Services Identity and Authentication across Heterogeneous Environments and Discovery Protocols: A Solution based on Self-Certifying Names
Abstract
Service discovery systems has been used to find services automatically, in multiple applications and network environments. For each environment or application, different service discovery protocols (SDPs) may be used, often incompatible with each other. The literature describes solutions for discovery across multiple environments and/or SDPs, but the lack of mechanisms to identify and recognize discovered services prevents the integrated discovery across these distinct environments. To handle this issue, the current paper proposes a solution, based on the principle of self-certifying names, to identify and authenticate services across heterogeneous environments and discovery protocols.
Keywords:
Service Discovery, Service Identity, Heterogeneity, Interoperability, Self-Certifying Names, Decentralized Systems
References
Abreu, V., Santin, A., Viegas, E., Vicentini, C., e Silva, M. (2021). “Gestão de identidade e acesso para dispositivos IoT na smart grid”. In “Anais do XXI SBSeg” (p. 1–14).
Achir, M., Abdelli, A., e Mokdad, L. (2020). “A taxonomy of service discovery approaches in IoT”. In “Proc. of the WINCOM 2020.”
Ahmed, R., e Boutaba, R. (2011). “A survey of distributed search techniques in large scale distributed systems”. IEEE COMST, v.13, n. 2, 150–167.
Ahmed, R., Boutaba, R., Cuervo, F., Iraqi, Y., Li, T., e ... Ziembicki, J. (2005). “Service naming in large-scale and multi-domain networks”. IEEE COMST, v.7, n. 1-4, 38–54.
Almenárez, F., Marín-López, A., Campo, C., e García, C. (2004). “PTM: A pervasive trust management model for dynamic open environments”. In “PSPT 2004.”
Battaglia, F., e Lo Bello, L. (2018). “A novel JXTA-based architecture for implementing heterogenous Networks of Things”. Computer Communications, v.116, 35–62.
Benet, J. (2019). “IPFS - Content Addressed, Versioned, P2P File System (DRAFT 3).”
Bernstein, D. J. (2006). “Curve25519: New diffie-hellman speed records”. In “Proc. of PKC 2006” (Vol. 3958, p. 207–228). Springer.
Brizolara, P. L. S., e Miranda, L. C. d. (2018). “Sustentabilidade de Foto-memórias na Era Digital: Desafios e Oportunidades para a Computação”. In “SEMISH 2018.”
Cheshire, S., e Krochmal, M. (2013). “DNS-Based Service Discovery.” RFC 6763.
Cheshire, S., e Steinberg, D. H. (2005). “Zero Configuration Networking”. O’Reilly.
Del Campo, J., Pegueroles, J., e Soriano, M. (2006). “Providing security services in a multiprotocol service discovery system for ubiquitous networks”. In “ARES 2006.”
Finney, H., Donnerhacke, L., Callas, J., Thayer, R. L., e Shaw, D. (2007). “OpenPGP message format.” RFC 4880.
Flores, C., Grace, P., e Blair, G. (2011). “SeDiM: A middleware framework for interoperable service discovery in heterogeneous networks”. ACM TAAS, v.6, n. 1.
Frank, K., Suraci, V., e Mitic, J. (2008). “Personalizable service discovery in pervasive systems”. In “Proc. of ICNS 2008” (p. 182–187). doi: 10.1109/ICNS.2008.21
Jones, M., e Sakimura, N. (2015). “JSON web key (JWK) thumbprint.” RFC 7638.
Khatibi, E., e Sharifi, M. (2021). “Resource discovery mechanisms in pure unstructured peer-to-peer systems: A comprehensive survey”. Peer-to-Peer Netw Appl, v.14, n. 2.
Lardies, F., Rafael, P., Fernandes, J., Zhang, W., Hansen, K., e Kool, P. (2009). “Deploying Pervasive Web Services over a P2P Overlay”. In “WET ICE 2009” (p. 240–245).
Maziéres, D., e Kaashoek, M. F. (1998). “Escaping the evils of centralized control with self-certifying pathnames”. In “Proc. of the 8th ACM SIGOPS” (p. 118–125). ACM.
Meshkova, E., Riihijarvi, J., Petrova, M., e Mahonen, P. (2008). “A survey on resource discovery mechanisms, peer-to-peer and service discovery frameworks”. Computer Networks, v.52, n. 11, 2097–2128. doi: 10.1016/j.comnet.2008.03.006
Mohammed, F., Ali, A., Al-Ghamdi, A., Alsolami, F., Shamsuddin, S., e Eassa, F. (2020). “Cloud computing services: Taxonomy of discovery approaches and extraction solutions”. SYMMETRY-BASEL, v.12, n. 8.
