Journal
IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS
Volume 33, Issue 1, Pages 176-191Publisher
IEEE COMPUTER SOC
DOI: 10.1109/TPDS.2021.3090330
Keywords
Software; Proposals; Encryption; Servers; Authentication; Access control; Protocols; Software updates; survivability; transparency; proprietary software
Ask authors/readers for more resources
In this study, we propose a software update framework based on a distributed infrastructure to ensure the high availability, integrity, and security of software even in the presence of cyber attacks. This framework utilizes a multi-authority attribute-based encryption scheme to avoid single-point vulnerabilities and guarantees both survivability and confidentiality of software updates.
Software update systems must guarantee high availability, integrity and security even in presence of cyber attacks. We propose the first survivable software update framework for the secure distribution of confidential updates that is based on a distributed infrastructure with no single points of failure. Previous works guarantee either survivability or confidentiality of software updates but do not ensure both properties. Our proposal is based on an original application of a multi-authority attribute-based encryption scheme in the context of decentralized access control management that avoids single-point-of-vulnerability. We describe the original framework, propose the protocols to implement it, and demonstrate its feasibility through a security and performance evaluation.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available