Visible to the public Biblio

Filters: Keyword is ubiquitous computing  [Clear All Filters]
2021-07-07
G H, Samyama Gunjal, Swamy, Samarth C.  2020.  A Security Approach to Build a Trustworthy Ubiquitous Learning System. 2020 IEEE Bangalore Humanitarian Technology Conference (B-HTC). :1–6.
Modern learning systems, say a tutoring platform, has many characteristics like digital data presentation with interactivity, mobility, which provides information about the study-content as per the learners understanding levels, intelligent learners behavior, etc. A sophisticated ubiquitous learner system maintains security and monitors the mischievous behavior of the learner, and authenticates and authorizes every learner, which is quintessential. Some of the existing security schemes aim only at single entry-point authentication, which may not suit to ubiquitous tutor platform. We propose a secured authentication scheme which is based on the information utility of the learner. Whenever a learner moves into a tutor platform, which has ubiquitous learner system technology, the system at first-begins with learners' identity authentication, and then it initiates trust evaluation after the successful authentication of the learner. Periodic credential verification of the learner will be carried out, which intensifies the authentication scheme of the system proposed. BAN logic has been used to prove the authentication in this system. The proposed authentication scheme has been simulated and analyzed for the indoor tutor platform environment.
Hussain, Rashid.  2020.  Peripheral View of IoT based Miniature Devices Security Paradigm. 2020 Global Conference on Wireless and Optical Technologies (GCWOT). :1–7.
Tunnel approach to the security and privacy aspects of communication networks has been an issue since the inception of networking technologies. Neither the technology nor the regulatory and legal frame works proactively play a significant role towards addressing the ever escalating security challenges. As we have move to ubiquitous computing paradigm where information secrecy and privacy is coupled with new challenges of human to machine and machine to machine interfaces, a transformational model for security should be visited. This research is attempted to highlight the peripheral view of IoT based miniature device security paradigm with focus on standardization, regulations, user adaptation, software and applications, low computing resources and power consumption, human to machine interface and privacy.
Suciu, George, Hussain, Ijaz, Petrescu, Gabriel.  2020.  Role of Ubiquitous Computing and Mobile WSN Technologies and Implementation. 2020 International Conference on Electrical, Communication, and Computer Engineering (ICECCE). :1–6.
Computing capabilities such as real time data, unlimited connection, data from sensors, environmental analysis, automated decisions (machine learning) are demanded by many areas like industry for example decision making, machine learning, by research and military, for example GPS, sensor data collection. The possibility to make these features compatible with each domain that demands them is known as ubiquitous computing. Ubiquitous computing includes network topologies such as wireless sensor networks (WSN) which can help further improving the existing communication, for example the Internet. Also, ubiquitous computing is included in the Internet of Things (IoT) applications. In this article, it is discussed the mobility of WSN and its advantages and innovations, which make possible implementations for smart home and office. Knowing the growing number of mobile users, we place the mobile phone as the key factor of the future ubiquitous wireless networks. With secure computing, communicating, and storage capacities of mobile devices, they can be taken advantage of in terms of architecture in the sense of scalability, energy efficiency, packet delay, etc. Our work targets to present a structure from a ubiquitous computing point of view for researchers who have an interest in ubiquitous computing and want to research on the analysis, to implement a novel method structure for the ubiquitous computing system in military sectors. Also, this paper presents security and privacy issues in ubiquitous sensor networks (USN).