Neto, A. M., Cunha, Í., e Oliveira, L. (2021). “Uma extensão de framework de análise de protocolos de composibilidade universal para acordo de chaves com autenticação baseado em identidade”. In “Anais do XXI SBSeg” (p. 141–154).
Pantazoglou, M., Tsalgatidou, A., e Athanasopoulos, G. (2006). “Discovering web services and JXTA peer-to-peer services in a unified manner”. In “ICSOC 2006” (p. 104+).
Pourghebleh, B., Hayyolalam, V., e Anvigh, A. (2020). “Service discovery in the Internet of Things: Review of current trends and research challenges”. Wireless Networks.
Raverdy, P., Issarny, V., Chibout, R., e Chapelle, A. (2006). “A Multi-Protocol Approach to Service Discovery and Access in Pervasive Environments”. In “MobiQuitous’06.”
Rivest, R. L., e Lampson, B. (1996). “SDSI - a simple distributed security infrastructure.”
Rodrigues, P., Réveillére, L., Bromberg, Y.-D., e Négru, D. (2011). “Scalable and interoperable service discovery for future internet”. In “Proc. of M-MPAC 2011.”
Siebert, J., Cao, J., Zhou, Y., Wang, M., e Raychoudhury, V. (2007). “Universal adaptor: A novel approach to supporting multi-protocol service discovery in pervasive computing”. Lecture Notes in Computer Science, v.4808 LNCS, 683–693.
Stallings, W. (2014). “Computer Security Concepts”. In “Cryptography and Network Security: Principles and Practice” (Sixth ed., p. 7–26). Pearson Education.
Sundramoorthy, V., Hartel, P., e Scholten, J. (2009). “A Taxonomy of Service Discovery Systems”. In “Context-Aware Computing and Self-Managing Systems” (p. 43–77).
TorProject. (2017). “Tor Rendezvous Specification - Version 3” (Tech. Rep.).
Wachs, M., Schanzenbach, M., e Grothoff, C. (2014a). “A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name System”. In “CANS 2014” (p. 127–142).
Wachs, M., Schanzenbach, M., e Grothoff, C. (2014b). “On the Feasibility of a Censorship Resistant Decentralized Name System”. In “FPS 2013” (p. 19–30). Springer.
Zarrin, J., Aguiar, R., e Barraca, J. (2018). “Resource discovery for distributed computing systems: A comprehensive survey”. J Parallel Distrib Comput, v.113, 127–166.
Achir, M., Abdelli, A., e Mokdad, L. (2020). “A taxonomy of service discovery approaches in IoT”. In “Proc. of the WINCOM 2020.”
Ahmed, R., e Boutaba, R. (2011). “A survey of distributed search techniques in large scale distributed systems”. IEEE COMST, v.13, n. 2, 150–167.
Ahmed, R., Boutaba, R., Cuervo, F., Iraqi, Y., Li, T., e ... Ziembicki, J. (2005). “Service naming in large-scale and multi-domain networks”. IEEE COMST, v.7, n. 1-4, 38–54.
Almenárez, F., Marín-López, A., Campo, C., e García, C. (2004). “PTM: A pervasive trust management model for dynamic open environments”. In “PSPT 2004.”
Battaglia, F., e Lo Bello, L. (2018). “A novel JXTA-based architecture for implementing heterogenous Networks of Things”. Computer Communications, v.116, 35–62.
Benet, J. (2019). “IPFS - Content Addressed, Versioned, P2P File System (DRAFT 3).”
Bernstein, D. J. (2006). “Curve25519: New diffie-hellman speed records”. In “Proc. of PKC 2006” (Vol. 3958, p. 207–228). Springer.
Brizolara, P. L. S., e Miranda, L. C. d. (2018). “Sustentabilidade de Foto-memórias na Era Digital: Desafios e Oportunidades para a Computação”. In “SEMISH 2018.”
Cheshire, S., e Krochmal, M. (2013). “DNS-Based Service Discovery.” RFC 6763.
Cheshire, S., e Steinberg, D. H. (2005). “Zero Configuration Networking”. O’Reilly.
Del Campo, J., Pegueroles, J., e Soriano, M. (2006). “Providing security services in a multiprotocol service discovery system for ubiquitous networks”. In “ARES 2006.”
Finney, H., Donnerhacke, L., Callas, J., Thayer, R. L., e Shaw, D. (2007). “OpenPGP message format.” RFC 4880.
