Visible to the public Biblio

Filters: Keyword is Data security  [Clear All Filters]
2020-01-21
Joshitta, R. Shantha Mary, Arockiam, L., Malarchelvi, P. D. Sheba Kezia.  2019.  Security Analysis of SAT\_Jo Lightweight Block Cipher for Data Security in Healthcare IoT. Proceedings of the 2019 3rd International Conference on Cloud and Big Data Computing. :111–116.
In this fast moving world, every industry is advanced by a new technological paradigm called Internet of Things (IoT). It offers interconnectivity between the digital and the real world which will swiftly transform the style of doing business. It opens up a wide-ranging new array of dynamic opportunities in all industries and is fuelling innovation in every part of life. Due to the constrained nature of the devices in IoT environment, it is difficult to execute complex data encryption algorithms to enhance the security. Moreover, computation overhead caused by the existing cryptographic security algorithms is heavy and has to be minimized. To overcome these challenges, this paper presents the security analysis of the lightweight block cipher SAT\_Jo to ensure the data security in healthcare Internet of Things. It is based on SPN structure and runs for 31 rounds. It encrypts 64-bits of block length with key of 80 bits. Cadence NC-Verilog 5.1 is used for simulation and Cadence Encounter RTL Compiler v10.1 for synthesis. The implementations are synthesized for UMC 90 nm low-leakage Faraday library from technology libraries. Moreover, the proposed SAT\_Jo block cipher withstands in various attacks such as differential attack, linear attack and algebraic attack in healthcare IoT environment.
Benmoussa, Ahmed, Tahari, Abdou el Karim, Lagaa, Nasreddine, Lakas, Abderrahmane, Ahmad, Farhan, Hussain, Rasheed, Kerrache, Chaker Abdelaziz, Kurugollu, Fatih.  2019.  A Novel Congestion-Aware Interest Flooding Attacks Detection Mechanism in Named Data Networking. 2019 28th International Conference on Computer Communication and Networks (ICCCN). :1–6.
Named Data Networking (NDN) is a promising candidate for future internet architecture. It is one of the implementations of the Information-Centric Networking (ICN) architectures where the focus is on the data rather than the owner of the data. While the data security is assured by definition, these networks are susceptible of various Denial of Service (DoS) attacks, mainly Interest Flooding Attacks (IFA). IFAs overwhelm an NDN router with a huge amount of interests (Data requests). Various solutions have been proposed in the literature to mitigate IFAs; however; these solutions do not make a difference between intentional and unintentional misbehavior due to the network congestion. In this paper, we propose a novel congestion-aware IFA detection and mitigation solution. We performed extensive simulations and the results clearly depict the efficiency of our proposal in detecting truly occurring IFA attacks.
2020-01-20
Almehmadi, Tahani, Alshehri, Suhair, Tahir, Sabeen.  2019.  A Secure Fog-Cloud Based Architecture for MIoT. 2019 2nd International Conference on Computer Applications Information Security (ICCAIS). :1–6.

Medical Internet of Things (MIoT) offers innovative solutions to a healthier life, making radical changes in people's lives. Healthcare providers are enabled to continuously and remotely monitor their patients for many medial issues outside hospitals and healthcare providers' offices. MIoT systems and applications lead to increase availability, accessibility, quality and cost-effectiveness of healthcare services. On the other hand, MIoT devices generate a large amount of diverse real-time data, which is highly sensitive. Thus, securing medical data is an essential requirement when developing MIoT architectures. However, the MIoT architectures being developed in the literature have many security issues. To address the challenge of data security in MIoT, the integration of fog computing and MIoT is studied as an emerging and appropriate solution. By data security, it means that medial data is stored in fog nodes and transferred to the cloud in a secure manner to prevent any unauthorized access. In this paper, we propose a design for a secure fog-cloud based architecture for MIoT.

