Engineering Commons^™

An Optimized And Scalable Blockchain-Based Distributed Learning Platform For Consumer Iot, Zhaocheng Wang, Xueying Liu, Xinming Shao, Abdullah Alghamdi, Md. Shirajum Munir, Sujit Biswas

School of Cybersecurity Faculty Publications

Consumer Internet of Things (CIoT) manufacturers seek customer feedback to enhance their products and services, creating a smart ecosystem, like a smart home. Due to security and privacy concerns, blockchain-based federated learning (BCFL) ecosystems can let CIoT manufacturers update their machine learning (ML) models using end-user data. Federated learning (FL) uses privacy-preserving ML techniques to forecast customers' needs and consumption habits, and blockchain replaces the centralized aggregator to safeguard the ecosystem. However, blockchain technology (BCT) struggles with scalability and quick ledger expansion. In BCFL, local model generation and secure aggregation are other issues. This research introduces a novel architecture, emphasizing …

Improvement On Pdp Evaluation Performance Based On Neural Networks And Sgdk-Means Algorithm, Fan Deng, Houbing Song, Zhenhua Yu, Liyong Zhang, Xi Song, Min Zhang, Zhenyu Zhang, Yu Mei

Publications

With the purpose of improving the PDP (policy decision point) evaluation performance, a novel and efficient evaluation engine, namely XDNNEngine, based on neural networks and an SGDK-means (stochastic gradient descent K-means) algorithm is proposed. We divide a policy set into different clusters, distinguish different rules based on their own features and label them for the training of neural networks by using the K-means algorithm and an asynchronous SGDK-means algorithm. Then, we utilize neural networks to search for the applicable rule. A quantitative neural network is introduced to reduce a server’s computational cost. By simulating the arrival of requests, XDNNEngine is …

Securing The Internet Of Things Communication Using Named Data Networking Approaches, Sanjeev Kaushik Ramani

FIU Electronic Theses and Dissertations

The rapid advancement in sensors and their use in devices has led to the drastic increase of Internet-of-Things (IoT) device applications and usage. A fundamental requirement of an IoT-enabled ecosystem is the device’s ability to communicate with other devices, humans etc. IoT devices are usually highly resource constrained and come with varying capabilities and features. Hence, a host-based communication approach defined by the TCP/IP architecture relying on securing the communication channel between the hosts displays drawbacks especially when working in a highly chaotic environment (common with IoT applications). The discrepancies between requirements of the application and the network supporting the …

Agent-Based Semantic Role Mining For Intelligent Access Control In Multi-Domain Collaborative Applications Of Smart Cities, Rubina Ghazal, Ahmad Kamran Malik, Basit Raza, Nauman Qadeer, Nafees Qamar, Sajal Bhatia

School of Computer Science & Engineering Faculty Publications

Significance and popularity of Role-Based Access Control (RBAC) is inevitable; however, its application is highly challenging in multi-domain collaborative smart city environments. The reason is its limitations in adapting the dynamically changing information of users, tasks, access policies and resources in such applications. It also does not incorporate semantically meaningful business roles, which could have a diverse impact upon access decisions in such multi-domain collaborative business environments. We propose an Intelligent Role-based Access Control (I-RBAC) model that uses intelligent software agents for achieving intelligent access control in such highly dynamic multi-domain environments. The novelty of this model lies in using …

Design And Implementation Of Path Finding And Verification In The Internet, Hao Cai

Doctoral Dissertations

In the Internet, network traffic between endpoints typically follows one path that is determined by the control plane. Endpoints have little control over the choice of which path their network traffic takes and little ability to verify if the traffic indeed follows a specific path. With the emergence of software-defined networking (SDN), more control over connections can be exercised, and thus the opportunity for novel solutions exists. However, there remain concerns about the attack surface exposed by fine-grained control, which may allow attackers to inject and redirect traffic. To address these opportunities and concerns, we consider two specific challenges: (1) …

Novel Access Control And Interference Alignment Based Mimo Link Scheduling Algorithm, Zui Xiong, Keren Wang, Jin Hu, Xu Yun