Flores, C., Grace, P., e Blair, G. (2011). “SeDiM: A middleware framework for interoperable service discovery in heterogeneous networks”. ACM TAAS, v.6, n. 1.
Frank, K., Suraci, V., e Mitic, J. (2008). “Personalizable service discovery in pervasive systems”. In “Proc. of ICNS 2008” (p. 182–187). doi: 10.1109/ICNS.2008.21
Jones, M., e Sakimura, N. (2015). “JSON web key (JWK) thumbprint.” RFC 7638.
Khatibi, E., e Sharifi, M. (2021). “Resource discovery mechanisms in pure unstructured peer-to-peer systems: A comprehensive survey”. Peer-to-Peer Netw Appl, v.14, n. 2.
Lardies, F., Rafael, P., Fernandes, J., Zhang, W., Hansen, K., e Kool, P. (2009). “Deploying Pervasive Web Services over a P2P Overlay”. In “WET ICE 2009” (p. 240–245).
Maziéres, D., e Kaashoek, M. F. (1998). “Escaping the evils of centralized control with self-certifying pathnames”. In “Proc. of the 8th ACM SIGOPS” (p. 118–125). ACM.
Meshkova, E., Riihijarvi, J., Petrova, M., e Mahonen, P. (2008). “A survey on resource discovery mechanisms, peer-to-peer and service discovery frameworks”. Computer Networks, v.52, n. 11, 2097–2128. doi: 10.1016/j.comnet.2008.03.006
Mohammed, F., Ali, A., Al-Ghamdi, A., Alsolami, F., Shamsuddin, S., e Eassa, F. (2020). “Cloud computing services: Taxonomy of discovery approaches and extraction solutions”. SYMMETRY-BASEL, v.12, n. 8.
Neto, A. M., Cunha, Í., e Oliveira, L. (2021). “Uma extensão de framework de análise de protocolos de composibilidade universal para acordo de chaves com autenticação baseado em identidade”. In “Anais do XXI SBSeg” (p. 141–154).
Pantazoglou, M., Tsalgatidou, A., e Athanasopoulos, G. (2006). “Discovering web services and JXTA peer-to-peer services in a unified manner”. In “ICSOC 2006” (p. 104+).
Pourghebleh, B., Hayyolalam, V., e Anvigh, A. (2020). “Service discovery in the Internet of Things: Review of current trends and research challenges”. Wireless Networks.
Raverdy, P., Issarny, V., Chibout, R., e Chapelle, A. (2006). “A Multi-Protocol Approach to Service Discovery and Access in Pervasive Environments”. In “MobiQuitous’06.”
Rivest, R. L., e Lampson, B. (1996). “SDSI - a simple distributed security infrastructure.”
Rodrigues, P., Réveillére, L., Bromberg, Y.-D., e Négru, D. (2011). “Scalable and interoperable service discovery for future internet”. In “Proc. of M-MPAC 2011.”
Siebert, J., Cao, J., Zhou, Y., Wang, M., e Raychoudhury, V. (2007). “Universal adaptor: A novel approach to supporting multi-protocol service discovery in pervasive computing”. Lecture Notes in Computer Science, v.4808 LNCS, 683–693.
Stallings, W. (2014). “Computer Security Concepts”. In “Cryptography and Network Security: Principles and Practice” (Sixth ed., p. 7–26). Pearson Education.
Sundramoorthy, V., Hartel, P., e Scholten, J. (2009). “A Taxonomy of Service Discovery Systems”. In “Context-Aware Computing and Self-Managing Systems” (p. 43–77).
TorProject. (2017). “Tor Rendezvous Specification - Version 3” (Tech. Rep.).
Wachs, M., Schanzenbach, M., e Grothoff, C. (2014a). “A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name System”. In “CANS 2014” (p. 127–142).
Wachs, M., Schanzenbach, M., e Grothoff, C. (2014b). “On the Feasibility of a Censorship Resistant Decentralized Name System”. In “FPS 2013” (p. 19–30). Springer.
Zarrin, J., Aguiar, R., e Barraca, J. (2018). “Resource discovery for distributed computing systems: A comprehensive survey”. J Parallel Distrib Comput, v.113, 127–166.
Published
2022-09-12
How to Cite
BRIZOLARA, Paulo L. S.; DE MIRANDA, Leonardo Cunha.
Services Identity and Authentication across Heterogeneous Environments and Discovery Protocols: A Solution based on Self-Certifying Names. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 22. , 2022, Santa Maria.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 167-180.
DOI: https://doi.org/10.5753/sbseg.2022.223888.
