Referred Publications

• Theo Dimitrakos, David Brossard, Pierre de Leusse and Srijith K. Nair, "Security of Service Networks", Handbook of Information and Communication Security, Stavroulakis, Peter; Stamp, Mark (Eds.), Springer, pp. 349--380, January 2010.
  
  
• Pierre de Leusse, Panos Periorellis, Theo Dimitrakos and Srijith K. Nair, "Self Managed Security Cell: A Security Model for the Internet of Things and Services",The First International Conference on Advances in Future Internet, AFIN 2009, 18-23 June 2009, Athens/Glyfada, Greece. pp. 47--52, IEEE Computer Society (Best Paper Award). PDF, Show Abstract
  The Internet of Things and Services is a rapidly growing concept that illustrates that the ever increasing amount of physical items of our daily life which become addressable through a network could be made more easily manageable and usable through the use of Services. This surge of exposed resources along with the level of privacy and value of the information they hold, together with the increase of their usage make for an augmentation in the number of the security threats and violation attempts that existing security systems do not appear robust enough to address. In this paper, the authors underline this increase in risk and identify the requirements for resources to be more resilient in this type of environment while keeping an important level of flexibility. In addition, the authors propose an architectural model of Self Managed Security Cell, which leverages on current knowledge in large scale security systems, information management and autonomous systems.
  
  
  
• Gian Paolo Jesi, Edoardo Mollona, Srijith K. Nair and Maarten van Steen, "Prestige-based Peer Sampling Service: Interdisciplinary Approach to Secure Gossip", 24th Annual ACM Symposium on Applied Computing, March 8-12, 2009, Honolulu, Hawaii, USA. PDF, Show Abstract
  The Peer Sampling Service (PSS) has been proposed as a mechanism to initiate and maintain the set of connections between nodes in unstructured peer to peer (P2P) networks. The PSS usually relies on gossip-style communication where participants exchange their links in a randomized way. However, the PSS network organization can be easily modified by malicious nodes running a "hub attack", in which they achieve a leading structural position. From this prestigious status, the malicious nodes can severely affect the overlay and achieve several application dependent advantages. We present a novel method to overcome this attack and provide results from simulation experiments that validate our claim. This method is inspired by a simple technique used to detect social leaders in firm's organizations that is based on the social (structural) "prestige" of actors.
  
  
  
• Mohammad T. Dashti, Srijith K. Nair and Hugo L. Jonker, "Nuovo DRM Paradiso:Designing a Secure, Verified Fair DRM Scheme", Fundamentae Informatica (FI), IOS Press, 89, pp. 1--25, 2008. PDF, IOS Press, Show Abstract
  We introduce Nuovo DRM, a digital rights management scheme aimed to be secure from both a formal and a practical point of view. The scheme is based on the recent DRM scheme of Nair et al., which we formally specify in the µcrl process algebraic language. Nair et al. state the following security requirements: effectiveness, secrecy, resistance of content masquerading and strong fairness. These security requirements are formalised and the scheme is formally checked against these requirements. The finite model-check uncovered several security weaknesses, which are addressed by Nuovo DRM. In addition to that, Nuovo DRM introduces several procedural practices to enhance the security of the scheme. A finite model of Nuovo is subsequently model-checked and shown to satisfy its design requirements, including secrecy, fairness and resistance to content masquerading.
  
  
  
• Srijith K. Nair, Gabriela Gheorghe, Bruno Crispo and Andrew S. Tanenbaum, "Enforcing DRM Policies Across Applications", 8th ACM DRM Workshop (DRM 2008), Co-located with ACM CCS 2008, pp. 87-94, October 27, 2008, Alexandria, Virginia, USA. PDF, Show Abstract
  In this paper we present Trishul-UCON (T-UCON), a DRM system based on the UCON_ABC model. T-UCON is designed to be capable of enforcing not only application-specific policies, as any existing software-based DRM solution does, but also DRM policies across applications. This is achieved by binding the DRM policy only to the content it protects with no relations to the application(s) which will use this content. Furthermore, to guarantee that the policy is continuously enforced, we designed T-UCON as a JVM-based middleware that mediates the usage requests of any Java application to the protected content. Each request is granted or denied according to the content policy. We illustrate the unique features of T-UCON by using typical examples of DRM policies such as the pay-per-use and the use only N times scenarios. Preliminary results on the overhead of our solution are also provided.
  
