Available online at www.sciencedirect.com

CrossMark

ScienceDirect

Procedía

ELSEVIER

Procedía Computer Science 109C (2017) 710-717

Computer Science

www.elsevier.com/locate/procedia

The 8th International Conference on Ambient Systems, Networks and Technologies

(ANT 2017)

Performance Evaluation of Virtual Identity Approaches for Anonymous Communication in Distributed Environments

Ibrahim Gomaaa,b*,Adel M.Said b, Emad Abd-Elrahmanb, Alaa Hamdya, Elsayed M.Saada

Today's enterprises core concept of security is the Identity (ID). When it comes to mapping identity in order to gain access to a specific service or digital account, cloud technology offers the most robust, cost-effective, easy-to-use solutions available. In this paper, the Virtual Identity (VID) concept is not only used to improve the user privacy and security on the network and service platforms but also, the VID performance is evaluated by implementing a mathematical model based on Baskett Chandy Muntz-Palacios (BCMP) model. Moreover, a simulation-based evaluation using OPNET Modeler is conducted to compare the simulation results against the analytical model based BCMP queuing analysis. Finally, the comparative study of our proposed models and the related work proves that our proposed models are suitable for anonymous communication in distributed virtual environments.

1877-0509 © 2017 The Authors. Published by Elsevier B.V. Peer-review under responsibility of the Conference Program Chairs.

Keywords: Virtual Identity ; Anonymous Communication; Virtual Environments; BCMP theory; IBE; PBE

1. Introduction

Today, keeping one identity for all services is not secure at all; different identities are also a headache for all users. Therefore, the easier way is to keep one main identity and let the trusted network managed or mapped this identity to virtual ones based on the requested service. Moreover, as cloud computing is transforming everything to be virtualized, the identity also will be virtualized in order to keep the user's privacy. In our previous works1,2, two

* Ibrahim Gomaa. Tel.: +2-010-011-25368; fax: +2-022-263-6802.

E-mail address: igomaa@nti.sci.eg

a Faculty of Engineering, Helwan University, Cairo, Egypt. National Telecommunication Institute, 5-MahmoudEl-miligy st., 6th district, Nasr City, Cairo, 11768, Egypt.

Abstract

1877-0509 © 2017 The Authors. Published by Elsevier B.V. Peer-review under responsibility of the Conference Program Chairs. 10.1016/j.procs.2017.05.382

novel approaches are proposed for generating virtual identities using Identity Based Cryptography (IBC); the Identity Based Encryption (IBE) and Pseudo Based Encryption (PBE).

Another consideration, particularly regarding securing the services introduced by the cloud providers, is the implementation of out of band and strong authentication mechanisms. Particularly, when sensitive data stored in the cloud, it needs out of band authentication such as a One-Time Password (OTP) to authenticate the user before getting access. Therefore, users should be challenged to authenticate themselves with more than a user ID and password 3-5. One of the most suitable solutions used to authenticate SaaS applications is IAM (Identity and Access Management) which is used to create, terminate and manage user accounts.

In the previous works1-2, the IBE and PBE are introduced as two approaches for generating virtual identities by collaboration with the Private Key Generator (PKG). The PKG is the security server entity that is used in generating the IDs that will be used in cloud service access based on the type of service required by the user. It is added as management point for users' login to the service providers. In this framework, each user has one main identity that mapped to virtual ones based on the requested service. Therefore, the user sends to the PKG his/her identity (e.g., user@homeoperator.com) and the requested service name. Then, the PKG creates and uses VID to generate the user's public and private keys as detailed in the previous work1. Accordingly, the shared secret key is generated by the service provider to encrypt the communication in the future.

In this paper, the performance is evaluated for VID framework by modeling the previously proposed two approaches based on IBE & PBE. Moreover, a simulation-based evaluation using OPNET Modeler is conducted to compare these results against the BCMP queuing analysis as analytical results. The rest of this paper is organized as follows. In section 2, the previous work related to this paper is reviewed. In section 3, the modeling concept for IBE and PBE is described. In section 4, an analytical model is implemented. In section 5, performance evaluation using OPNET Modeler is introduced. Therefore, simulation results and analysis are introduced and discussed. Finally, in section 6, the conclusion is given.