2021-04-08
Yang, Z., Sun, Q., Zhang, Y., Zhu, L., Ji, W..  2020.  Inference of Suspicious Co-Visitation and Co-Rating Behaviors and Abnormality Forensics for Recommender Systems. IEEE Transactions on Information Forensics and Security. 15:2766—2781.
The pervasiveness of personalized collaborative recommender systems has shown the powerful capability in a wide range of E-commerce services such as Amazon, TripAdvisor, Yelp, etc. However, fundamental vulnerabilities of collaborative recommender systems leave space for malicious users to affect the recommendation results as the attackers desire. A vast majority of existing detection methods assume certain properties of malicious attacks are given in advance. In reality, improving the detection performance is usually constrained due to the challenging issues: (a) various types of malicious attacks coexist, (b) limited representations of malicious attack behaviors, and (c) practical evidences for exploring and spotting anomalies on real-world data are scarce. In this paper, we investigate a unified detection framework in an eye for an eye manner without being bothered by the details of the attacks. Firstly, co-visitation and co-rating graphs are constructed using association rules. Then, attribute representations of nodes are empirically developed from the perspectives of linkage pattern, structure-based property and inherent association of nodes. Finally, both attribute information and connective coherence of graph are combined in order to infer suspicious nodes. Extensive experiments on both synthetic and real-world data demonstrate the effectiveness of the proposed detection approach compared with competing benchmarks. Additionally, abnormality forensics metrics including distribution of rating intention, time aggregation of suspicious ratings, degree distributions before as well as after removing suspicious nodes and time series analysis of historical ratings, are provided so as to discover interesting findings such as suspicious nodes (items or ratings) on real-world data.
2021-03-04
Carrozzo, G., Siddiqui, M. S., Betzler, A., Bonnet, J., Perez, G. M., Ramos, A., Subramanya, T..  2020.  AI-driven Zero-touch Operations, Security and Trust in Multi-operator 5G Networks: a Conceptual Architecture. 2020 European Conference on Networks and Communications (EuCNC). :254—258.
The 5G network solutions currently standardised and deployed do not yet enable the full potential of pervasive networking and computing envisioned in 5G initial visions: network services and slices with different QoS profiles do not span multiple operators; security, trust and automation is limited. The evolution of 5G towards a truly production-level stage needs to heavily rely on automated end-to-end network operations, use of distributed Artificial Intelligence (AI) for cognitive network orchestration and management and minimal manual interventions (zero-touch automation). All these elements are key to implement highly pervasive network infrastructures. Moreover, Distributed Ledger Technologies (DLT) can be adopted to implement distributed security and trust through Smart Contracts among multiple non-trusted parties. In this paper, we propose an initial concept of a zero-touch security and trust architecture for ubiquitous computing and connectivity in 5G networks. Our architecture aims at cross-domain security & trust orchestration mechanisms by coupling DLTs with AI-driven operations and service lifecycle automation in multi-tenant and multi-stakeholder environments. Three representative use cases are identified through which we will validate the work which will be validated in the test facilities at 5GBarcelona and 5TONIC/Madrid.
2020-12-28
Dove, R., Willett, K. D..  2020.  Contextually Aware Agile-Security in the Future of Systems Engineering. 2020 IEEE Systems Security Symposium (SSS). :1—8.

