Context-Aware and Real-time Entrustment Framework for Securing Next Generation Internet Communication

The Internet has been repeatedly demonstrated to be insufficiently secure for transferring sensitive information worldwide. This insecurity is an inherent characteristic as the Internet did not make any security considerations in its initial design. Rather, as is famously known, it was designed to connect "mutually trusting users". Such void motivated a long and extensive history of a variety of trust measures to secure Internet communications at its different levels or layers. To date, however, the proposed security measures have been identified as computationally demanding, especially as they utilize cryptographic computations. In light of the evolution of the Internet-of-Things (IoT) and therefore the growing reliance on elements with limited capabilities (in terms of computing and/or energy), facilitating security becomes an equally increasing challenge. Such elements include embedded systems, sensors/actuators, small-scale mobile and wireless devices, in addition to various elements utilized in real-time and/or delay-critical applications. Considerations must therefore be made for addressing the computational challenge while providing the required security. In the meanwhile, any meaningful security solution must be global (i.e., Internet-wide) in its operation.;Our objective in this thesis is to demonstrate that an adaptive, end-to-end security solution for the next generation Internet is viable. Integral to our thesis is a holistic and innovative proposal for a Context-Aware and Real-time Entrustment framework or (CARE). The framework comprises a set of security components and modules designed to satisfy the observed and expected needs of next generation computing networks and their elements. While introducing the components and operations of our framework, we showcase how they can help into providing security services for the futuristic NGI communication trends. We then introduce a new approach in empirical analysis for cryptographic functions through which their use of computation resource can be identified and/or predicted. The outcome of this approach is applied in designing a robust security adaptation strategy for the CARE framework. A complementary resource-aide system is also presented in order to facilitate the secure end-to-end operation.