2. Related Work

Various techniques have been proposed to protect the data contents privacy via access control. To the best of our knowledge, the most of the anonymous communication protocols are largely depending on Identity-Based Encryption (IBE), Pseudonym Based Encryption (PBE)1-2, mixnet protocols6 and DC-net protocols7. Mixnet protocols8-10 provide anonymous communication path that created by a "mix" of servers. It depends on background traffic statistical properties; therefore mixnet protocols can't provide provable anonymity. The DC-net protocols11-12 solve the problem of provable anonymity and provide perfect sender anonymity. However, they work based on secure multiparty computation procedures, they suffer from the transmission collision problem13.

Authors in14 proposed source anonymous message authentication approach based on the Modified El-Gamal signature (MES) scheme, which is secure against no-message and adaptive chosen message attacks15.

Work in16 provided only sender anonymity for anonymous web browsing and multicast services. However, the author in17 introduced the k-anonymous communication protocol that can provide anonymity for both sender and receiver. The new idea proposed in18 is to hide senders and receivers messages. In addition, it tries to solve the difficulty of key distribution and communication overhead of k-anonymous communication protocol. Authors in19 introduced a new approach based on ring signature.

The work in20 proposed Fuzzy Identity-Based Encryption (FIBE), which considered Attribute-Based Encryption (ABE) scheme as a set of descriptive attributes. In the same work, ABE general schemes are presented such as Key Policy Attribute-Based Encryption (KP-ABE)21 and Cipher-text-Policy Attribute-Based Encryption (CP-ABE)22. Authors in23 proposed two approaches, AnonyControl and AnonyControl-F to prevent user's identity disclosure and allow cloud servers to control and secure users' access.

Work in24 defines VID as a partial identity, in which, the identity is known as pseudonyms generated based on a subset of all user attributes. The EU project Daidalos25 proposed virtual identity model, in which, the user identity is partitioned on the network layer as well as the application layer. There is specific IP address within a separated network stack assigned to each virtual identity26. Network anonymization techniques are proposed by authors in27 to provide the network layer unlinkability. From the security and privacy perspectives, VID concept is considered in

MIP framework28. However, in this work, the proposed algorithms for VID will be evaluated and compared against literature models.

Finally, many works29-31 proposed traffic models in virtual identity, which are also known as workload models. These models described the load exposed to the system. The work by Barisch31 is the most closest one to our work in that he tried to introduce an analytical model to evaluate the overhead caused by virtual identity concept on the network infrastructure using BCMP theorem32. Table 1 shows the detailed comparison with Barisch.

Table 1. IBE, PBE models versus Barisch's model.

IBE Model PBE Model Barisch's model31

Idea Based on Identity Based Based on Pseudonym Based Cryptographic (IBC)33 Encryption (PBE)34 Follows Vid concept proposed by EU project DIADALOS25

VID Creation Creation is mainly used PKC (Public Key Cryptography) for encryption and digital signature. Therefore, VID created using Elliptic Curve Cryptography (ECC) by collaboration with PKG. VID provided by Identity Provider based on a contract. Therefore, virtual identities have not created. There is selection strategy for VID.

Max No of VID that user should have Governed by the ability of PKG to handle all user requests. Governed by two conflicting factors: Privacy and Cost.

Authentication process PKG achieved and validated the authentication process of each VID. The authentication process explained in details at the previous works. Each VID has a separate authentication process achieved by a set of protocols like EAP, RADIUS, 802.1x and federated identity management infrastructure.

Link-ability between VID and demand service VID is independent on the requested services and active session. VID linked to active service session. The requested VID may be used. Therefore, it will not be activated.

VID concept Overhead Governed by the load on PKG Governed by the load on both PKG and user. However, the user is in charge in the operation Governed by three metrics: VID Activation Rate (AR) Authentication Load (Aauth) Mean number of active VIDs (E[Nact])

The VID concept overhead is the same as if the number of VIDs multiplies by the number of users.

Processing Capacity at authentication 50 ms for one user 45 ms for one user Not considered, it is assumed that the processing capacity does not limit the performance.