Liu, Donglan, Zhang, Hao, Wang, Wenting, Zhao, Yang, Zhao, Xiaohong, Yu, Hao, Lv, Guodong, Zhao, Yong.  2019.  Research on Protection for the Database Security Based on the Cloud of Smart Grid. 2019 IEEE 11th International Conference on Communication Software and Networks (ICCSN). :585–589.

As cloud services enter the Internet market, cloud security issues are gradually exposed. In the era of knowledge economy, the unique potential value of big data is being gradually explored. However, the control of data security is facing many challenges. According to the development status and characteristics of database within the cloud environment, this paper preliminary studies on the database security risks faced by the “three-clouds” of State Grid Corporation of China. Based on the mature standardization of information security, this paper deeply studies the database security requirements of cloud environment, and six-step method for cloud database protection is presented, which plays an important role in promoting development of security work for the cloud database. Four key technologies of cloud database security protection are introduced, including database firewall technology, sensitive data encryption, production data desensitization, and database security audit technology. It is helpful to the technology popularization of the grade protection in the security of the cloud database, and plays a great role in the construction of the security of the state grid.

2020-01-13
Seidel, Felix, Krentz, Konrad-Felix, Meinel, Christoph.  2019.  Deep En-Route Filtering of Constrained Application Protocol (CoAP) Messages on 6LoWPAN Border Routers. 2019 IEEE 5th World Forum on Internet of Things (WF-IoT). :201–206.
Devices on the Internet of Things (IoT) are usually battery-powered and have limited resources. Hence, energy-efficient and lightweight protocols were designed for IoT devices, such as the popular Constrained Application Protocol (CoAP). Yet, CoAP itself does not include any defenses against denial-of-sleep attacks, which are attacks that aim at depriving victim devices of entering low-power sleep modes. For example, a denial-of-sleep attack against an IoT device that runs a CoAP server is to send plenty of CoAP messages to it, thereby forcing the IoT device to expend energy for receiving and processing these CoAP messages. All current security solutions for CoAP, namely Datagram Transport Layer Security (DTLS), IPsec, and OSCORE, fail to prevent such attacks. To fill this gap, Seitz et al. proposed a method for filtering out inauthentic and replayed CoAP messages "en-route" on 6LoWPAN border routers. In this paper, we expand on Seitz et al.'s proposal in two ways. First, we revise Seitz et al.'s software architecture so that 6LoWPAN border routers can not only check the authenticity and freshness of CoAP messages, but can also perform a wide range of further checks. Second, we propose a couple of such further checks, which, as compared to Seitz et al.'s original checks, more reliably protect IoT devices that run CoAP servers from remote denial-of-sleep attacks, as well as from remote exploits. We prototyped our solution and successfully tested its compatibility with Contiki-NG's CoAP implementation.
2020-01-07
Radhakrishnan, Vijayanand, Durairaj, Devaraj, Balasubramanian, Kannapiran, Kamatchi, Kartheeban.  2019.  Development Of A Novel Security Scheme Using DNA Biocryptography For Smart Meter Data Communication. 2019 3rd International Conference on Computing and Communications Technologies (ICCCT). :237-244.

Data security is a major requirement of smart meter communication to control server through Advanced Metering infrastructure. Easy access of smart meters and multi-faceted nature of AMI communication network are the main reasons of smart meter facing large number of attacks. The different topology, bandwidth and heterogeneity in communication network prevent the existing security mechanisms in satisfying the security requirements of smart meter. Hence, advanced security mechanisms are essential to encrypt smart meter data before transmitting to control server. The emerging biocryptography technique has several advantages over existing techniques and is most suitable for providing security to communication of low processing devices like smart meter. In this paper, a lightweight encryption scheme using DNA sequence with suitable key management scheme is proposed for secure communication of smart meter in an efficient way. The proposed 2-phase DNA cryptography provides confidentiality and integrity to transmitted data and the authentication of keys is attained by exchanging through Diffie Hellman scheme. The strength of proposed encryption scheme is analyzed and its efficiency is evaluated by simulating an AMI communication network using Simulink/Matlab. Comparison of simulation results with various techniques show that the proposed scheme is suitable for secure communication of smart meter data.

