, since it provides an interactive command line interface to the user. The ability to simulate data center, clusters, master nodes, storage nodes with computing power, storage devices, bandwidth usage and disk I/O involved are notable features of ECSim.

Shoundic, S, Chandran P, Krishna P, Reddy V, Jayachandra B, Pande L.  2016.  Extended-HyperWall: Hardware support for rollback secure virtualization, September. 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI). , Jaipur, India Abstract

"Virtualization is a vital part of computing today. Rollback is an important feature to be supported by virtualization. However, hackers leverage rollback and pose serious security threats to systems running in a virtualized environment. The aim of this paper is to identify such security threats and propose a comprehensive solution. In this paper, we propose Extended-HyperWall architecture as a solution to security of Virtual Machines (VMs) in a fully virtualized environment. Extended-HyperWall architecture is an integration of HyperWall with Rollback Sensitive Data Memory with Architecture Assistance (RSDM-A). HyperWall is a system that proposes hardware support to ensure confidentiality and integrity of a VM's data, with an assumption that hypervisor cannot be trusted. RSDM-A is an architectural support to a virtualized system that separates rollback sensitive data from rollback non-sensitive data which is one of the major causes of threats that arises due to rollback. Extended-HyperWall integrates CIP-table (Confidentiality and Integrity Table to ensure confidentiality and integrity of data) and RSDM-table (Rollback Sensitive Data Memory to protect the system from rollback attacks). The paper illustrates the design of Extended-HyperWall, and its implementation on the Xen Hypervisor kernel for testing and analysis."

Amritapatole, MadhuKumar SD, Chandran P, Shabeera TP.  2015.  Load-Aware Replica Placement in Multiuser Hadoop Environment Using MST, 8, December. Third edition of the International Conference on Recent Advances in Computational Systems(IEEE RAICS -2015). , Trivandrum Abstract
Ranjith, P, Chandran P, Kaleeswaran S.  2011.  On Covert Channels between Virtual Machines, February 2011. wcloud 2011, Workshop on Issues in Virtualization and Clouds. , Indian Institute of Technology Bombay
Jithin, R, Chandran P.  2014.  'Virtual Machine Isolation - A Survey on the Security of Virtual Machines. The Second International Conference on Security in Computer Networks and Distributed Systems (SNDS-2014). , Thiruvananthapuram (Trivandrum), India
Devasia, JV, Chandran P.  2016.  "Who are the key players behind a disease state": Outcomes of a new computational approach on cancer data, March. 2016 International Conference on Bioinformatics and Systems Biology (BSB). :1-4. Abstract


Conference Proceedings
Manish Parashar, Umesh Bellur, S.D Madhu Kumar, Priya Chandran, Murali Krishnan, Kamesh Madduri, Sushil K. Prasad, C. Chandra Sekhar, Nanjangud C. Narendra, Carlos Valera, Sanjay Chaudhary, Kavi Arya, Xiaolin Li (Eds.).  2014.  Seventh International Conference on Contemporary Computing, {IC3} 2014, Noida, India, August 7-9, 2014. : {IEEE} Abstract
Devasia, J, Chandran P.  2014.  Towards an Improved Algorithm for Modeling Information Flow in Biological Networks, 2014. ACCIS 2014. , Kollam, Kerala, India Abstract

Paper - 10's Abstract
Modeling communications between nodes in large-scale molecular interaction networks as information flows is useful for analyzing relationships between individual network components. Discovering causal genes and dysregulated pathways using network analysis based on information flow models is a very active, current topic of research. Recent research provides cubic order polynomial time solutions to the problem. Considering the huge size of interaction networks, calculating information flows can be costly, even with cubic order algorithms. An improvement to the computing time has been achieved by using the concept of approximation algorithms which are useful in solving large instances of problems requiring numerous resources. Proofs for the approximation factor and implementation results for the proposed algorithm are presented.

Journal Article
Shabeera, TP, Chandran P, Kumar MSD.  2012.  Authenticated and persistent skip graph: a data structure for cloud based data-centric applications. Proceedings of the International Conference on Advances in Computing, Communications and Informatics (ICACI 2012). ACM( ISBN: 978-1-4503-1196-0):155-160.Website
Shabeera, TP, MadhuKumar SD, Chandran P.  2016.  Curtailing job completion time in MapReduce clouds through improved Virtual Machine allocation. Computers & Electrical Engineering. :-. AbstractWebsite

Abstract Cloud-based MapReduce platforms offer ready to use MapReduce clusters. The problem of allocating Virtual Machines (VMs) carrying out the computation, for minimizing data transfer delay is a crucial one in this context, as the MapReduce tasks are communication intensive. The interaction between \{VMs\} may face varying delays, if the \{VMs\} are hosted in different Physical Machines (PMs). This work aims to optimize the data transfer delay between VMs, which is denoted by the distance between the VMs. We propose an approximation algorithm for \{VM\} allocation in data centers wherein the distances between \{VMs\} satisfy triangular inequality and an optimization algorithm for \{VM\} allocation in data centers where the distances between \{VMs\} do not satisfy triangular inequality. Simulations on CloudSim demonstrate the performance of our algorithms and the results affirm the reduction in job completion time compared to other allocation schemes.

Joy, SP, Chandran P.  2010.  A formal framework for comparing group key agreement protocols with partial forward secrecy. The 4 th IEEE International Conference on Internet Multimedia Systems Architecture and Application, (IMSAA 10). , Bangalore, India: IEEEWebsite
Joy, SP, Chandran P.  2017.  A formal framework for verifying İKA\} property of protocols. Journal of King Saud University - Computer and Information Sciences. :-. AbstractWebsite

Abstract A group key agreement (GKA) protocol generates a secret key (session key) shared among the members of the group, from the contributions made by group members. \{GKA\} protocols are expected to satisfy the property of Implicit Key Authentication (IKA) which assures group members that the key generated by the protocol is not accessible to any member outside the group. In this article, we propose a technique to prove the correctness of \{GKA\} protocols with respect to IKA. We establish the soundness of our proposal and also illustrate its application. Normally İKA\} property of protocols is established by proving that the protocol satisfies authentication of participants and secrecy of the session keys. Most formal models would be able to analyze a \{GKA\} protocol with respect to IKA, using the above approach. However analysis of two security properties, namely authentication and secrecy, would increase the chances of errors. We propose a single condition for verifying whether the \{GKA\} protocol satisfies IKA.

Ross, JC, Chandran P.  2008.  Object Serialization Support for Object Oriented Java Processors. Third International Symposium on Information Technology. , Kuala Lumpur: IEEEWebsite
Ranjith, P, Chandran P, Kaleeswaran S.  2012.  On Covert Channels between Virtual Machines. Journal in Computer Virology, Springer. 8( 3):85-97.Website
Ezudheen, P, Chandran P, Chandra J, Simon BP, Ravi D.  2009.  Parallelizing SystemC Kernel for Fast Hardware Simulation on SMP Machines. ACM/IEE/SCS Twentyeighth International Conference on Principles of Advanced and Distributed Simulation, PADS 2009. :80-87., Lake Placid, New York State, USA: ACMWebsite
Singh, AK, Chandran P.  2007.  A Secure and Efficient Multi-authority Proactive Election Scheme.. Information System Security, Lecture Notes in Computer Science,pringer Berlin/Heidelberg. 4812/2007:208-218.: SpringerWebsite
Sebastian, M, Chandran P.  2011.  A Tool for Event Reconstruction using Gladyshev Approach, March 2011. Computer Forensics Track of ACM Symposium on Applied Computing (ACM SAC 2011). Website