  
  
• Srijith K. Nair, Erik Zentveld, Bruno Crispo, Andrew S. Tanenbaum, "Floodgate: A Micropayment Incentivised P2P Content Delivery Network" - 17th IEEE International Conference on Computer Communications and Networks (ICCCN 2008), August 3 - 7, 2008, St. Thomas U.S. Virgin Islands, USA. - PDF, Show Abstract
  As the sale of digital content is moving more and more online, the content providers are beginning to realise that bandwidth infrastructures are not easily scalable. The emergence of peer-to-peer content delivery networks presents these providers with a way to overcome this limitation. However, such networks have so far been ad-hoc in nature. One of the main reason for this has been the lack of incentives for end users to contribute their bandwidth to the network. In this paper we present the design and implementation of a peer-to-peer protocol named Floodgate that provides a micropayment based incentive for peers to contribute their bandwidth. Floodgate implements an optimistic fair exchange protocol and is designed to be resilient against targeted attacks. Performance measurements, including those conducted over the PlanetLab infrastructure, show that Floodgate's security and cryptographic overheads are low when compared to the popular BitTorrent protocol. (pre-proceedings version)
  
  
  
• Srijith K. Nair, Patrick N.D. Simpson, Bruno Crispo and Andrew S. Tanenbaum, "A Virtual Machine Based Information Flow Control System for Policy Enforcement" - Electronic Notes in Theoretical Computer Science, Vol. 197, Issue 1, 21 February 2008, pp. 3-16, Proc. of the First International Workshop on Run Time Enforcement for Mobile and Distributed Systems (REM 2007), Sep 27, 2007, Dresden, Germany. (doi:10.1016/j.entcs.2007.10.010), - PDF (pre-proceeding version), Show Abstract
  The ability to enforce usage policies attached to data in a fine grained manner requires that the system be able to trace and control the flow of information within it. This paper presents the design and implementation of such an information flow control system, named Trishul, as a Java Virtual Machine. In particular we address the hard problem of tracing implicit information flow, which had not been resolved by previous run-time systems and the intricacies added on by the Java architecture. We argue that the security benefits offered by Trishul are substantial enough to counter-weigh the performance overhead of the system as shown by our experiments.
  
  
  
• Srijith K. Nair, Ron Gerrits, Bruno Crispo, Andrew S. Tanenbaum "Turning Teenagers into Stores", IEEE Computer, vol. 41, no. 2, pp. 58-62, Feb., 2008 (PDF), Show Abstract
  Paradiso is a prototype of a system that lets consumers contact content providers to buy songs and videos, and to buy optional content-resale rights. In essence, the scheme would turn customers into content distributors, provide wider reach, and free up content providers' bandwidth. However, such an architecture requires strict security precautions and interoperable digital rights management standards among player manufacturers and content providers.
  
  
  
• Srijith K. Nair, Ivan Djordjevic, Bruno Crispo, Theo Dimitrakos, "Secure Web Service Federation Management using TPM Virtualisation" - 4th ACM Workshop on Secure Web Services (SWS 2007), pp. 73-82, Nov 2, 2007, Alexandria, VA, USA. PDF Show Abstract
  Web Services and SOA provide interoperability and architectural baseline for flexible and dynamic cross-enterprise collaborations, where execution and use of the participating services contributes to the common objective. Relationships within these collaborations are complex, with services joining and leaving throughout the life cycle, or the same services being offered in several collaborations simultaneously. This provides strong requirements for federated security, where integrity and confidentiality of the collaboration must be maintained through membership control, security policy enforcement and separation of web service instance interactions in different collaborations.
  
