Computer Engineering Commons^™

Internet Applications Development Issues And Strategic Considerations, Róisín Faherty

The ITB Journal

This paper examines the development issues and strategic considerations involved in Internet Applications Development. The prevalent development environments are discussed highlighting their advantages and disadvantages. Issues regarding the development of Internet applications are viewed under the headings of human resource, organizational, technological, investment and Legal Issues. Lastly the paper gives an overview of the strategic implications for an organization considering the development of Internet Applications. These include security, quality and the look & feel of the application. This paper is not intended as a definitive resource on the area of Internet Applications Development, its aim is to highlight the areas …

A Survey Of Security And Privacy Challenges In Cloud Computing: Solutions And Future Directions, Yuhong Liu, Yan Lindsay Sun, Jungwoo Ryoo, Athanasios V. Vasilakos

Computer Science and Engineering

While cloud computing is gaining popularity, diverse security and privacy issues are emerging that hinder the rapid adoption of this new computing paradigm. And the development of defensive solutions is lagging behind. To ensure a secure and trustworthy cloud environment it is essential to identify the limitations of existing solutions and envision directions for future research. In this paper, we have surveyed critical security and privacy challenges in cloud computing, categorized diverse existing solutions, compared their strengths and limitations, and envisioned future research directions.

Modeling Security And Resource Allocation For Mobile Multi-Hop Wireless Neworks Using Game Theory, Laurent L. Y. Njilla

FIU Electronic Theses and Dissertations

This dissertation presents novel approaches to modeling and analyzing security and resource allocation in mobile ad hoc networks (MANETs). The research involves the design, implementation and simulation of different models resulting in resource sharing and security’s strengthening of the network among mobile devices. Because of the mobility, the network topology may change quickly and unpredictably over time. Moreover, data-information sent from a source to a designated destination node, which is not nearby, has to route its information with the need of intermediary mobile nodes. However, not all intermediary nodes in the network are willing to participate in data-packet transfer of …

From Physical Security To Cybersecurity, Arunesh Sinha, Thanh H. Nguyen, Debarun Kar, Matthew Brown, Milind Tambe, Albert Xin Jiang

Research Collection School Of Computing and Information Systems

Security is a critical concern around the world. In many domains from cybersecurity to sustainability, limited security resources prevent complete security coverage at all times. Instead, these limited resources must be scheduled (or allocated or deployed), while simultaneously taking into account the importance of different targets, the responses of the adversaries to the security posture, and the potential uncertainties in adversary payoffs and observations, etc. Computational game theory can help generate such security schedules. Indeed, casting the problem as a Stackelberg game, we have developed new algorithms that are now deployed over multiple years in multiple applications for scheduling of …

Toward The Systematization Of Active Authentication Research, Daniel Fleming Gerrity

Master's Theses

Authentication is the vital link between your real self and your digital self. As our digital selves become ever more powerful, the price of failing authentication grows. The most common authentication protocols are static data and employed only once at login. This allows for authentication to be spoofed just once to gain access to an entire user session. Behaviometric protocols continuously consume a user’s behavior as a token of authentication and can be applied throughout a session, thereby eliminating a fixed token to spoof. Research into these protocols as viable forms of authentication is relatively recent and is being conducted …

Pinpoint: Efficient And Effective Resource Isolation For Mobile Security And Privacy, Paul Ratazzi, Ashok Bommisetti, Nian Ji, Wenliang Du

Electrical Engineering and Computer Science - All Scholarship

Virtualization is frequently used to isolate untrusted processes and control their access to sensitive resources. However, isolation usually carries a price in terms of less resource sharing and reduced inter-process communication. In an open architecture such as Android, this price and its impact on performance, usability, and transparency must be carefully considered. Although previous efforts in developing general-purpose isolation solutions have shown that some of these negative sideeffects can be mitigated, doing so involves overcoming significant design challenges by incorporating numerous additional platform complexities not directly related to improved security. Thus, the general purpose solutions become inefficient and burdensome if …

Runtime Detection Of A Bandwidth Denial Attack From A Rogue Network-On-Chip, Rajesh Jayashankarashridevi

All Graduate Theses and Dissertations, Spring 1920 to Summer 2023

Chips with high computational power are the crux of today’s pervasive complex digital systems. Microprocessor circuits are evolving towards many core designs with the integration of hundreds of processing cores, memory elements and other devices on a single chip to sustain high performance computing while maintaining low design costs. Two decisive paradigm shifts in the semiconductor industry have made this evolution possible: (a) architectural and (b) organizational.