Journal of System Simulation

Abstract: Interference alignment (IA) attracts global attention for its capability of improving the throughput of MIMO systems. To ensure the system stability, researchers proposed access control and IA combined in link scheduling. In order to compensate for the deficiency of minimum interference leakage IA (MinL-IA) algorithm in terms of the expected signal gain, an alternative IA algorithm named MaxSINR-IA combined with access control was applied, and a novel semi-distributed scheduling algorithm（SDSIA-MaxSINR） algorithm was proposed. The theoretical analysis and simulation results demonstrate that SDSIA-MaxSINR algorithm is evidently superior to SDSIA-MinL algorithm in a higher SINR requirement, although MaxSINR-IA is inferior to …

Attribute-Based Encryption With Expressive And Authorized Keyword Search, Hui Cui, Robert H. Deng, Joseph K. Liu, Yingjiu Li

Research Collection School Of Computing and Information Systems

To protect data security and privacy in cloud storage systems, a common solution is to outsource data in encrypted forms so that the data will remain secure and private even if storage systems are compromised. The encrypted data, however, must be pliable to search and access control. In this paper, we introduce a notion of attribute-based encryption with expressive and authorized keyword search (ABE-EAKS) to support both expressive keyword search and fine-grained access control over encrypted data in the cloud. In ABE-EAKS, every data user is associated with a set of attributes and is issued a private attribute-key corresponding to …

Design And Implementation Of Digital Information Security For Physical Documents, Pengcheng Wang

Masters Theses

The objective of this thesis is to improve the security for physical paper documents. Providing information security has been difficult in environments that rely on physical paper documents to implement business processes. Our work presents the design of a digital information security system for paper documents, called "CryptoPaper", that uses 2-dimensional codes to represent data and its security properties on paper. A special scanner system is designed for "CryptoPaper" which uses image recognition techniques and cloud-based access control to display plaintext of encrypted and encoded data to authorized users.

An Efficient Certificateless Encryption For Secure Data Sharing In Public Clouds, Seung-Hyun Seo, Mohamed Yoosuf Mohamed Nabeel, Xiaoyu Ding, Elisa Bertino

Cyber Center Publications

We propose a mediated certificateless encryption scheme without pairing operations for securely sharing sensitive information in public clouds. Mediated certificateless public key encryption (mCL-PKE) solves the key escrow problem in identity based encryption and certificate revocation problem in public key cryptography. However, existing mCL-PKE schemes are either inefficient because of the use of expensive pairing operations or vulnerable against partial decryption attacks. In order to address the performance and security issues, in this paper, we first propose a mCL-PKE scheme without using pairing operations. We apply our mCL-PKE scheme to construct a practical solution to the problem of sharing sensitive …

Perceived Barriers For Implanting Microchips In Humans: A Transnational Study, Christine Perakslis, Katina Michael, M.G. Michael, Robert Gable

Professor Katina Michael

This quantitative, descriptive study investigated if there was a relationship between countries of residence of small business owners (N = 453) within four countries (Australia, India, UK, and the USA) with respect to perceived barriers to RFID (radio frequency identification) transponders being implanted into humans for employee ID. Participants were asked what they believed were the greatest barriers in instituting chip implants for access control in organizations. Participants had six options from which to select. There were significant chi-square analyses reported relative to respondents’ countries and: 1) a perceived barrier of technological issues (χ2 = 11.86, df = 3, p …

A Systematic Security Evaluation Of Android’S Multi-User Framework, Edward Paul Ratazzi, Yousra Aafer, Amit Ahlawat, Hao Hao, Yifei Wang, Wenliang Du

Electrical Engineering and Computer Science - All Scholarship

Like many desktop operating systems in the 1990s, Android is now in the process of including support for multiuser scenarios. Because these scenarios introduce new threats to the system, we should have an understanding of how well the system design addresses them. Since the security implications of multi-user support are truly pervasive, we developed a systematic approach to studying the system and identifying problems. Unlike other approaches that focus on specific attacks or threat models, ours systematically identifies critical places where access controls are not present or do not properly identify the subject and object of a decision. Finding these …