  In this paper we propose a new Web Services (WS) framework for managing and controlling WS interactions in a federated environment, leveraging on platform virtualisation architecture and the functionalities provided by trusted secure hardware. The framework allows configuring policies that define collaboration membership, and enforce access to the collaboration per-WS instance. In addition, since the access to the configurations is restricted, it provides master-slave model where only authorised administrative entity can modify any of the above - either at the deployment or at the execution time. Some of the benefits of the proposed approach are: fine-grained external exposure of WSs, a flexible model for group membership control and revocation and hardware-enabled secure virtualised system providing functional process isolation and strong data security.
  
  
  
• Ivan Djordjevic, Srijith K. Nair, Theo Dimitrakos, "Virtualised Trusted Computing Platform for Adaptive Security Enforcement of Web Services Interactions" - IEEE 2007 International Conference on Web Services (ICWS07), pp. 615-622, July 9-13, 2007, Salt Lake City, Utah, USA - PDF, Show Abstract
  Security enforcement framework is an important aspect of any distributed system. With new requirements imposed by SOA-based business models, adaptive security enforcement on the application level becomes even more important.
  
  Our work on the enforcement framework to date has resulted in a comprehensive middleware-based solution leveraging on web services technologies. However, potential merits of hardware-based solutions to further secure application exposure have not been considered so far.
  
  This paper describes a method for combining software resource level security features offered by Web Services technologies, with the hardware-based security mechanisms offered by Trusted Computing Platform and system virtualisation approaches. In particular, we propose trust-based architecture for protecting the enforcement middleware deployed at the policy enforcement endpoints of web and grid services. The main motivation is to additionally secure execution environment of the applications, by providing virtual machine level separation that maps from logical domains imposed by web services level enforcement policies.
  
  
  
• Nair, S.,Dashti, M.,Crispo, B., and Tanenbaum, A., "A Hybrid PKI-IBC Based Ephemerizer System", 2007, in IFIP International Federation for Information Processing, Volume 232, New Approaches for Security, Privacy and Trust in Complex Environments, eds. Venter, H., Efloff, M.,Labuschagne, L., Eloff, J., von Solms, R., (Boston: Springer), pp. 241-252. - PDF, SpringerLink, Show Abstract
  The concept of an Ephemerizer system has been introduced in earlier works as a mechanism to ensure that a file deleted from the persistent storage remains unrecoverable. The principle involved storing the data in an encrypted form in the user's machine and the key to de- crypt the data in a physically separate machine. However the schemes proposed so far do not provide support for fine-grained user settings on the lifetime of the data nor support any mechanism to check the in- tegrity of the system that is using the secret data. In addition we report the presence of a vulnerability in one version of the proposed scheme that can be exploited by an attacker to nullify the ephemeral nature of the keys. We propose and discuss in detail an alternate Identity Based cryptosystem powered scheme that overcomes the identified limitations of the original system.
  
  
  
• Mohammad T. Dashti, Srijith K. Nair, Hugo L. Jonker, "Nuovo DRM Paradiso: Towards a Verified Fair DRM Scheme" - Proceedings of IPM International Symposium on Fundamentals of Software Engineering (FSEN07), pp. 33-48, April 17-19 2007, Tehran, Iran. - PDF, SpringerLink , Show Abstract
  We formally specify the recent DRM scheme of Nair et al. in the µcrl process algebraic language. The security requirements of the scheme are formalized and using them as the basis, the scheme is verifed. The verifcation shows the presence of security weaknesses in the original protocols, which are then addressed in our proposed extension to the scheme. A fnite model of the extended scheme is subsequently model checked and shown to satisfy its design requirements, including secrecy, fairness and resisting content masquerading. Our analysis was distributed over a cluster of machines, allowing us to check the whole extended scheme despite its complexity and high non-determinacy.
  