3. Modelling Concept for IBE and PBE

We introduced in1-2 two secure mechanisms for creating a VID, the first one is IBE and the second is PBE using ECC. However, the ECC introduces equal or more security strength compared to other cryptography approaches35. Therefore, ECC was chosen in the design of the previously proposed solutions. Multi-precision Integer and Rational Arithmetic C/C++ (MIRACL) library36 was used during the evaluation phase of our solution's implementation to observe the processing time for all used functions and executed entities. The processing times for IBE and PBE as captured during our validation will appear later on the workflow of both for each message as shown in Figs 1 and 2.

In order to evaluate the speed of the cryptographic operations, the IBE is provided with "MIRACL library", the communications between entities is modified and implemented. The elliptic curve (y2=x3-3x+bmod p) is used where (p) is a 256-bits prime number and (b) is determined through a function in MIRACL that can calculate the number of the points in a finite field which should be a prime number. The communication workflow details among the system entities are presented in Fig. 1 for IBE and Fig. 2 for PBE.

4. Analytical Model

This section presents the modelling of the security functions for the proposed solutions. The entities are represented by servers to calculate the time taken to implement the IBE & PBE communication process proposed according to the signaling workflow in Fig. 1 and Fig. 2. For this goal, the BCMP network queuing technique is used. It is helpful for modeling protocol interactions and servers behavior. The BCMP queues network may be closed, open or mixed for every type of the selected scheduling disciplines. In this model, a mixed queuing network

is used, which consists of N (N > 1) service providers. The model can give a good approximation of complex protocol interactions, which is considered as a compromise between complicated solutions and precision.

Fig. 1. IBE Model messages workflow 4.1. IBE Communication Process

Fig. 2. PBE Model messages workflow

Figure 3, shows a queuing representation model of the security servers according to the proposed signaling flow in Figure 1. There are three servers/stations (U (user), PKG (private key generator), and SP (service provider)). The system state is defined as the number of each class of customers in each service provider. The state S of the

system is given by (sl7s2,.. .,SN) where s; = (n;i,ni2,...,niq) denotes the state of each service provider (i) and

(niq) is the number of users of class (q) in service provider (i). From the BCMP theorem29, the probability distribution state in a BCMP network has the following form:

P(s) = cd(s) gi(yi) g2(y2)...gi(y0 (1)

Where c is a normalizing constant chosen to make the equilibrium state probabilities sum to 1, d(S) is a function of the number of customers in the system, and each gj is a function that depends on the type of service provider i.

g(Yi) =

e — n-^7 q-1 ntJ-

ni!n-—

i! 11 n q

e q n——

Service Providers of type 1 Service Providers of types 2 & 4

Service Providers of type 3

i.q i. q

i.q i. q

Where n; is the number of messages at server i, flt is the service rate at server i of the message class q, and At is the arrival rate at server i of the message class q.

The servers of the model are assumed to be of the processor shared type and the distribution of the arrival rate of messages is Poisson. There are six messages in the signalling flow, and they are supposed to be of the same class for simplicity (i.e. p — p ). According to that, equation (1) can be simplified to be29,

Pi ) = (1- Pi )pn' (3) Where p = 2 A (4)

For a stable system, the condition (p < / ) must be conformed for each server i. In addition, the packet loss

probability of each message is small, therefore it can be ignored.

From Fig. 4, the utilization of each server can be calculated as follows:

Pu = Ku (— + —) (5) PpKG = \PKG (— + —) (6) Psp = k ASP (— + —) ^

Mi M3 №5 M4 Me

Where k is the number of requested services.

Assuming the system is stable, the average arrival rate of messages ^ for each server i is different and is calculated according to the messages flow in each server queue, which is decomposed into two parts:

• Messages coming from outside with the arrival rate , where pQi is the probability that a client message arrives the system at server i.

• Messages from server j with the arrival rate ^ for all servers j = 1,2,.. .M. where pt is the probability that a customer completes his service at server i and goes to server j.

So, the average arrival rate for each server i can be calculated. However ^ = e and ei is the rate of visiting server i to the average number of messages of that server. So, "(8)" can be written as follows:

5 M 2 (8) + M (9)

A = 50i + ^ 5jPji ei = Poi + ^ ejP ji

Based on "(9)", a system of equations can be deduced that satisfies the visit rate for e ach server i. As in Figs 3 and 4, the model considers the average of messages type in the different servers. It does not respect the time sequence of each procedure. It is however very sufficient and does not affect the evaluation of the overall performance.

According to Fig. 4, the distributions of messages for each server (U, PKG, and SP) can be represented by the following equations assuming one service for each user is requested at the SP.

e = 1 e (10) e = 1 e +1 e (11) e = 1 e + e (12) ^ 3 2 + 2 2 2

Solving the above equations produces the arrival rate for each server:

\j = ^PKG = ^SP (13) E(n.) = "V n p (n )--p— (14)

' ' ' ' 1 -Pi

Where i stands for the servers/stations (U, PKG, and SP).

From "(3)", the mean queue size corresponding to the average number of clients waiting on servers is calculated as in (14).

Using the Little's Law32, the service processing time at each server i is as follows:

T = E (n) = 1___(15)

' ¿-i (1 - Pi Mi

In order to calculate the total processing time D of the service implementation in the IBE workflow (in the Model), the following values are assumed which are: service processing time at each server (U, PKG, and SP) and waiting time at each server's queue.

Assuming there is no queuing in the U and the transmission time is ignored, its waiting time is approximated to zero, and then the final form of "(15)" is: d = T = T = T (16)

v / u -1 pkg -1 sp v 7

Fig. 3. IBE Queuing Model

Fig. 5. Queuing Model of the PBE Communication Process 4.2. PBE Communication Process

Fig. 4. Arrival rate for each server for the IBE scenario

Fig 6. Arrival rate for each server for the PBE scenario

As in Fig. 5 and Fig. 6, the PBE queuing model and arrival rate for each server are designed. Therefore, the utilization of each server can be calculated as follows:

, , 1 nk

Pu = Ku (- + -)

(17) Ppkg = k

(18) Psp = ^ (— + —) (19)

Where k is the number of requested services.

Assuming the system is stable, the average arrival rate of messages Xi for each server i is different and is calculated according to the messages flow in each server queue. So, the average arrivals rate for each server i can be calculated and the rate of visiting server i to the average number of passages of that server as in "(8)" and "(9)" consequently.

Based on "(9)" and according to the model of arrival rate for each server for the PBE scenario (Figs 5-6), the distributions of messages for each server (U, PKG, and SP) can be represented by the following equations assuming one service for each user is requested at the SP:

e, = — e +— e

e = — e, +— e

e, = — e, +--e,,

Solving the above equations produces the arrival rate for each server as in equation (23). The mean queue size corresponding to the average number of clients waiting on servers is calculated as in "(14)". Assuming there is no queuing in the U and the transmission time is ignored, its waiting time is approximated to zero, and then the final form of "(15)" for this scenario is (24).

_ 2 _ 1 AU _ 3 ^PKG _ 2

D Tu + TpKa + TSp

5. Performance Evaluation using OPNET Modeler

Optimized Network Performance (OPNET) Modeler is a discrete event simulation tool. It provides a comprehensive development environment supporting the modeling and simulation of communication networks.

Two different scenarios for IBE and PBE are implemented using OPNET Modeler (single and multiple services). For each protocol, the application response time is measured in the two cases; single and multiple services. Finally, the results obtained are compared against the analytical model and this performance evaluation is concluded.

5.1. Simulation Results and Analysis

Four different scenarios are implemented (IBE and PBE with single and Multiple services for each one). In all scenarios, the application response time which introduced by the overall delay in terms of the number of users is measured. The application response time is described as the time taken for all the tasks in order to the custom application to be completed. Moreover, the overall delay is evaluated over all networks. Therefore, Cloud-based evaluation can be measured by increasing the number of users as it is logic for cloud service providers as we tested before in our previous works1-2 up to 50000 users when creating VjD using MIRACL.