A recurring principle in consideration of the future of systems engineering is continual dynamic adaptation. Context drives change whether it be from potential loss (threats, vulnerabilities) or from potential gain (opportunity-driven). Contextual-awareness has great influence over the future of systems engineering and of systems security. Those contextual environments contain fitness functions that will naturally select compatible approaches and filter out the incompatible, with prejudice. We don't have to guess at what those environmental shaping forces will look like. William Gibson famously tells us why: “The future is already here, it's just not evenly distributed;” and, sometimes difficult to discern. This paper provides archetypes that 1) characterize general systems engineering for products, processes, and operations; 2) characterize the integration of security to systems engineering; and, 3) characterize contextually aware agile-security. This paper is more of a problem statement than a solution. Solution objectives and tactics for guiding the path forward have a broader range of options for subsequent treatment elsewhere. Our purpose here is to offer a short list of necessary considerations for effective contextually aware adaptive system security in the future of systems engineering.

Antonioli, D., Tippenhauer, N. O., Rasmussen, K..  2020.  BIAS: Bluetooth Impersonation AttackS. 2020 IEEE Symposium on Security and Privacy (SP). :549—562.
Bluetooth (BR/EDR) is a pervasive technology for wireless communication used by billions of devices. The Bluetooth standard includes a legacy authentication procedure and a secure authentication procedure, allowing devices to authenticate to each other using a long term key. Those procedures are used during pairing and secure connection establishment to prevent impersonation attacks. In this paper, we show that the Bluetooth specification contains vulnerabilities enabling to perform impersonation attacks during secure connection establishment. Such vulnerabilities include the lack of mandatory mutual authentication, overly permissive role switching, and an authentication procedure downgrade. We describe each vulnerability in detail, and we exploit them to design, implement, and evaluate master and slave impersonation attacks on both the legacy authentication procedure and the secure authentication procedure. We refer to our attacks as Bluetooth Impersonation AttackS (BIAS).Our attacks are standard compliant, and are therefore effective against any standard compliant Bluetooth device regardless the Bluetooth version, the security mode (e.g., Secure Connections), the device manufacturer, and the implementation details. Our attacks are stealthy because the Bluetooth standard does not require to notify end users about the outcome of an authentication procedure, or the lack of mutual authentication. To confirm that the BIAS attacks are practical, we successfully conduct them against 31 Bluetooth devices (28 unique Bluetooth chips) from major hardware and software vendors, implementing all the major Bluetooth versions, including Apple, Qualcomm, Intel, Cypress, Broadcom, Samsung, and CSR.
2020-12-21
Seliem, M., Elgazzar, K..  2020.  LPA-SDP: A Lightweight Privacy-Aware Service Discovery Protocol for IoT Environments. 2020 IEEE 6th World Forum on Internet of Things (WF-IoT). :1–7.
Latest forecasts show that 50 billion devices will be connected to the Internet by 2020. These devices will provide ubiquitous data access and enable smarter interactions in all aspects of our everyday life, including vital domains such as healthcare and battlefields, where privacy is a key requirement. With the increasing adoption of IoT and the explosion of these resource-constrained devices, manual discovery and configuration become significantly challenging. Despite there is a number of resource discovery protocols that can be efficiently used in IoT deployments, none of these protocols provides any privacy consideration. This paper presents LPA-SDT, a novel technique for service discovery that builds privacy into the design from the ground up. Performance evaluation demonstrates that LPA-SDT outperforms state-of-the-art discovery techniques for resource-constrained environments while preserving user and data privacy.
2020-11-02
Aman, W., Khan, F..  2019.  Ontology-based Dynamic and Context-aware Security Assessment Automation for Critical Applications. 2019 IEEE 8th Global Conference on Consumer Electronics (GCCE). :644–647.

Several assessment techniques and methodologies exist to analyze the security of an application dynamically. However, they either are focused on a particular product or are mainly concerned about the assessment process rather than the product's security confidence. Most crucially, they tend to assess the security of a target application as a standalone artifact without assessing its host infrastructure. Such attempts can undervalue the overall security posture since the infrastructure becomes crucial when it hosts a critical application. We present an ontology-based security model that aims to provide the necessary knowledge, including network settings, application configurations, testing techniques and tools, and security metrics to evaluate the security aptitude of a critical application in the context of its hosting infrastructure. The objective is to integrate the current good practices and standards in security testing and virtualization to furnish an on-demand and test-ready virtual target infrastructure to execute the critical application and to initiate a context-aware and quantifiable security assessment process in an automated manner. Furthermore, we present a security assessment architecture to reflect on how the ontology can be integrated into a standard process.

2020-10-19
Hasan, Khondokar Fida, Kaur, Tarandeep, Hasan, Md. Mhedi, Feng, Yanming.  2019.  Cognitive Internet of Vehicles: Motivation, Layered Architecture and Security Issues. 2019 International Conference on Sustainable Technologies for Industry 4.0 (STI). :1–6.
Over the past few years, we have experienced great technological advancements in the information and communication field, which has significantly contributed to reshaping the Intelligent Transportation System (ITS) concept. Evolving from the platform of a collection of sensors aiming to collect data, the data exchanged paradigm among vehicles is shifted from the local network to the cloud. With the introduction of cloud and edge computing along with ubiquitous 5G mobile network, it is expected to see the role of Artificial Intelligence (AI) in data processing and smart decision imminent. So as to fully understand the future automobile scenario in this verge of industrial revolution 4.0, it is necessary first of all to get a clear understanding of the cutting-edge technologies that going to take place in the automotive ecosystem so that the cyber-physical impact on transportation system can be measured. CIoV, which is abbreviated from Cognitive Internet of Vehicle, is one of the recently proposed architectures of the technological evolution in transportation, and it has amassed great attention. It introduces cloud-based artificial intelligence and machine learning into transportation system. What are the future expectations of CIoV? To fully contemplate this architecture's future potentials, and milestones set to achieve, it is crucial to understand all the technologies that leaned into it. Also, the security issues to meet the security requirements of its practical implementation. Aiming to that, this paper presents the evolution of CIoV along with the layer abstractions to outline the distinctive functional parts of the proposed architecture. It also gives an investigation of the prime security and privacy issues associated with technological evolution to take measures.
2020-10-06
Januário, Fábio, Cardoso, Alberto, Gil, Paulo.  2018.  Resilience Enhancement through a Multi-agent Approach over Cyber-Physical Systems. 2018 10th International Conference on Information Technology and Electrical Engineering (ICITEE). :231—236.