  
  
• Hugo Jonker, Srijith Krishnan Nair, Mohammad Torabi Dashti, "Nuovo DRM Paradiso: towards a verified fair DRM protocol", 1st Benelux Workshop on Information and System Security (WISSEC2006), November 8-9, 2006, Antwerpen, Belgium. - PDF File, Show Abstract
  The NPGCT DRM scheme, that proposes a unique concept of DRM-preserving content redistribution, has some security issues. These issues are addressed in this paper by an extension of NPGCT. A security mechanism that provides fairness in unsupervised exchanges is introduced, and the mechanism of detecting and revoking circumvented devices is reexamined devices. The resulting DRM scheme, Nuovo DRM, and its requirements are formally specifed. A fnite model of the scheme is subsequently model-checked and shown to satisfy its design requirements.
  
  
  
• Srijith K. Nair "Policy binding and enforcement in Java", Workshop on Run-time Software Integrity and Authenticity, September 18-19, 2006, Trento, Italy.
  
  
• Srijith K. Nair, Bruno Crispo, Andrew S. Tanenbaum, "Towards a Secure Application-semantic Aware Policy Enforcement Architecture", in Proceedings of the 14th International Workshop on Security Protocols 2006, Cambridge, UK, pages 26-31. Springer-Verlag LNCS 5087, 2009. (B. Christianson, B. Crispo, J.A. Malcolm, and M. Roe, editors) - PDF, Show Abstract
  Even though policy enforcement has been studied from different angles including notation, negotiation and enforcement, the development of an application-semantic aware enforcement architecture remains an open problem. In this paper we present and discuss the design of such an architecture.
  
  
  
• Srijith K. Nair, Bogdan C. Popescu, Chandana Gamage, Bruno Cripso, Andrew S. Tanenbaum, "Enabling DRM-preserving Digital Content Redistribution" - Proceedings of 7th International IEEE Conference on E-Commerce Technology 2005 (CEC2005), pp. 151-158 July 19-22, 2005, Munich, Germany. - PDF File, IEEE Xplorer, DBLP, Show Abstract
  Traditionally, the process of online digital content distribution has involved a limited number of centralised distributors selling protected contents and licenses authorising the use of these contents, to consumers. In this paper, we extend this model by introducing a security scheme that enables DRM preserving digital content redistribution. Essentially consumers can not only buy the rights to use digital content but also the rights to redistribute it to other consumers in a DRM controlled fashion. We examine the threats associated with such a redistribution model and explain how our scheme addresses them.
  
  
  
• Srijith K. Nair, Lillykutty Jacob, Akkihebbal L. Ananda, "TCP Vegas-A: Improving the performance of TCP Vegas", Computer Communications, vol. 28, no. 4, pp. 429-440, March 2005 - PDF File, DBLP, Show Abstract
  While it has been shown that TCP Vegas provides better performance compared to TCP Reno, studies have identified various issues associated with the protocol. We propose modifications to the congestion avoidance mechanism of the TCP Vegas to overcome these limitations. Unlike the solutions proposed in the past, our solution, named TCP Vegas-A, is neither dependent on optimising any critical parameter values nor on the buffer management scheme implemented at the routers and hence can be implemented solely at the end host. Our simulation experiments over wired as well as over geosynchronous and lower earth orbit satellite links show that TCP Vegas-A is able to overcome several of the identified problems-it can obtain a fairer share of the network bandwidth in wired and satellite scenarios, tackle rerouting issues, rectify Vegas's bias against higher bandwidth flows and prevail over fluctuating RTT conditions of a lower earth orbit satellite link. At the same time, Vegas-A is able to preserve the unique properties of Vegas that had made it a noteworthy protocol.
  
