A new system increases network communication security and anonymity
- Date:
- May 25, 2011
- Source:
- Facultad de Informática de la Universidad Politécnica de Madrid
- Summary:
- Researchers have developed an anonymous system with automatic routing management. The system sets up a data transmission communication environment whose users are unidentifiable. This safeguards user privacy, as well as improving information exchange security, making both data sending and receiving more effective. To do this, it uses multipoint software based on client-server applications.
- Share:
Carlos Caselles Jiménez, a researcher at the Universidad Politécnica de Madrid's Facultad de Informática, has developed an anonymous system with automatic routing management under the supervision of Dr. Luis Mengual Galán.
The system sets up a data transmission communication environment whose users are unidentifiable. This safeguards user privacy, as well as improving information exchange security, making both data sending and receiving more effective. To do this, it uses multipoint software based on client-server applications.
The aim of the project was to develop a secure and efficient communications system that is easily deployed on any organizational network and is able to control all established connections, providing an effective and efficient service with sustained security performance.
A Java code based application
This application was developed in Java using the Eclipse multi-platform open source integrated development environment for the Microsoft Windows family of operating systems, although it can be made compatible with Unix systems.
The application includes OpenSSL-inspired security mechanisms. OpenSSL is a freeware or open source software project that supplies information encryption functions. OpenSSL consists of an administration toolkit and a set of libraries. This is all related to cryptography, the discipline behind information encryption.
These tools can implement SSL/TLS security protocols, such as the HTTPS protocol, which gives web browsers secure access to web sites requiring the transfer of personal data. This protocol also enables the creation of digital certificates signed by a certifying authority.
This way, the confidentiality of the data to be transferred is assured, the participating users are identified to prevent deception, and the security of all the parties in the event of attacks by third parties is guaranteed.
Depending on needs, different information transport protocols have been established, using UDP sockets if the priority is message flow and rapid operations management or TCP sockets if resources have to be reserved to provide an on-line service.
To further increase information flow security, the system has a built-in network control mechanism employing an algorithm that calculates optimal routes.
A visionary security project
This project has managed to set up a secure communication channel developed by an anonymous system including security mechanisms that use authentication and encryption techniques to protect all the data that are transported over the network from different organizations.
To increase the information transmission security, TCP/SSL network access will be confined to machines that have valid digital certificates. Additionally, UDP datagram encryption using the Blowfish symmetric algorithm enables the organizations participating in the communication to encrypt and decrypt a shared session key, making the system more secure.
Another strength of the system, product of a final-year project, is its data traffic management performance. Its success in this field is thanks to a routing algorithm that calculates the most efficient routes depending on environment conditions. The algorithm distributes and updates routes over time, enabling a considerable extension of the network without having to worry about the number of connected machines lowering system performance.
Finally, this project leaves the door open to further research into improving secure data transmission in delocalized corporate networks; using confidential and authenticated web services; modelling high-level computational tasks in neural networks and mathematical problems; creating an agent participating in secure communication; developing a user interface to select network use preferences; optimizing the routing algorithm for use on an internet or building the anonymous system with automatic route management into a quantum key distribution system (QKD).
Story Source:
Materials provided by Facultad de Informática de la Universidad Politécnica de Madrid. Note: Content may be edited for style and length.
Cite This Page: