Researcher profile

Takayuki Sasaki

Takayuki Sasaki contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate

Cryptography and Security Networking and Internet Architecture

Trust snapshot

Quick read

Trust 15 - Baseline

3works

0followers

2topics

4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

preprint2020arXiv

Security Architecture for Trustworthy Systems in 5G Era

Systems using 5G are expected to be used in various cases of Society 5.0 and Industrie 4.0 such as smart cities, smart factories, and also critical infrastructures. These systems are essential for our life, thus cyberattacks against the system must be prevented. In this paper, we tackle two problems posed by 5G features: system construction using multi-vendor devices and softwarized functions. Specifically, there are supply-chain risks that malicious devices are used in the construction phase. Moreover, the softwarized network functions are easy to be attacked compared to hardware. To cope with these problems, we propose a concept of architecture comprising a blockchain to record security events including supply-chain information and a tamper detection engine to ensure the integrity of software components in 5G system. We implement the initial prototype of the architecture and show its feasibility.

preprint2020arXiv

Towards a Backdoorless Network Architecture Based on Remote Attestation and Backdoor Inspection

To keep a system secure, all devices in the system need to be benign. To avoid malicious and/or compromised devices, network access control such as authentication using a credential and remote attestation based on trusted hardware has been used. These techniques ensure the authenticity and integrity of the devices, but do not mitigate risks of a backdoor embedded in the devices by the developer. To tackle this problem, we propose a novel architecture that integrates remote attestation and backdoor inspection. Specifically, the backdoor inspection result is stored in a server and the verifier retrieves and checks the backdoor inspection result when the remote attestation is performed. Moreover, we discuss issues to deploy the proposed architecture to the real world.

preprint2016arXiv

SDNsec: Forwarding Accountability for the SDN Data Plane

SDN promises to make networks more flexible, programmable, and easier to manage. Inherent security problems in SDN today, however, pose a threat to the promised benefits. First, the network operator lacks tools to proactively ensure that policies will be followed or to reactively inspect the behavior of the network. Second, the distributed nature of state updates at the data plane leads to inconsistent network behavior during reconfigurations. Third, the large flow space makes the data plane susceptible to state exhaustion attacks. This paper presents SDNsec, an SDN security extension that provides forwarding accountability for the SDN data plane. Forwarding rules are encoded in the packet, ensuring consistent network behavior during reconfigurations and limiting state exhaustion attacks due to table lookups. Symmetric-key cryptography is used to protect the integrity of the forwarding rules and enforce them at each switch. A complementary path validation mechanism allows the controller to reactively examine the actual path taken by the packets. Furthermore, we present mechanisms for secure link-failure recovery and multicast/broadcast forwarding.