Visible to the public Biblio

Filters: Author is Di Pietro, Roberto  [Clear All Filters]
2020-01-21
Caprolu, Maurantonio, Di Pietro, Roberto, Lombardi, Flavio, Raponi, Simone.  2019.  Edge Computing Perspectives: Architectures, Technologies, and Open Security Issues. 2019 IEEE International Conference on Edge Computing (EDGE). :116–123.

Edge and Fog Computing will be increasingly pervasive in the years to come due to the benefits they bring in many specific use-case scenarios over traditional Cloud Computing. Nevertheless, the security concerns Fog and Edge Computing bring in have not been fully considered and addressed so far, especially when considering the underlying technologies (e.g. virtualization) instrumental to reap the benefits of the adoption of the Edge paradigm. In particular, these virtualization technologies (i.e. Containers, Real Time Operating Systems, and Unikernels), are far from being adequately resilient and secure. Aiming at shedding some light on current technology limitations, and providing hints on future research security issues and technology development, in this paper we introduce the main technologies supporting the Edge paradigm, survey existing issues, introduce relevant scenarios, and discusses benefits and caveats of the different existing solutions in the above introduced scenarios. Finally, we provide a discussion on the current security issues in the introduced context, and strive to outline future research directions in both security and technology development in a number of Edge/Fog scenarios.

2019-04-01
Di Pietro, Roberto, Salleras, Xavier, Signorini, Matteo, Waisbard, Erez.  2018.  A Blockchain-based Trust System for the Internet of Things. Proceedings of the 23Nd ACM on Symposium on Access Control Models and Technologies. :77–83.

One of the biggest challenges for the Internet of Things (IoT) is to bridge the currently fragmented trust domains. The traditional PKI model relies on a common root of trust and does not fit well with the heterogeneous IoT ecosystem where constrained devices belong to independent administrative domains. In this work we describe a distributed trust model for the IoT that leverages the existing trust domains and bridges them to create end-to-end trust between IoT devices without relying on any common root of trust. Furthermore we define a new cryptographic primitive, denoted as obligation chain designed as a credit-based Blockchain with a built-in reputation mechanism. Its innovative design enables a wide range of use cases and business models that are simply not possible with current Blockchain-based solutions while not experiencing traditional blockchain delays. We provide a security analysis for both the obligation chain and the overall architecture and provide experimental tests that show its viability and quality.