The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Cloud users have little visibility into the performance characteristics and utilization of the physical machines underpinning the virtualized cloud resources they use. This uncertainty forces users and researchers to reverse engineer the inner workings of cloud systems in order to understand and optimize the conditions their applications operate. At Massachusetts Open Cloud (MOC), as a public cloud...
Millions of users harvest their personal information (photo, video, status) on different online social networks (OSNs). Hence, these rich repositories of sensitive information attract the eyes of adversary to launch variety of cyber attacks on OSN. Here we have identified all crucial threats on social network that may lead to severe risks. In this paper, we have formalized possible social network...
We present an analysis of how to determine security requirements for software that controls routing decisions in the distribution of discrete physical goods. Requirements are derived from stakeholder interests and threat scenarios. Three deployment scenarios are discussed: cloud and hybrid deployment as well as on-premise installation for legacy sites.
We investigate the possibility of covert and secret key generation over a discrete memoryless channel model with one way public discussion. Protocols are required to conceal not only the key but also whether a protocol is being implemented. For some models, we show that covert secret key generation is possible and characterize the covert secret key capacity in special cases; in particular, the covert...
Home automation has become increasingly popular, with new interconnected products being introduced on a regular basis. While the benefits of these devices are tantalizing, end users may not fully understand the complexities of setting up these devices, become frustrated with the process, or have incorrect installations. We performed an exploratory study to understand the barriers that they face in...
For a long time, the sensitivity and criticality of data storage, processing, and transmission have hindered the wide utilization of IT and networks in the health care systems. Recently, the high availability, reachability, reliability, efficiency, usability and automation provided by the different cloud computing models paved the way to integrate the e-health systems with these cloud services to...
Some companies are willing to execute their business processes (BP) in the cloud for enjoying its benefits. However, they are also reluctant because of the new security risks that using cloud resources introduces. Security risk includes many dimensions, but this work focus on preserving the privacy of the logic of a BP deployed in a multi-cloud context by preventing a coalition of malicious clouds...
Existence of several application specific network technologies like Sensor Networks, Cloud, Personal Area Networks (WPANs), Vehicular Networks (VANETs), Content Delivery Networks and Wifi operating oblivious to each other in the same ISM band creates numerous problems like contention for the same bandwidth leading to excessive collisions and hence lower throughput. This calls for a hybrid mesh framework...
Cameras and other sensors are increasingly deployed for private space monitoring applications such as home monitoring, assisted/enhanced living and child monitoring. Since these cameras capture highly sensitive information and transfer it over public communication infrastructures, security and privacy is a major concern. This work presents a secure camera device along with a secure data delivery and...
We show that it is possible to achieve information theoretic location privacy for secondary users (SUs) in database-driven cognitive radio networks (CRNs) with an end-to-end delay less than a second, which is significantly better than that of the existing alternatives offering only a computational privacy. This is achieved based on a keen observation that, by the requirement of Federal Communications...
Provides an abstract of the tutorial presentation and may include a brief professional biography of the presenter. The complete presentation was not made available for publication as part of the conference proceedings.
In the recent years, we have observed the development of several connected and mobile devices intended for daily use. This development has come with many risks that might not be perceived by the users. These threats are compromising when an unauthorized entity has access to private big data generated through the user objects in the Internet of Things. In the literature, many solutions have been proposed...
The use of Bluetooth Low Energy (BLE) recently became famous in crowd localization services. In this article we show that such service induces significant threats and we propose a scheme that achieves privacy preserving crowd localization. Crowd localization applications leverage all their users to perform periodic BLE scan and detect the nearby tracked devices. The users run a smartphone application...
Whenever users install a new application on their smart devices with an Android KitKat or Lollipop operating system they are asked to grant the application (app) provider access to features of the device, ranging from data storage to device location and from device identity to the users personal contacts. The implications on users' privacy and security are significant and therefore the users' ability...
The database-driven CRN has emerged as a promising solution for the spectrum scarcity issue. However, it also raises severe privacy concerns. Although there are some existing works on this topic, they are far from practical due to their restrict on particular database structures or extremely heavy computation and communication overhead. To address these issues, in this paper we develop two practical...
Development and operation of multi-cloud applications, i.e. applications which consume and orchestrate services from multiple independent Cloud Service Providers, are challenging topics nowadays. Systematically addressing security assurance in such applications is an additional issue, unsolved at state of art. This paper introduces the MUSA DevOps approach to holistic security assurance in multi-cloud...
With the spread of social networks and mobile applications (apps), the amount of sensitive information shared across Internet increased considerably. Although the majority of this information is encrypted, many apps still transmit sensitive data in plain text, e.g., using HTTP (HyperText Transfer Protocol). Seemingly trivial information, if collected together, can leak out important data about a user...
Third-party libraries (3PLs) are widely introduced into Android apps and they typically request permissions for their own functionalities. Current Android systems manage permissions in process (app) granularity. Hence, the host app and the 3PLs share the same permission set. 3PL-apps may therefore introduce security risks. Separating the permission sets of the 3PLs and those of the host app are critical...
Modern electronic healthcare (e-health) systems constitute collaborative environments in which patients' private health data are shared across multiple domains. In such environments, patients' privacy can be violated through the linkability of different user access sessions over patient health data. Therefore, enforcing anonymous as well as multi-session unlinkable access for the users in e-health...
Biometric R&D has to deal with personal data. From the Universal Declaration of Human Rights, privacy of a human being shall be protected, and this is addressed in different forms in each region of the world. In the case of the European Union, Data Protection Directives, Laws and Regulation have been established, and interpreted in different ways by each European Member State. Such a diversity...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.