TY - GEN
T1 - CoLLIDE: CLoud Latency-based IDEntification
AU - Daza, Vanesa
AU - Pietro, Roberto Di
AU - Lombardi, Flavio
AU - Signorini, Matteo
N1 - Generated from Scopus record by KAUST IRTS on 2023-09-20
PY - 2017/1/1
Y1 - 2017/1/1
N2 - As services steadily migrate to the Cloud, the availability of an overarching identity framework has become a stringent need. Moreover, such an identity framework is now critical in the Internet of Things. To address this problem, identification solutions have been proposed in the past leveraging software or hardware properties of devices. While those solutions proved feasible, their root of trust was based either within the device or in a remote server. In this paper, we overcome the above paradigm and star investigating novel perspectives offered by an overarching identity framework that is not based on client/server properties, but on the network latency of their communications. The core idea behind our approach is to leverage cloud client/server interactions' latency patterns over the network to derive unique and unpredictable identity factors. Such factors can be used to design and implement effective identification schemes especially suitable for cloud-based services. To the best of our knowledge, our approach is the first one ensuring unclonability and unpredictability properties, relying on neither trusted computing bases (TCBs) nor on classical pseudo-random number generators (PRNGs). The experimental tests presented in this paper, conducted on worst case conditions, show that the network latency (generated between two interacting devices) can produce random values with properties close to the ones generated by most of the well-known PRNGs, that are an ideal fit for providing unique identifiers. Peer-review under responsibility of the Conference Program Chairs.
AB - As services steadily migrate to the Cloud, the availability of an overarching identity framework has become a stringent need. Moreover, such an identity framework is now critical in the Internet of Things. To address this problem, identification solutions have been proposed in the past leveraging software or hardware properties of devices. While those solutions proved feasible, their root of trust was based either within the device or in a remote server. In this paper, we overcome the above paradigm and star investigating novel perspectives offered by an overarching identity framework that is not based on client/server properties, but on the network latency of their communications. The core idea behind our approach is to leverage cloud client/server interactions' latency patterns over the network to derive unique and unpredictable identity factors. Such factors can be used to design and implement effective identification schemes especially suitable for cloud-based services. To the best of our knowledge, our approach is the first one ensuring unclonability and unpredictability properties, relying on neither trusted computing bases (TCBs) nor on classical pseudo-random number generators (PRNGs). The experimental tests presented in this paper, conducted on worst case conditions, show that the network latency (generated between two interacting devices) can produce random values with properties close to the ones generated by most of the well-known PRNGs, that are an ideal fit for providing unique identifiers. Peer-review under responsibility of the Conference Program Chairs.
UR - https://linkinghub.elsevier.com/retrieve/pii/S1877050917317040
UR - http://www.scopus.com/inward/record.url?scp=85033482439&partnerID=8YFLogxK
U2 - 10.1016/j.procs.2017.08.295
DO - 10.1016/j.procs.2017.08.295
M3 - Conference contribution
SP - 81
EP - 88
BT - Procedia Computer Science
PB - Elsevier B.V.
ER -