  
  
• K.N. Srijith, Lillykutty Jacob and A.L. Ananda, "TCP Vegas-A: Solving the Fairness and Rerouting Issues of TCP Vegas", - Proceedings of 22nd IEEE International Performance, Computing, and Communications Conference (IPCCC) 2003, pp. 309-316, Phoenix, Arizona, April 9 - 11, 2003. - PDF File, IEEE Xplorer, Show Abstract
  In spite of the larger performance gain such as higher throughput and almost zero packet retransmissions compared to TCP Reno, TCP Vegas still has a few obstacles for it to be deployed in the Internet. Studies have shown unfair treatment to Vegas connections when they compete with Reno connections. Other issues identified with TCP Vegas are problems of rerouting, persistent congestion, and discrepancy in flow rate tied with starting times and link bandwidth. We reinvestigate these issues rind propose modifications to the congestion avoidance mechanism of the TCP Vegas, with the slow-start and congestion recovery algorithms of Vegas remaining untouched. Unlike the solutions proposed in the recent past to deal with some of these issues, our solution it neither dependent on any critical parameter values nor on the buffer management scheme at the routers (e.g., RED). Our experiments show that the modified TCP Vegas (Vegas-A) it able to obtain a fairer share of the network bandwidth when competing with other TCP flows. We also show that Vegas-A can tackle rerouting issues and rectify Vegas's bias against higher bandwidth flows. At the same time, our experiments prove that Vegas-A preserves the properties of Vegas that have made it a noteworthy protocol.
  
  
  
• K.N. Srijith, Lillykutty Jacob and A.L. Ananda, "Worst-case Performance Limitation of TCP SACK and a Feasible Solution", - Proceedings of 8th IEEE International Conference on Communications Systems (ICCS), pp. 1157-1161, November 25-28, 2002, Singapore. - PDF File, Citeseer Index, Show Abstract
  In the present implementation of the transmission control protocol (TCP) selective acknowledgment (SACK), every SACK block needs 8 bytes to carry information about the received packets, back to the sender. Since TCP options field has a fixed length, there is a limit on the number of SACK block that can be carried by the acknowledgment packets. Under some error conditions, this limitation can force the TCP sender to retransmit packets that have already been received successfully by the receiver. This paper puts forward a proposal to modify the present SACK implementation, in order to prevent these unwanted retransmissions. We show that the proposed implementation of SACK mechanism increases the throughput of SACK enabled TCP connections.
  
  
  
• Lillykutty Jacob, K.N. Srijith, Huang Duo and A.L.Ananda, "Effectiveness of TCP SACK, TCP HACK and TCP Trunk over Satellite Links" - IEEE International Conference on Communications (ICC 2002), Vol.5, pp. 3038 - 3043, April 28 - May 2, 2002. - PDF File, Citeseer Index, Show Abstract
  This paper reports a study on the performance enhancements of two extensions to the standard TCP implementation - Selective Acknowledgement (SACK) and Header Checksum (HACK) - over satellite links that are characterized by high latency and high bit error rate. We also examine the effectiveness of TCP Trunk, an edge-to-edge aggregation and congestion control mechanism, over the satellite link. Our study on the effect of varying the TCP window size over a long latency link for New Reno, SACK, HACK and TCP Trunk implementations show that increasing window size does improve the performance, but only up to a certain value of the window size, and a further increase actually reduces the performance. Other interesting observations from our experimental study are: SACK enabled TCP Trunk across the satellite link edge routers can improve the throughput regardless of the end host TCP implementation; disabling the link layer CRC and instead implementing the HACK extension to the TCP (and of course HACK+ SACK) can improve the throughput further.
  
  
  
• Yongxiang Liu, K.N. Srijith, L. Jacob and A.L.Ananda,"TCP-CM: A Transport Protocol for TCP-friendly Transmission of Continuous Media" - Proceedings of 21st IEEE International Performance, Computing and Communications Conference (IPCCC 2002), pp. 83-91, April 3-5, 2002, Phoenix, Arizona. - PDF File, Citeseer Index, Show Abstract
  We propose a new TCP friendly transport protocol, called TCP-CM, for continuous media applications over the Internet. TCP-CM is a direct modification of TCP to support continuous media applications without compromising the congestion control feature of TCP, which is critical to the stable functioning of the Internet. We design TCP-CM API to be compatible with the BSD socket interface, which requires minimum changes for applications to adopt TCP-CM. Continuous media applications that adopt TCP-CM as the transport protocol can be relieved from burdens such as rate control and scheduling for timely delivery, and hence can focus solely on advanced coding or compression techniques for adapting the content according to the available network bandwidth. We implement the TCP-CM in Linux 2.2.15 TCP/IP protocol stack, and run extensive experiments on TCP-CM using emulated video flows. Our experiments show that TCP-CM can be used for the timely delivery of continuous media data within the constraints of the available network bandwidth and can compete with TCP connections fairly.
  
  
  
• K.N. Srijith, V. Ranjit, B.S. Ooi, Y.C. Chan, Y.L. Lam, C.H. Kam, "Fabrication and Characterisation of Bandgap Tuned Lasers In GaAs/AlGaAs Quantum Well Structures Using Pulsed Laser Irradiation", Proceeding of 4th National Symposium On Progress in Materials Research, (Best Postar Award), pp. 137-139, Singapore, 27th March 1998.
  
  
• V. Ranjit, K.N. Srijith, B.S. Ooi, Y.C. Chan, Y.L. Lam, C.H. Kam, "Characterisation of GaAs/AlGaAs Extended Cavity lasers fabricated using dielectric cap induced quantum well intermixing", Proceeding of 4th National Symposium On Progress in Materials Research, pp. 133-136, Singapore, 27th March 1998.
  
  

Theses

• "Improving the Performance of TCP Vegas and TCP SACK: Investigations and Solutions" - M.Sc. Thesis, School of Computing, National University of Singapore, 2002. - PDF
  
  

Technical Reports

• Srijith K. Nair, Patrick N.D. Simpson, Bruno Crispo and Andrew S. Tanenbaum, Trishul: A Policy Enforcement Architecture for Java Virtual Machines - Technical Report IR-CS-045, Department of Computer Science, Vrije Universiteit, May 2008. - PDF File Show Abstract
  The standard Java execution environment provides only primitive support for specifying and enforcing access control policies both at the stack and method call level as well as the higher application level. The current implementation also falls short of providing a secure execution environment for Java applications because of its inability to trace information flow within the environment. In this paper we present the design and implementation of Trishul, a modular information flow control based policy enforcement framework for the Java Virtual Machine. A flexible and powerful policy expression language to implement Trishul's policy decision engine is also presented. Performance measurements show that though the prototype implementation does incur overhead, they are within usable limits.
  
  
  
• Srijith K. Nair, "On the Security of Peer Sampling Services" - ASCI a9 report, Vrije Universiteit, 2007. - PDF File
  
  
• Srijith K. Nair, Patrick N.D. Simpson, Bruno Crispo and Andrew S. Tanenbaum, "Design and Implementation of a Virtual Machine Based Information Flow Control System" - Technical Report IR-CS-040, Department of Computer Science, Vrije Universiteit, May 2007. - PDF File
  
  
• Srijith K. Nair, Chandana Gamage, Mohammad Torabi Dasti, Bruno Crispo and Andrew S. Tanenbaum, "Countering Digital Forensics: An Identity Based Ephemerizer Cryptosystem" - Technical Report IR-CS-024, Department of Computer Science, Vrije Universiteit, September 2006. - PDF File
  
  
• H. Jonker, S. Krishnan Nair and M. Torabi Dashti, "Nuovo DRM Paradiso: Formal specification and verification of a DRM protocol" - Technical Report IR-CS-019, Department of Computer Science, Vrije Universiteit, March 2006. - PDF File

These materials (conference and journal papers) are presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All person copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

ACM Copyright Notice. Copyright © by the Association for Computing Machinery, Inc. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept, ACM Inc., fax +1 (212) 869-0481, or permissions@acm.org.

IEEE Copyright Notice: © IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.