Related papers: Designing a Global Authentication Infrastructure
Many of the benefits we derive from the Internet require trust in the authenticity of HTTPS connections. Unfortunately, the public key certification ecosystem that underwrites this trust has failed us on numerous occasions. Towards an…
The microservice bombshells that have been linked with the microservice expansion have altered the application architectures, offered agility and scalability in terms of complexity in security trade-offs. Feeble legacy-based perimeter-based…
Next generation Internet is highly concerned about the issue of reliability. Principally, the foundation of reliability is authentication of the source IP address. With the signature-and-verification based defense mechanisms available…
Future communication networks such as 5G are expected to support end-to-end delivery of services for several vertical markets with diverging requirements. Network slicing is a key construct that is used to provide end to end logical virtual…
The rapid adoption of chiplet-based heterogeneous integration is reshaping semiconductor design by enabling modular, scalable, and faster time-to-market solutions for AI and high-performance computing. However, multi-vendor assembly in…
Within a trust infrastructure, a private key is often used to digitally sign a transaction, which can be verified with an associated public key. Using PKI (Public Key Infrastructure), a trusted entity can produce a digital signature,…
We describe TrustBase, an architecture that provides certificate-based authentication as an operating system service. TrustBase enforces best practices for certificate validation for all applications and transparently enables existing…
Trust-building mechanisms among network entities of different administrative domains will gain significant importance in 6G because a future mobile network will be operated cooperatively by a variety of different stakeholders rather than by…
The Domain Name System (DNS) serves as the backbone of the Internet, primarily translating domain names to IP addresses. Over time, various enhancements have been introduced to strengthen the integrity of DNS. Among these, DNSSEC stands out…
The global interest in quantum networks stems from the security guaranteed by the laws of physics. Deploying quantum networks means facing the challenges of scaling up the physical hardware and, more importantly, of scaling up all other…
The automotive industry is undergoing a software-as-a-service transformation that enables software-defined functions and post-sale updates via cloud and vehicle-to-everything communication. Connectivity in cars introduces significant…
Distributed system architectures such as cloud computing or the emergent architectures of the Internet Of Things, present significant challenges for security and privacy. Specifically, in a complex application there is a need to securely…
Identity and trust in the modern Internet are centralized around an oligopoly of identity service providers consisting solely of major tech companies. The problem with centralizing trust has become evident in recent discoveries of mass…
Self-Sovereign Identity is a transformative paradigm in digital identity management, empowering individuals with full control over their credentials. However, the coexistence of diverse SSI ecosystems, such as the European Digital Identity…
The challenges of optimizing end-to-end performance over diverse Internet paths has driven widespread adoption of in-path optimizers, which can destructively interfere with TCP's end-to-end semantics and with each other, and are…
The challenge to establish and verify human identity over the Internet in a secure and privacy-respecting way is long-standing. In this paper, we explore the blockchain trilemma of scalability, security, and decentralization in the context…
In today's enterprise environment, traditional access methods such as Virtual Private Networks (VPNs) and application-specific Single Sign-On (SSO) often fall short when it comes to securely scaling access for a distributed and dynamic…
Designing security systems for wireless sensor networks presents a challenge due to their relatively low computational resources. This has rendered many traditional defense mechanisms based on cryptography infeasible for deployment on such…
In this paper, we introduce a duo of improvements for the Internet that would lead to better security. The authentication model on the Internet is broken and TLS connections have a considerable overhead. We try to address those issues with…
We present a method to secure the complete path between a server and the local human user at a network node. This is useful for scenarios like internet banking, electronic signatures, or online voting. Protection of input authenticity and…