P.G., Swathi, Rajesh, Sreeja.  2018.  Double Encryption Using TEA and DNA. 2018 International Conference on Circuits and Systems in Digital Enterprise Technology (ICCSDET). :1-5.
Information security has become a major challenge in data transmission. Data transmitted through the network is vulnerable to many passive and active attacks. Cryptographic algorithms provide security against the data intruders and provide secure network communication. In this method, two algorithms TEA and DNA are combined to form a new algorithm called DETD (Double Encryption using TEA and DNA). The algorithm mainly deals with encryption and decryption time of a given input text. Here, both the encryption and decryption time are compared with the other two algorithms and the results are recorded. This algorithm also aims to provide data security by increasing the levels of encryption.
2019-12-30
Razaque, Abdul, Jinrui, Wang, Zancheng, Wang, Hani, Qassim Bani, Khaskheli, Murad Ali, Bhutto, Waseem Ahmed.  2018.  Integration of CPU and GPU to Accelerate RSA Modular Exponentiation Operation. 2018 IEEE Long Island Systems, Applications and Technology Conference (LISAT). :1-6.

Now-a-days, the security of data becomes more and more important, people store many personal information in their phones. However, stored information require security and maintain privacy. Encryption algorithm has become the main force of maintaining the security of data. Thus, the algorithm complexity and encryption efficiency have become the main measurement of whether the encryption algorithm is save or not. With the development of hardware, we have many tools to improve the algorithm at present. Because modular exponentiation in RSA algorithm can be divided into several parts mathematically. In this paper, we introduce a conception by dividing the process of encryption and add the model into graphics process unit (GPU). By using GPU's capacity in parallel computing, the core of RSA can be accelerated by using central process unit (CPU) and GPU. Compute unified device architecture (CUDA) is a platform which can combine CPU and GPU together to realize GPU parallel programming and this is the tool we use to perform experience of accelerating RSA algorithm. This paper will also build up a mathematical model to help understand the mechanism of RSA encryption algorithm.

2019-12-16
Lin, Ping-Hsien, Chang, Yu-Ming, Li, Yung-Chun, Wang, Wei-Chen, Ho, Chien-Chung, Chang, Yuan-Hao.  2018.  Achieving Fast Sanitization with Zero Live Data Copy for MLC Flash Memory. 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). :1–8.
As data security has become the major concern in modern storage systems with low-cost multi-level-cell (MLC) flash memories, it is not trivial to realize data sanitization in such a system. Even though some existing works employ the encryption or the built-in erase to achieve this requirement, they still suffer the risk of being deciphered or the issue of performance degradation. In contrast to the existing work, a fast sanitization scheme is proposed to provide the highest degree of security for data sanitization; that is, every old version of data could be immediately sanitized with zero live-data-copy overhead once the new version of data is created/written. In particular, this scheme further considers the reliability issue of MLC flash memories; the proposed scheme includes a one-shot sanitization design to minimize the disturbance during data sanitization. The feasibility and the capability of the proposed scheme were evaluated through extensive experiments based on real flash chips. The results demonstrate that this scheme can achieve the data sanitization with zero live-data-copy, where performance overhead is less than 1%.
2019-11-25
Pei, Xin, Li, Xuefeng, Wu, Xiaochuan, Zheng, Kaiyan, Zhu, Boheng, Cao, Yixin.  2019.  Assured Delegation on Data Storage and Computation via Blockchain System. 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC). :0055–0061.
With the widespread of cloud computing, the delegation of storage and computing is becoming a popular trend. Concerns on data integrity, security, user privacy as well as the correctness of execution are highlighted due to the untrusted remote data manipulation. Most of existing proposals solve the integrity checking and verifiable computation problems by challenge-response model, but are lack of scalability and reusability. Via blockchain, we achieve efficient and transparent public verifiable delegation for both storage and computing. Meanwhile, the smart contract provides API for request handling and secure data query. The security and privacy issues of data opening are settled by applying cryptographic algorithms all through the delegations. Additionally, any access to the outsourced data requires the owner's authentication, so that the dat transference and utilization are under control.
2019-10-15
Jeong, Jun Woo, Kim, Bo Youn, Jang, Ju Wook.  2018.  Security and Device Control Method for Fog Computer Using Blockchain. Proceedings of the 2018 International Conference on Information Science and System. :234–238.

Fog computing has emerged due to the problem that it becomes difficult to store every data to the cloud system as the number of Internet of Things increases. In this fog computing, a vast amount of data generated from the Internet of Things is transmitted to the cloud system located at a remote place, and is processed by a fog computer such as a sensor or a router located nearby, so that only the necessary data is transmitted to the cloud system. However, the above-mentioned fog computer has some drawbacks like being shut down due to an attack by a malicious user in advance, and a method of processing when a fog computer is down or restored. In this paper we describe a fog computing with blockchain that enables fog computers to share transaction generated by processing transaction information of a device controlled by a blockchain method to a security and device control method of a fog computer utilizing the technology. Furthemore by using security properties of blockchain such as authentication, non-repudiation and data integrity, fog computing using blockchain has advantage of security comparing to previous Cloud and fog computing system using centralized database or P2P networks.

2019-09-26
Liu, Y., Zhang, J., Gao, Q..  2018.  A Blockchain-Based Secure Cloud Files Sharing Scheme with Fine-Grained Access Control. 2018 International Conference on Networking and Network Applications (NaNA). :277-283.

As cloud services greatly facilitate file sharing online, there's been a growing awareness of the security challenges brought by outsourcing data to a third party. Traditionally, the centralized management of cloud service provider brings about safety issues because the third party is only semi-trusted by clients. Besides, it causes trouble for sharing online data conveniently. In this paper, the blockchain technology is utilized for decentralized safety administration and provide more user-friendly service. Apart from that, Ciphertext-Policy Attribute Based Encryption is introduced as an effective tool to realize fine-grained data access control of the stored files. Meanwhile, the security analysis proves the confidentiality and integrity of the data stored in the cloud server. Finally, we evaluate the performance of computation overhead of our system.

2019-08-05
Tao, Y., Lei, Z., Ruxiang, P..  2018.  Fine-Grained Big Data Security Method Based on Zero Trust Model. 2018 IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS). :1040-1045.

With the rapid development of big data technology, the requirement of data processing capacity and efficiency result in failure of a number of legacy security technologies, especially in the data security domain. Data security risks became extremely important for big data usage. We introduced a novel method to preform big data security control, which comprises three steps, namely, user context recognition based on zero trust, fine-grained data access authentication control, and data access audit based on full network traffic to recognize and intercept risky data access in big data environment. Experiments conducted on the fine-grained big data security method based on the zero trust model of drug-related information analysis system demonstrated that this method can identify the majority of data security risks.

2019-07-01
Modi, F. M., Desai, M. R., Soni, D. R..  2018.  A Third Party Audit Mechanism for Cloud Based Storage Using File Versioning and Change Tracking Mechanism. 2018 International Conference on Inventive Research in Computing Applications (ICIRCA). :521-523.

Cloud storage is an exclusive resource in cloud computing, which helps to store and share the data on cloud storage server. Clients upload the data and its hash information n server together on cloud storage. The file owner always concern about data security like privacy and unauthorized access to third party. The owner also wants to ensure the integrity data during communication process. To ensure integrity, we propose a framework based on third party auditor which checks the integrity and correctness of data during audit process. Our aim is to design custom hash for the file which is not only justifies the integrity but also version information about file.

2019-05-08
Meng, F., Lou, F., Fu, Y., Tian, Z..  2018.  Deep Learning Based Attribute Classification Insider Threat Detection for Data Security. 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC). :576–581.

With the evolution of network threat, identifying threat from internal is getting more and more difficult. To detect malicious insiders, we move forward a step and propose a novel attribute classification insider threat detection method based on long short term memory recurrent neural networks (LSTM-RNNs). To achieve high detection rate, event aggregator, feature extractor, several attribute classifiers and anomaly calculator are seamlessly integrated into an end-to-end detection framework. Using the CERT insider threat dataset v6.2 and threat detection recall as our performance metric, experimental results validate that the proposed threat detection method greatly outperforms k-Nearest Neighbor, Isolation Forest, Support Vector Machine and Principal Component Analysis based threat detection methods.

2019-05-01
Georgiadis, Ioannis, Dossis, Michael, Kontogiannis, Sotirios.  2018.  Performance Evaluation on IoT Devices Secure Data Delivery Processes. Proceedings of the 22Nd Pan-Hellenic Conference on Informatics. :306–311.
This paper presents existing cryptographic technologies used by the IoT industry. Authors review security capabilities of existing IoT protocols such as LoRaWAN, IEE802.15.4, BLE and RF based. Authors also experiment with the cryptographic efficiency and energy consumption of existing cryptography algorithms, implemented on embedded systems. Authors evaluate the performance of 32bit single ARM cortex microprocessor, Atmel ATmega32u4 8-bit micro-controller and Parallella Xillix Zynq FPGA parallel co-processors. From the experimental results, authors signify the requirements of the next generation IoT security protocols and from their experimental results provide useful guidelines.
2019-04-01
Zhang, X., Li, R., Cui, B..  2018.  A security architecture of VANET based on blockchain and mobile edge computing. 2018 1st IEEE International Conference on Hot Information-Centric Networking (HotICN). :258–259.

The development of Vehicular Ad-hoc NETwork (VANET) has brought many conveniences to human beings, but also brings a very prominent security problem. The traditional solution to the security problem is based on centralized approach which requires a trusted central entity which exists a single point of failure problem. Moreover, there is no approach of technical level to ensure security of data. Therefore, this paper proposes a security architecture of VANET based on blockchain and mobile edge computing. The architecture includes three layers, namely perception layer, edge computing layer and service layer. The perception layer ensures the security of VANET data in the transmission process through the blockchain technology. The edge computing layer provides computing resources and edge cloud services to the perception layer. The service layer uses the combination of traditional cloud storage and blockchain to ensure the security of data.

2019-03-28
Bagri, D., Rathore, S. K..  2018.  Research Issues Based on Comparative Work Related to Data Security and Privacy Preservation in Smart Grid. 2018 4th International Conference on Computing Sciences (ICCS). :88-91.

With the advancement of Technology, the existing electric grids are shifting towards smart grid. The smart grids are meant to be effective in power management, secure and safe in communication and more importantly, it is favourable to the environment. The smart grid is having huge architecture it includes various stakeholders that encounter challenges in the name of authorisation and authentication. The smart grid has another important issue to deal with that is securing the communication from varieties of cyber-attacks. In this paper, we first discussed about the challenges in the smart grid data communication and later we surveyed the existing cryptographic algorithm and presented comparative work on certain factors for existing working cryptographic algorithms This work gives insight conclusion to improve the working scheme for data security and Privacy preservation of customer who is one of the stack holders. Finally, with the comparative work, we suggest a direction of future work on improvement of working algorithms for secure and safe data communication in a smart grid.

2019-03-06
Yan, Li, Hao, Xiaowei, Cheng, Zelei, Zhou, Rui.  2018.  Cloud Computing Security and Privacy. Proceedings of the 2018 International Conference on Big Data and Computing. :119-123.
Cloud computing is an emerging technology that can provide organizations, enterprises and governments with cheaper, more convenient and larger scale computing resources. However, cloud computing will bring potential risks and threats, especially on security and privacy. We make a survey on potential threats and risks and existing solutions on cloud security and privacy. We also put forward some problems to be addressed to provide a secure cloud computing environment.
2019-02-13
Yasumura, Y., Imabayashi, H., Yamana, H..  2018.  Attribute-based proxy re-encryption method for revocation in cloud storage: Reduction of communication cost at re-encryption. 2018 IEEE 3rd International Conference on Big Data Analysis (ICBDA). :312–318.
In recent years, many users have uploaded data to the cloud for easy storage and sharing with other users. At the same time, security and privacy concerns for the data are growing. Attribute-based encryption (ABE) enables both data security and access control by defining users with attributes so that only those users who have matching attributes can decrypt them. For real-world applications of ABE, revocation of users or their attributes is necessary so that revoked users can no longer decrypt the data. In actual implementations, ABE is used in hybrid with a symmetric encryption scheme such as the advanced encryption standard (AES) where data is encrypted with AES and the AES key is encrypted with ABE. The hybrid encryption scheme requires re-encryption of the data upon revocation to ensure that the revoked users can no longer decrypt that data. To re-encrypt the data, the data owner (DO) must download the data from the cloud, then decrypt, encrypt, and upload the data back to the cloud, resulting in both huge communication costs and computational burden on the DO depending on the size of the data to be re-encrypted. In this paper, we propose an attribute-based proxy re-encryption method in which data can be re-encrypted in the cloud without downloading any data by adopting both ABE and Syalim's encryption scheme. Our proposed scheme reduces the communication cost between the DO and cloud storage. Experimental results show that the proposed method reduces the communication cost by as much as one quarter compared to that of the trivial solution.
Gunjal, Y. S., Gunjal, M. S., Tambe, A. R..  2018.  Hybrid Attribute Based Encryption and Customizable Authorization in Cloud Computing. 2018 International Conference On Advances in Communication and Computing Technology (ICACCT). :187–190.
Most centralized systems allow data access to its cloud user if a cloud user has a certain set of satisfying attributes. Presently, one method to compete such policies is to use an authorized cloud server to maintain the user data and have access control over it. At times, when one of the servers keeping data is compromised, the security of the user data is compromised. For getting access control, maintaining data security and obtaining precise computing results, the data owners have to keep attribute-based security to encrypt the stored data. During the delegation of data on cloud, the cloud servers may be tampered by the counterfeit cipher-text. Furthermore, the authorized users may be cheated by retorting them that they are unauthorized. Largely the encryption control access attribute policies are complex. In this paper, we present Cipher-text Policy Attribute-Based Encryption for maintaining complex access control over encrypted data with verifiable customizable authorization. The proposed technique provides data confidentiality to the encrypted data even if the storage server is comprised. Moreover, our method is highly secured against collusion attacks. In advance, performance evaluation of the proposed system is elaborated with implementation of the same.
2019-02-08
Aufa, F. J., Endroyono, Affandi, A..  2018.  Security System Analysis in Combination Method: RSA Encryption and Digital Signature Algorithm. 2018 4th International Conference on Science and Technology (ICST). :1-5.

Public key cryptography or asymmetric keys are widely used in the implementation of data security on information and communication systems. The RSA algorithm (Rivest, Shamir, and Adleman) is one of the most popular and widely used public key cryptography because of its less complexity. RSA has two main functions namely the process of encryption and decryption process. Digital Signature Algorithm (DSA) is a digital signature algorithm that serves as the standard of Digital Signature Standard (DSS). DSA is also included in the public key cryptography system. DSA has two main functions of creating digital signatures and checking the validity of digital signatures. In this paper, the authors compare the computational times of RSA and DSA with some bits and choose which bits are better used. Then combine both RSA and DSA algorithms to improve data security. From the simulation results, the authors chose RSA 1024 for the encryption process and added digital signatures using DSA 512, so the messages sent are not only encrypted but also have digital signatures for the data authentication process.