Cyber-physical systems are an important component of most industrial infrastructures that allow the integration of control systems with state of the art information technologies. These systems aggregate distinct communication platforms and networked devices with different capabilities. This integration, has brought into play new uncertainties, not only from the tangible physical world, but also from a cyber space perspective. In light of this situation, awareness and resilience are invaluable properties of these kind of systems. The present work proposes an architecture based on a distributed middleware that relying on a hierarchical multi-agent framework for resilience enhancement. The proposed architecture takes into account physical and cyber vulnerabilities and guarantee state and context awareness, and a minimum level of acceptable operation, in response to physical disturbances and malicious attacks. This framework was evaluated on an IPv6 test-bed comprising several distributed devices, where performance and communication links health are analysed. Results from tests prove the relevance and benefits of the proposed approach.

2020-09-28
Li, Wei, Hu, Chunqiang, Song, Tianyi, Yu, Jiguo, Xing, Xiaoshuang, Cai, Zhipeng.  2018.  Privacy-Preserving Data Collection in Context-Aware Applications. 2018 IEEE Symposium on Privacy-Aware Computing (PAC). :75–85.
Thanks to the development and popularity of context-aware applications, the quality of users' life has been improved through a wide variety of customized services. Meanwhile, users are suffering severe risk of privacy leakage and their privacy concerns are growing over time. To tackle the contradiction between the serious privacy issues and the growing privacy concerns in context-aware applications, in this paper, we propose a privacy-preserving data collection scheme by incorporating the complicated interactions among user, attacker, and service provider into a three-antithetic-party game. Under such a novel game model, we identify and rigorously prove the best strategies of the three parties and the equilibriums of the games. Furthermore, we evaluate the performance of our proposed data collection game by performing extensive numerical experiments, confirming that the user's data privacy can be effective preserved.
2020-08-28
Ferreira, P.M.F.M., Orvalho, J.M., Boavida, F..  2005.  Large Scale Mobile and Pervasive Augmented Reality Games. EUROCON 2005 - The International Conference on "Computer as a Tool". 2:1775—1778.
Ubiquitous or pervasive computing is a new kind of computing, where specialized elements of hardware and software will have such high level of deployment that their use will be fully integrated with the environment. Augmented reality extends reality with virtual elements but tries to place the computer in a relatively unobtrusive, assistive role. To our knowledge, there is no specialized network middleware solution for large-scale mobile and pervasive augmented reality games. We present a work that focus on the creation of such network middleware for mobile and pervasive entertainment, applied to the area of large scale augmented reality games. In, this context, mechanisms are being studied, proposed and evaluated to deal with issues such as scalability, multimedia data heterogeneity, data distribution and replication, consistency, security, geospatial location and orientation, mobility, quality of service, management of networks and services, discovery, ad-hoc networking and dynamic configuration
Ferreira, Pedro, Orvalho, Joao, Boavida, Fernando.  2007.  Security and privacy in a middleware for large scale mobile and pervasive augmented reality. 2007 15th International Conference on Software, Telecommunications and Computer Networks. :1—5.
Ubiquitous or pervasive computing is a new kind of computing, where specialized elements of hardware and software will have such high level of deployment that their use will be fully integrated with the environment. Augmented reality extends reality with virtual elements but tries to place the computer in a relatively unobtrusive, assistive role. In this paper we propose, test and analyse a security and privacy architecture for a previously proposed middleware architecture for mobile and pervasive large scale augmented reality games, which is the main contribution of this paper. The results show that the security features proposed in the scope of this work do not affect the overall performance of the system.
2020-07-16
Mace, J.C., Morisset, C., Pierce, K., Gamble, C., Maple, C., Fitzgerald, J..  2018.  A multi-modelling based approach to assessing the security of smart buildings. Living in the Internet of Things: Cybersecurity of the IoT – 2018. :1—10.