5.2. Analytical versus simulation results

Fig. 7 for IBE model proves that the analytical and simulation models results are closed to each other. Therefore, the modelling concepts are validated for IBE model. As clear for cloud or distributed environments, the scenario of multiple services is more realistic than single service; however, the number of users is different in the two scenarios according to the tested environments.

Fig. 8 for PBE model proves the results of the two models are closed to each other. Moreover, it is noted that the number of users with single service for PBE model is greater than that for IBE model. However, the number of users with multiple services for PBE model is less than the same case for IBE because the user in PBE model is in charge of the process not only the PKG.

Fig. 7. IBE Model for Single/Multiple Services

Fig. 8. PBE Model for Single/Multiple Services

6. Conclusion

In this paper, performance evaluation of virtual identity concept is introduced and quantified. A mathematical model is implemented based on BCMP theory and simulation-model is designed using OPNET Modeler to calculate the delay of using single/multiple services with different virtual identities. The results of the two scenarios (analytical and simulation) are closed to each other which prove that our proposed model concepts are applicable. Finally, the comparative study between IBE & PBE with Barisch's model proved that IBE & PBE are suitable for cloud-based applications. For future directions, some more evaluations would have been interesting such as the CPU or memory used for each mechanism in terms of the number of users. Moreover, we will evaluate many distributions of the arrival rate of messages to highlight the suitable one.

References

1. Gomaa, I.; Abd-Elrahman, E.: A Novel Virtual Identity Implementation for Anonymous Communication in Cloud Environments. Proc. 6th Int. Conf. on Emerging Ubiquitous Systems and Pervasive Networks, EUSPN2015. pp.32-39.

2. Gomaa, I.; Abd-Elrahman, E.; Abid, M.: Virtual Identity Approaches Evaluation for Anonymous Communication in Cloud Environments. (IJACSA) Int. J. of Advanced Computer Science and Applications, 2016.Vol. 7, pp. 367-376.

3. Kahani, N.; Elgazzar, K; Cordy, J. R.: Authentication and Access Control in e-Health Systems in the Cloud. 2016 IEEE 2nd Int. Conf. on Big Data Security on Cloud, IEEE Int. Conf. on High Performance and Smart Computing, IEEE International Conf. on Intelligent Data and Security,2016. pp. 13 - 23.

4. National Institute of Standards and Technology (NIST), Computer Security Division, Information Technology Laboratory, July (2013)

5. Hudson, S.; Grady, J.: Eliminating Authentication Silos and Password Fatigue with Federated Identity and Access Management. Adapted from Worldwide Identity and Access Management 2012 - 2016 Forecast: Growth Driven by Security, Cloud and Compliance, IDC #238553, 2016.

6. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, Vol. 24, 1981, pp. 84-88.

7. Chaum, D.: The dinning cryptographer problem: Unconditional sender and recipient untraceability. Int. J. of Cryptology, 1988. Vol. 1, pp. 65-75.

8. Danezis, G.; Dingledine, R.: Mathewson, N. Mixminion: design of a type III anonymous remailer protocol. IEEE Symposium on Security and Privacy, 2003.pp. 2-15.

9. Reed, M.; Syverson, D.; Goldschlag: Anonymous connections and onion routing. IEEE J. on Selected Areas in Communications, 1998.Vol. 16, pp. 482-494.

10. Reiter, M.; Rubin, A.; Crowds: anonymity for web transaction. ACM Transactions on Information and System Security, 1998.Vol. 1, pp. 6692.

11. VonAhn, L.; Bortz, A.; Hopper, N.: k-Anonymous message transmission. Proc. of CCS, 2003. pp. 122-130.

12. Moller, B.: Provably secure public-key encryption for length-preserving Chaumian mixes. Proc. of CT-RSA, 2003.pp. 244-262.

13. Golle, P.; Juels, A.: Dining cryptographers revisited. Advances in Cryptology - Eurocrypt, 2004. Vol. 3027, pp. 456-473.

14. Ren, J.; Li, Y.; Li, T.: Anonymous communication in overlay networks. Security and Communication Networks, 2016.Vol. 9, pp.229-240.

15. Pointcheval, D.; Stern, J.: Security proofs for signature schemes. Advances in Cryptology - EUROCRYPT1996. Lecture Notes in Computer Science, 1996.Vol.1070, pp. 387-398.