2018-12-03
Ennajjar, Ibtissam, Tabii, Youness, Benkaddour, Abdelhamid.  2017.  Securing Data in Cloud Computing by Classification. Proceedings of the 2Nd International Conference on Big Data, Cloud and Applications. :49:1–49:5.

Cloud computing is a wide architecture based on diverse models for providing different services of software and hardware. Cloud computing paradigm attracts different users because of its several benefits such as high resource elasticity, expense reduction, scalability and simplicity which provide significant preserving in terms of investment and work force. However, the new approaches introduced by the cloud, related to computation outsourcing, distributed resources, multi-tenancy concept, high dynamism of the model, data warehousing and the nontransparent style of cloud increase the security and privacy concerns and makes building and handling trust among cloud service providers and consumers a critical security challenge. This paper proposes a new approach to improve security of data in cloud computing. It suggests a classification model to categorize data before being introduced into a suitable encryption system according to the category. Since data in cloud has not the same sensitivity level, encrypting it with the same algorithms can lead to a lack of security or of resources. By this method we try to optimize the resources consumption and the computation cost while ensuring data confidentiality.

2018-11-19
Lebeck, K., Ruth, K., Kohno, T., Roesner, F..  2018.  Towards Security and Privacy for Multi-User Augmented Reality: Foundations with End Users. 2018 IEEE Symposium on Security and Privacy (SP). :392–408.

Immersive augmented reality (AR) technologies are becoming a reality. Prior works have identified security and privacy risks raised by these technologies, primarily considering individual users or AR devices. However, we make two key observations: (1) users will not always use AR in isolation, but also in ecosystems of other users, and (2) since immersive AR devices have only recently become available, the risks of AR have been largely hypothetical to date. To provide a foundation for understanding and addressing the security and privacy challenges of emerging AR technologies, grounded in the experiences of real users, we conduct a qualitative lab study with an immersive AR headset, the Microsoft HoloLens. We conduct our study in pairs - 22 participants across 11 pairs - wherein participants engage in paired and individual (but physically co-located) HoloLens activities. Through semi-structured interviews, we explore participants' security, privacy, and other concerns, raising key findings. For example, we find that despite the HoloLens's limitations, participants were easily immersed, treating virtual objects as real (e.g., stepping around them for fear of tripping). We also uncover numerous security, privacy, and safety concerns unique to AR (e.g., deceptive virtual objects misleading users about the real world), and a need for access control among users to manage shared physical spaces and virtual content embedded in those spaces. Our findings give us the opportunity to identify broader lessons and key challenges to inform the design of emerging single-and multi-user AR technologies.

2018-10-26
Rauf, A., Shaikh, R. A., Shah, A..  2018.  Security and privacy for IoT and fog computing paradigm. 2018 15th Learning and Technology Conference (L T). :96–101.

In the past decade, the revolution in miniaturization (microprocessors, batteries, cameras etc.) and manufacturing of new type of sensors resulted in a new regime of applications based on smart objects called IoT. Majority of such applications or services are to ease human life and/or to setup efficient processes in automated environments. However, this convenience is coming up with new challenges related to data security and human privacy. The objects in IoT are resource constrained devices and cannot implement a fool-proof security framework. These end devices work like eyes and ears to interact with the physical world and collect data for analytics to make expedient decisions. The storage and analysis of the collected data is done remotely using cloud computing. The transfer of data from IoT to the computing clouds can introduce privacy issues and network delays. Some applications need a real-time decision and cannot tolerate the delays and jitters in the network. Here, edge computing or fog computing plays its role to settle down the mentioned issues by providing cloud-like facilities near the end devices. In this paper, we discuss IoT, fog computing, the relationship between IoT and fog computing, their security issues and solutions by different researchers. We summarize attack surface related to each layer of this paradigm which will help to propose new security solutions to escalate it acceptability among end users. We also propose a risk-based trust management model for smart healthcare environment to cope with security and privacy-related issues in this highly un-predictable heterogeneous ecosystem.