Search results
1 – 10 of 93Hamed Khiabani, Norbik Bashah Idris and Jamalul-lail Ab Manan
Ambient service provisioning with the least human participation in a pervasive computing environment, which is composed of interconnected devices and sensors, raises several trust…
Abstract
Purpose
Ambient service provisioning with the least human participation in a pervasive computing environment, which is composed of interconnected devices and sensors, raises several trust and security issues. Accurate measuring of the integrity of the nodes that are willing to interact in this intimate environment can boost the trust evolution process, particularly in the uncertainty state and initiation phase. The paper aims to discuss these issues.
Design/methodology/approach
The paper presents a unified approach in calculating the trust value among the nodes by leveraging some trusted computing functionalities. The approach aggregates different trust metrics like context, recommendation, and history to compute the trust index of each party more accurately. The paper also describes several existing remote attestation techniques including the chosen attestation technique for the model. The paper simulated the behaviour of the model in different scenarios and evaluates its responsiveness when the trustworthiness among peer nodes can be attested.
Findings
The results obtained from different simulated scenarios demonstrate the usefulness of the proposed model. It is shown that trust evaluation process in the proposed model is very granular and also can be fine-tuned according to the application and context. The model strength in solving the uncertain situations and assigning appropriate initial trust values is shown, as well. Finally, the paper describes the future research plan to evaluate the accuracy of the model.
Originality/value
The novel idea of applying remote attestation in trust determination may open up new avenues of research in the study of trust management and trust models.
Details
Keywords
Lamya Abdullah and Juan Quintero
The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a…
Abstract
Purpose
The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is data privacy; hence, the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously.
Design/methodology/approach
An approach that avoids having to trust a single entity is proposed. This approach is based on two concepts: the technical abstraction of sealed computation, i.e. a technical mechanism to confine a privacy-aware processing of data within a tamper-proof hardware container, and the role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected.
Findings
Discussion and analysis of the abstract, technical and procedural requirements of these concepts and how they can be applied in practice are explained.
Originality/value
A preliminary version of this paper was published in the proceedings of the second International Workshop on SECurity and Privacy Requirements Engineering (SECPRE, 2018).
Details
Keywords
The purpose of this paper is to provide a technique that helps in completing the automation cycle in e‐government and e‐business transactions. Some e‐government and e‐business…
Abstract
Purpose
The purpose of this paper is to provide a technique that helps in completing the automation cycle in e‐government and e‐business transactions. Some e‐government and e‐business transactions require the physical intervention of a user or an employee to place a physical stamp or a hand signature on a document. This paper suggests a digital watermarking approach for online hand signatures and physical stamps. The suggested technique may be used by individuals or organizations to place hand signatures and stamps on remote documents.
Design/methodology/approach
The work started by surveying existing security protocols and authentication techniques. Digital watermarking techniques have then been deeply studied to investigate their security capabilities and effect on the performance of the system. A scenario‐based approach has then been used to derive a number of secure digital watermarking protocols that may be used to place remote physical signatures and stamps. The derived protocols were then audited and tested.
Findings
It is possible to design and build simple light watermarking protocols for placing authentic hand signatures and stamps on remote documents (online). The process is secure and reliable.
Practical implications
The suggested technique will greatly improve and speed e‐government and e‐business transactions.
Originality/value
According to one's own knowledge and the surveys so far conducted, the suggested system is the first of its kind.
Details
Keywords
Reports on the 14th Annual Conference on Computers, Freedom and Privacy, held in Berkeley, California in April 2004. Outlines the themes of the papers presented in the 12 plenary…
Abstract
Reports on the 14th Annual Conference on Computers, Freedom and Privacy, held in Berkeley, California in April 2004. Outlines the themes of the papers presented in the 12 plenary sessions.
Details
Keywords
Abdelaziz Amara Korba, Mehdi Nafaa and Salim Ghanemi
Wireless multi-hop ad hoc networks are becoming very attractive and widely deployed in many kinds of communication and networking applications. However, distributed and…
Abstract
Purpose
Wireless multi-hop ad hoc networks are becoming very attractive and widely deployed in many kinds of communication and networking applications. However, distributed and collaborative routing in such networks makes them vulnerable to various security attacks. This paper aims to design and implement a new efficient intrusion detection and prevention framework, called EIDPF, a host-based framework suitable for mobile ad hoc network’s characteristics such as high node’s mobility, resource-constraints and rapid topology change. EIDPF aims to protect an AODV-based network against routing attacks that could target such network.
Design/methodology/approach
This detection and prevention framework is composed of three complementary modules: a specification-based intrusion detection system to detect attacks violating the protocol specification, a load balancer to prevent fast-forwarding attacks such as wormhole and rushing and adaptive response mechanism to isolate malicious node from the network.
Findings
A key advantage of the proposed framework is its capacity to efficiently avoid fast-forwarding attacks and its real-time detection of both known and unknown attacks violating specification. The simulation results show that EIDPF exhibits a high detection rate, low false positive rate and no extra communication overhead compared to other protection mechanisms.
Originality/value
It is a new intrusion detection and prevention framework to protect ad hoc network against routing attacks. A key strength of the proposed framework is its ability to guarantee a real-time detection of known and unknown attacks that violate the protocol specification, and avoiding wormhole and rushing attacks by providing a load balancing route discovery.
Details
Keywords
Olesya A. Stroeva, Yuliia Zviagintceva, Elena Tokmakova, Elena Petrukhina and Oksana Polyakova
At present, the development of information technologies changes the whole system of public functioning. Special attention is paid to the system of higher education, as it forms…
Abstract
Purpose
At present, the development of information technologies changes the whole system of public functioning. Special attention is paid to the system of higher education, as it forms future highly qualified specialists, who will become the basis of digital economy. According to this, new remote technologies are implemented into the system of education each year, which are a basic prototype of smart technologies. The purpose of this paper is to determine the role of remote technologies in the development of the system of higher education and to form skills with the students.
Design/methodology/approach
Based on this, it is necessary to solve the following tasks: view the aspects, peculiarities and possibilities of remote education; distinguish the main tools of remote technologies in education; offer electronic final program as a remote method of evaluation of students’ knowledge.
Findings
In this study, the following methods are used: analysis, synthesis, logical method, abstraction and comparison. Scientific novelty consists in performing research in the sphere of significance and implementation of remote technologies in the system of higher education of the Russian Federation.
Originality/value
This research could be useful for public officers who form programs of development of higher education and for academic staff of higher educational establishments.
Details