Smart buildings are controlled by multiple cyber-physical systems that provide critical services such as heating, ventilation, lighting and access control. These building systems are becoming increasingly vulnerable to both cyber and physical attacks. We introduce a multi-model methodology for assessing the security of these systems, which utilises INTO-CPS, a suite of modelling, simulation, and analysis tools for designing cyber-physical systems. Using a fan coil unit case study we show how its security can be systematically assessed when subjected to Man-in-the-Middle attacks on the data connections between system components. We suggest our methodology would enable building managers and security engineers to design attack countermeasures and refine their effectiveness.

2020-04-13
R P, Jagadeesh Chandra Bose, Singi, Kapil, Kaulgud, Vikrant, Phokela, Kanchanjot Kaur, Podder, Sanjay.  2019.  Framework for Trustworthy Software Development. 2019 34th IEEE/ACM International Conference on Automated Software Engineering Workshop (ASEW). :45–48.
Intelligent software applications are becoming ubiquitous and pervasive affecting various aspects of our lives and livelihoods. At the same time, the risks to which these systems expose the organizations and end users are growing dramatically. Trustworthiness of software applications is becoming a paramount necessity. Trust is to be regarded as a first-class citizen in the total product life cycle and should be addressed across all stages of software development. Trust can be looked at from two facets: one at an algorithmic level (e.g., bias-free, discrimination-aware, explainable and interpretable techniques) and the other at a process level by making development processes more transparent, auditable, and adhering to regulations and best practices. In this paper, we address the latter and propose a blockchain enabled governance framework for building trustworthy software. Our framework supports the recording, monitoring, and analysis of various activities throughout the application development life cycle thereby bringing in transparency and auditability. It facilitates the specification of regulations and best practices and verifies for its adherence raising alerts of non-compliance and prescribes remedial measures.
2020-04-10
Repetto, M., Carrega, A., Lamanna, G..  2019.  An architecture to manage security services for cloud applications. 2019 4th International Conference on Computing, Communications and Security (ICCCS). :1—8.
The uptake of virtualization and cloud technologies has pushed novel development and operation models for the software, bringing more agility and automation. Unfortunately, cyber-security paradigms have not evolved at the same pace and are not yet able to effectively tackle the progressive disappearing of a sharp security perimeter. In this paper, we describe a novel cyber-security architecture for cloud-based distributed applications and network services. We propose a security orchestrator that controls pervasive, lightweight, and programmable security hooks embedded in the virtual functions that compose the cloud application, pursuing better visibility and more automation in this domain. Our approach improves existing management practice for service orchestration, by decoupling the management of the business logic from that of security. We also describe the current implementation stage for a programmable monitoring, inspection, and enforcement framework, which represents the ground technology for the realization of the whole architecture.
2020-03-02
Ranaweera, Pasika, Jurcut, Anca Delia, Liyanage, Madhusanka.  2019.  Realizing Multi-Access Edge Computing Feasibility: Security Perspective. 2019 IEEE Conference on Standards for Communications and Networking (CSCN). :1–7.
Internet of Things (IoT) and 5G are emerging technologies that prompt a mobile service platform capable of provisioning billions of communication devices which enable ubiquitous computing and ambient intelligence. These novel approaches are guaranteeing gigabit-level bandwidth, ultra-low latency and ultra-high storage capacity for their subscribers. To achieve these limitations, ETSI has introduced the paradigm of Multi-Access Edge Computing (MEC) for creating efficient data processing architecture extending the cloud computing capabilities in the Radio Access Network (RAN). Despite the gained enhancements to the mobile network, MEC is subjected to security challenges raised from the heterogeneity of IoT services, intricacies in integrating virtualization technologies, and maintaining the performance guarantees of the mobile networks (i.e. 5G). In this paper, we are identifying the probable threat vectors in a typical MEC deployment scenario that comply with the ETSI standards. We analyse the identified threat vectors and propose solutions to mitigate them.
Alioto, Massimo, Taneja, Sachin.  2019.  Enabling Ubiquitous Hardware Security via Energy-Efficient Primitives and Systems : (Invited Paper). 2019 IEEE Custom Integrated Circuits Conference (CICC). :1–8.