16. Shields, C.; Levine, BN.: A protocol for anonymous communication over the Internet. Proc. of the 7th ACM Conf. on Computer and Communication Security, 2000.pp. 33-42.

17. Wang, P.; Ning, P.; Reeves DS.: A k-anonymous communication protocol for overlay networks. ASIACCS-07 Proc. of the 2nd ACM symposium on Information, computer and communications security, 2007.pp. 45-56.

18. Beimel, A.; Dolev, S.: Buses for anonymous message delivery. J. of Cryptology, 2003.Vol. 16, pp. 25-39.

19. Rivest, R.; Shamir, A.; Tauman, Y.: How to leak a secret. Advances in Cryptology-ASIACRYPT. Lecture Notes in Computer Science, 2001.Vol. 2248, pp. 552-565.

20. Sahai, A.; Waters, B.: Fuzzy identity-based encryption. Advances in Cryptology, 2005.pp. 457-473.

21. Goyal, V.; Pandey, O.; Sahai, A.; Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. Proc. 13th ACM Conf. on Computer and communications security, New York, 2006. pp. 89-98.

22. Bethencourt, J.; Sahai, A.; Waters, B.: Ciphertext-policy attribute based encryption. Proc. IEEE SP, 2007. pp. 321-334.

23. Jung, T.; Li, X.; Wan, Z; Wan, M.: Control Cloud Data Access Privilege and Anonymity With Fully Anonymous Attribute-Based Encryption. IEEE transaction on information forensics and security, 2015. VOL. 10, pp. 190-199.

24. Ptzmann, A.; Hansen M.: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management. A Consolidated Proposal for Terminology, version 0.31, (2008)

25. Sarma, A.; et al,: Virtual Identity Framework for Telecom Infrastructures. Wireless Personal Communications, June, (2008).Vol. 45, pp. 521543.

26. Matos, A.; Girao, J.; Sargento, S.; Aguiar R. L.: Preserving Privacy in Mobile Environments with Virtual Network stacks. 50th Annual IEEE Global Telecommunications Conf., 2007. pp. 1971-1976.

27. ClauB, S.; Kesdogan, D.; Kolsch T.: Privacy Enhancing Identity Management: Protection against Re-identification and Profiling. DIM '05: Proceedings of the 2005 workshop on Digital identity management, pp. 84-93, (2005)

28. Hauser, C. : Protecting Virtual Identities in MobileIP-based Communication. PhD thesis, Stuttgart University, Institut fur Kommunikationsnetze undRechnersysteme, (2007)

29. Dwivedi, A.; Wagner, R. E.: Tra_c Model for USALong-distance Optical Network. Proc. Optical Fiber Communication Conf., 2000.Vol. 1, pp. 156-158.

30. Menasce, D.; Almeida V.: Capacity Planning for Web Services - Metr, Models, and Methods. Prentice Hall, (2002)

31. Barisch, M.: Modeling the impact of virtual identities on communication infrastructures. Proc. of the 5th ACM workshop on Digital identity management (DIM '09), ACM, 2009. pp. 45-52.

32. Baskettet, F.; al.: Open, closed, and Mixed Networks of Queues with Different Classes of Customers. J. of the ACM, 1975.Vol. 22, pp. 248260.

33. Boneh, D.; Franklin M.: Identity-Based Encryption from the Weil Pairing. CRYPTO 2001, 2001.Vol. 2139, pp. 213-229.

34. Huang, D.: Pseudonym-based cryptography for anonymous communications in mobile ad hoc networks. Int. J. Security and Networks, 2007.Vol. 2, pp. 272-283.

35. Song, S.; Moustafa, H.; Afifi H.: Modeling an NGN authentication solution and improving its performance through clustering. Global Communications Conf. (GLOBECOM), 2012. pp.2101-2106

36. Multi-precision Integer and Rational Arithmetic C/C++ (MIRACL) library, Available: http://info.certivox.com. Last visited, Jan 2017.

37. Riverbed, Available: http://www.riverbed.com/. Last visited, Jan 2017.