Prevention And Detection Of Intrusions In Wireless Sensor Networks, Ismail Butun

USF Tampa Graduate Theses and Dissertations

Wireless Sensor Networks (WSNs) continue to grow as one of the most exciting and challenging research areas of engineering. They are characterized by severely constrained computational and energy

resources and also restricted by the ad-hoc network operational

environment. They pose unique challenges, due to limited power

supplies, low transmission bandwidth, small memory sizes and limited energy. Therefore, security techniques used in traditional networks cannot be directly adopted. So, new ideas and approaches are needed, in order to increase the overall security of the network. Security applications in such resource constrained WSNs with minimum overhead provides significant challenges, and is the …

Indian Millennials: Are Microchip Implants A More Secure Technology For Identification And Access Control?, Christine Perakslis, Katina Michael

Associate Professor Katina Michael

This mixed methods study with a sequential explanatory strategy explored qualitatively the statistically significant quantitative findings relative to Indian respondents’ perceptions about RFID (radio frequency identification) transponders implanted into the human body. In the first analysis phase of the study, there was a significant chi-square analysis reported (χ2 = 56.64, df = 3, p = .000) relative to the perception of small business owners (N = 453) that implanted chips are a more secure form of identification and/or access control in organizations and the respondents’ country of residence. Countries under study included Australia, India, the UK and US. The country …

Multihierarchical Documents And Fine-Grained Access Control, Neil Moore

Theses and Dissertations--Computer Science

This work presents new models and algorithms for creating, modifying, and controlling access to complex text. The digitization of texts opens new opportunities for preservation, access, and analysis, but at the same time raises questions regarding how to represent and collaboratively edit such texts. Two issues of particular interest are modelling the relationships of markup (annotations) in complex texts, and controlling the creation and modification of those texts. This work addresses and connects these issues, with emphasis on data modelling, algorithms, and computational complexity; and contributes new results in these areas of research.

Although hierarchical models of text and markup …

Location Constraints In Digital Rights Management, Adam Muhlbauer, Reihaneh Safavi-Naini, Farzad Salim, Nicholas Paul Sheppard, Martin Jan Surminen

Reihaneh Safavi-Naini

Digital rights management allows information owners to control the use and dissemination of electronic documents via a machine-readable licence. This paper describes the design and implementation of a system for creating and enforcing licences containing location constraints that can be used to restrict access to sensitive documents to a defined area. Documents can be loaded onto a portable device and used in the approved areas, but cannot be used if the device moves to another area. Our contribution includes a taxonomy for access control in the presence of requests to perform non-instantaneous controlled actions.

Prox-Rbac: A Proximity-Based Spatially Aware Rbac, Michael Kirkpatrick, Maria Luisa Damiani, Elisa Bertino

Cyber Center Publications

As mobile computing devices are becoming increasingly dominant in enterprise and government organizations, the need for fine-grained access control in these environments continues to grow. Specifically, advanced forms of access control can be deployed to ensure authorized users can access sensitive resources only when in trusted locations. One technique that has been proposed is to augment role-based access control (RBAC) with spatial constraints. In such a system, an authorized user must be in a designated location in order to exercise the privileges associated with a role. In this work, we extend spatially aware RBAC systems by defining the notion of …

Protection Models For Web Applications, Karthick Jayaraman

Electrical Engineering and Computer Science - Dissertations

Early web applications were a set of static web pages connected to one another. In contrast, modern applications are full-featured programs that are nearly equivalent to desktop applications in functionality. However, web servers and web browsers, which were initially designed for static web pages, have not updated their protection models to deal with the security consequences of these full-featured programs. This mismatch has been the source of several security problems in web applications.

This dissertation proposes new protection models for web applications. The design and implementation of prototypes of these protection models in a web server and a web browser …

Identity Management To Support Access Control In E-Health Systems, Xu Chen, Damon Berry, William Grimson

Conference Papers

The related and often challenging topics of identity management and access control form an essential foundation for e-health infrastructure. Several approaches and supporting specifications for electronic healthcare record system (EHR-S) communication have been proposed by research projects and standards development organizations in recent years. For instance, part four of the CEN TC251 EN13606 EHRcom standard and the HL7 Role Based Access Control Draft Standard for Trial Use have helped to specify the nature of access control behaviour in relation to EHR communication within and between healthcare organisations. Access control services are a core component not only of the integrated care …

Escudo: A Fine-Grained Protection Model For Web Browsers, Karthick Jayaraman, Wenliang Du, Balamurugan Rajagopalan, Steve J. Chapin