Security down to hardware (HW) has become a fundamental requirement in highly-connected and ubiquitously deployed systems, as a result of the recent discovery of a wide range of vulnerabilities in commercial devices, as well as the affordability of several attacks that were traditionally considered unlikely. HW security is now a fundamental requirement in view of the massive attack surface that they expose, and the substantial power penalty entailed by solutions at higher levels of abstraction.In large-scale networks of connected devices, attacks need to be counteracted at low cost down to individual nodes, which need to be identified or authenticated securely, and protect confidentiality and integrity of the data that is sensed, stored, processed and wirelessly exchanged. In many security-sensitive applications, physical attacks against individual chips need to be counteracted to truly enable an end-to-end chain of trust from nodes to cloud and actuation (i.e., always-on security). These requirements have motivated the on-going global research and development effort to assure hardware security at low cost and power penalty down to low-end devices (i.e., ubiquitous security).This paper provides a fresh overview of the fundamentals, the design requirements and the state of the art in primitives for HW security. Challenges and future directions are discussed using recent silicon demonstrations as case studies.
2020-02-17
Chowdhury, Mohammad Jabed Morshed, Colman, Alan, Kabir, Muhammad Ashad, Han, Jun, Sarda, Paul.  2019.  Continuous Authorization in Subject-Driven Data Sharing Using Wearable Devices. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :327–333.
Sharing personal data with other people or organizations over the web has become a common phenomena of our modern life. This type of sharing is usually managed by access control mechanisms that include access control model and policies. However, these models are designed from the organizational perspective and do not provide sufficient flexibility and control to the individuals. Therefore, individuals often cannot control sharing of their personal data based on their personal context. In addition, the existing context-aware access control models usually check contextual condition once at the beginning of the access and do not evaluate the context during an on-going access. Moreover, individuals do not have control to define how often they want to evaluate the context condition for an ongoing access. Wearable devices such as Fitbit and Apple Smart Watch have recently become increasingly popular. This has made it possible to gather an individual's real-time contextual information (e.g., location, blood-pressure etc.) which can be used to enforce continuous authorization to the individual's data resources. In this paper, we introduce a novel data sharing policy model for continuous authorization in subject-driven data sharing. A software prototype has been implemented employing a wearable device to demonstrate continuous authorization. Our continuous authorization framework provides more control to the individuals by enabling revocation of on-going access to shared data if the specified context condition becomes invalid.
2020-01-13
Li, Nan, Varadharajan, Vijay, Nepal, Surya.  2019.  Context-Aware Trust Management System for IoT Applications with Multiple Domains. 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS). :1138–1148.
The Internet of Things (IoT) provides connectivity between heterogeneous devices in different applications, such as smart wildlife, supply chain and traffic management. Trust management system (TMS) assesses the trustworthiness of service with respect to its quality. Under different context information, a service provider may be trusted in one context but not in another. The existing context-aware trust models usually store trust values under different contexts and search the closest (to a given context) record to evaluate the trustworthiness of a service. However, it is not suitable for distributed resource-constrained IoT devices which have small memory and low power. Reputation systems are applied in many trust models where trustor obtains recommendations from others. In context-based trust evaluation, it requires interactive queries to find relevant information from remote devices. The communication overhead and energy consumption are issues in low power networks like 6LoWPAN. In this paper, we propose a new context-aware trust model for lightweight IoT devices. The proposed model provides a trustworthiness overview of a service provider without storing past behavior records, that is, constant size storage. The proposed model allows a trustor to decide the significance of context items. This could result in distinctive decisions under the same trustworthiness record. We also show the performance of the proposed model under different attacks.
2019-11-26
Chollet, Stéphanie, Pion, Laurent, Barbot, Nicolas, Michel, Clément.  2018.  Secure IoT for a Pervasive Platform. 2018 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). :113-118.

Nowadays, the proliferation of smart, communication-enable devices is opening up many new opportunities of pervasive applications. A major requirement of pervasive applications is to be secured. The complexity to secure pervasive systems is to address a end-to-end security level: from the device to the services according to the entire life cycle of devices, applications and platform. In this article, we propose a solution combining both hardware and software elements to secure communications between devices and pervasive platform based on certificates issued from a Public Key Infrastructure. Our solution is implemented and validated with a real device extended by a secure element and our own Public Key Infrastructure.

2019-10-28
Trunov, Artem S., Voronova, Lilia I., Voronov, Vyacheslav I., Ayrapetov, Dmitriy P..  2018.  Container Cluster Model Development for Legacy Applications Integration in Scientific Software System. 2018 IEEE International Conference "Quality Management, Transport and Information Security, Information Technologies" (IT QM IS). :815–819.
Feature of modern scientific information systems is their integration with computing applications, providing distributed computer simulation and intellectual processing of Big Data using high-efficiency computing. Often these software systems include legacy applications in different programming languages, with non-standardized interfaces. To solve the problem of applications integration, containerization systems are using that allow to configure environment in the shortest time to deploy software system. However, there are no such systems for computer simulation systems with large number of nodes. The article considers the actual task of combining containers into a cluster, integrating legacy applications to manage the distributed software system MD-SLAG-MELT v.14, which supports high-performance computing and visualization of the computer experiments results. Testing results of the container cluster including automatic load sharing module for MD-SLAG-MELT system v.14. are given.
2019-01-31
Arfaoui, A., Kribeche, A., Boudia, O. R. M., Letaifa, A. Ben, Senouci, S. M., Hamdi, M..  2018.  Context-Aware Authorization and Anonymous Authentication in Wireless Body Area Networks. 2018 IEEE International Conference on Communications (ICC). :1–7.

With the pervasiveness of the Internet of Things (IoT) and the rapid progress of wireless communications, Wireless Body Area Networks (WBANs) have attracted significant interest from the research community in recent years. As a promising networking paradigm, it is adopted to improve the healthcare services and create a highly reliable ubiquitous healthcare system. However, the flourish of WBANs still faces many challenges related to security and privacy preserving. In such pervasive environment where the context conditions dynamically and frequently change, context-aware solutions are needed to satisfy the users' changing needs. Therefore, it is essential to design an adaptive access control scheme that can simultaneously authorize and authenticate users while considering the dynamic context changes. In this paper, we propose a context-aware access control and anonymous authentication approach based on a secure and efficient Hybrid Certificateless Signcryption (H-CLSC) scheme. The proposed scheme combines the merits of Ciphertext-Policy Attribute-Based Signcryption (CP-ABSC) and Identity-Based Broadcast Signcryption (IBBSC) in order to satisfy the security requirements and provide an adaptive contextual privacy. From a security perspective, it achieves confidentiality, integrity, anonymity, context-aware privacy, public verifiability, and ciphertext authenticity. Moreover, the key escrow and public key certificate problems are solved through this mechanism. Performance analysis demonstrates the efficiency and the effectiveness of the proposed scheme compared to benchmark schemes in terms of functional security, storage, communication and computational cost.

2019-01-21
Yu, Z., Du, H., Xiao, D., Wang, Z., Han, Q., Guo, B..  2018.  Recognition of Human Computer Operations Based on Keystroke Sensing by Smartphone Microphone. IEEE Internet of Things Journal. 5:1156–1168.

Human computer operations such as writing documents and playing games have become popular in our daily lives. These activities (especially if identified in a non-intrusive manner) can be used to facilitate context-aware services. In this paper, we propose to recognize human computer operations through keystroke sensing with a smartphone. Specifically, we first utilize the microphone embedded in a smartphone to sense the input audio from a computer keyboard. We then identify keystrokes using fingerprint identification techniques. The determined keystrokes are then corrected with a word recognition procedure, which utilizes the relations of adjacent letters in a word. Finally, by fusing both semantic and acoustic features, a classification model is constructed to recognize four typical human computer operations: 1) chatting; 2) coding; 3) writing documents; and 4) playing games. We recruited 15 volunteers to complete these operations, and evaluated the proposed approach from multiple aspects in realistic environments. Experimental results validated the effectiveness of our approach.