Electrical Engineering and Computer Science - All Scholarship

Web applications are no longer simple hyperlinked documents. They have progressively evolved to become highly complex---web pages combine content from several sources (with varying levels of trustworthiness), and incorporate significant portions of client-side code. However, the prevailing web protection model, the same-origin policy, has not adequately evolved to manage the security consequences of this additional complexity. As a result, web applications have become attractive targets of exploitation. We argue that this disconnection between the protection needs of modern web applications and the protection models used by web browsers that manage those applications amounts to a failure of access control. In …

Location Constraints In Digital Rights Management, Adam Muhlbauer, Reihaneh Safavi-Naini, Farzad Salim, Nicholas Paul Sheppard, Martin Jan Surminen

Faculty of Informatics - Papers (Archive)

Digital rights management allows information owners to control the use and dissemination of electronic documents via a machine-readable licence. This paper describes the design and implementation of a system for creating and enforcing licences containing location constraints that can be used to restrict access to sensitive documents to a defined area. Documents can be loaded onto a portable device and used in the approved areas, but cannot be used if the device moves to another area. Our contribution includes a taxonomy for access control in the presence of requests to perform non-instantaneous controlled actions.

Data Security Measures In The It Service Industry: A Balance Between Knowledge & Action, N. Mlitwa, Y. Kachala

Journal of Digital Forensics, Security and Law

That “knowledge is power” is fast becoming a cliché within the intelligentsia. Such power however, depends largely on how knowledge itself is exchanged and used, which says a lot about the tools of its transmission, exchange, and storage. Information and communication technology (ICT) plays a significant role in this respect. As a networked tool, it enables efficient exchanges of video, audio and text data beyond geographical and time constraints. Since this data is exchanged over the worldwide web (www), it can be accessible by anyone in the world using the internet. The risk of unauthorised access, interception, modification, or even …

New Access Control Technologies: Biometric Identification, Purdue Ect Team

ECT Fact Sheets

Biometrics are computerized methods of recognizing people based on physical or behavioral characteristics. The main biometric technologies include face recognition, fingerprint, hand geometry, iris, palm prints, signature and voice. Biometric technologies can work in two modes – authentication (one-to-one matching) and identification (one-to-many) matching. However, only three biometrics are capable of the latter – face, finger and iris.

A Tool For Evaluating Access Control On High Speed Urban Arterials, Part I, Henry C. Brown, Samuel Labi, Andrzej P. Tarko, Jon D. Fricker

JTRP Technical Reports

A highway system serves two needs: mobility and accessibility. Access control techniques are used to restrict access to the highway and improve vehicle flow. The objective of this research was to develop a comprehensive procedure to evaluate access control alternatives. The procedure includes the design and quantitative evaluation of alternatives to select the best one. Evaluation of each alternative includes prediction of turning volumes, delays, crash rates, and economic effectiveness. Several existing models predict traffic delays for signalized intersections and for minor streams at unsignalized intersections. Models are needed to predict delays of arterial streams caused by minor streams at …

A Tool For Evaluating Access Control On High Speed Urban Arterials, Part Ii: User's Manual, Henry C. Brown, Samuel Labi, Andrzej P. Tarko, Jon D. Fricker

JTRP Technical Reports

A highway system serves two needs: mobility and accessibility. Access control techniques are used to restrict access to the highway and improve vehicle flow. The objective of this research was to develop a comprehensive procedure to evaluate access control alternatives. The procedure includes the design and quantitative evaluation of alternatives to select the best one. Evaluation of each alternative includes prediction of turning volumes, delays, crash rates, and economic effectiveness. Several existing models predict traffic delays for signalized intersections and for minor streams at unsignalized intersections. Models are needed to predict delays of arterial streams caused by minor streams at …

Access Control For Local Roads And Streets In Small Cities And Rural Areas, Hussein F. Dia, Jon Fricker

Indiana Local Technical Assistance Program (LTAP) Publications

This manual is a response to the need expressed by local public officials in small cities and rural areas for a single reference book on the subject. A variety of scattered references have been combined into a single volume with small communities in mind. The authors hope that this manual will be of value to street commissioners, road supervisors, and city and county engineers throughout Indiana.