At the heart of the architectural innovation is a scalable high speed data communication structure, the network-on-chip (NoC). NoC is an interconnect network for the glueless integration of on-chip components in the …

Data Integrity Verification In Cloud Computing, Katanosh Morovat

Graduate Theses and Dissertations

Cloud computing is an architecture model which provides computing and storage capacity as a service over the internet. Cloud computing should provide secure services for users and owners of data as well. Cloud computing services are a completely internet-based technology where data are stored and maintained in the data center of a cloud provider. Lack of appropriate control over the data might incur several security issues. As a result, some data stored in the cloud must be protected at all times. These types of data are called sensitive data. Sensitive data is defined as data that must be protected against …

Cumulonimbus Computing Concerns: Information Security In Public, Private, And Hybrid Cloud Computing, Daniel Adams

Senior Honors Theses

Companies of all sizes operating in all markets are moving toward cloud computing for greater flexibility, efficiency, and cost savings. The decision of how to adopt the cloud is a question of major security concern due to the fact that control is relinquished over certain portions of the IT ecosystem. This thesis presents the position that the main security decision in moving to cloud computing is choosing which type of cloud to employ for each portion of the network – the hybrid cloud approach. Vulnerabilities that exist on a public cloud will be explored, and recommendations on decision factors will …

Cloud Enabled Attack Vectors, Ryan Jasper

Purdue Polytechnic Directed Projects

The purpose of this directed project and related research was to demonstrate and catalog a new attack vector that utilizes cloud managed infrastructure. Cloud computing is a recent trend that is creating significant hype in the IT sector. Being that cloud computing is a new theme in the computing world, there are many security concerns that remain unknown and unexplored. The product of this directed project provides a documented taxonomy of the new attack vector and how to mitigate risk from this kind of attack.

The new attack vector creates efficiencies throughout the lifecycle of an attack and greatly reduces …

Remote Mobile Screen (Rms): An Approach For Secure Byod Environments, Santiago Manuel Gimenez Ocano

Department of Computer Science and Engineering: Dissertations, Theses, and Student Research

Bring Your Own Device (BYOD) is a policy where employees use their own personal mobile devices to perform work-related tasks. Enterprises reduce their costs since they do not have to purchase and provide support for the mobile devices. BYOD increases job satisfaction and productivity in the employees, as they can choose which device to use and do not need to carry two or more devices.

However, BYOD policies create an insecure environment, as the corporate network is extended and it becomes harder to protect it from attacks. In this scenario, the corporate information can be leaked, personal and corporate spaces …

A Human-Centered Credit-Banking System For Convenient, Fair And Secure Carpooling Among Members Of An Association, H.-S. Jacob Tsao, Magdalini Eirinaki

Faculty Publications

This paper proposes an unconventional carpool-matching system concept that is different from existing systems with four innovative operational features: (F1) The proposed matching system will be used by members of an association and sponsored by the association, e.g., the employees of a company, members of a homeowner association, employees of a shopping center. This expands the scope beyond commute trips. Such associations can also voluntarily form alliances to increase the number of possible carpool partners and geographical reach. (F2) Service provided by a driver or received by a rider incurs credit or debt to a bank centrally and fairly managed …

Privacy Protection On Cloud Computing, Min Li

Theses and Dissertations

Cloud is becoming the most popular computing infrastructure because it can attract more and more traditional companies due to flexibility and cost-effectiveness. However, privacy concern is the major issue that prevents users from deploying on public clouds. My research focuses on protecting user's privacy in cloud computing. I will present a hardware-based and a migration-based approach to protect user's privacy. The root cause of the privacy problem is current cloud privilege design gives too much power to cloud providers. Once the control virtual machine (installed by cloud providers) is compromised, external adversaries will breach users’ privacy. Malicious cloud administrators are …

An Empirical Comparison Of Widely Adopted Hash Functions In Digital Forensics: Does The Programming Language And Operating System Make A Difference?, Satyendra Gurjar, Ibrahim Baggili, Frank Breitinger, Alice E. Fischer

Electrical & Computer Engineering and Computer Science Faculty Publications

Hash functions are widespread in computer sciences and have a wide range of applications such as ensuring integrity in cryptographic protocols, structuring database entries (hash tables) or identifying known files in forensic investigations. Besides their cryptographic requirements, a fundamental property of hash functions is efficient and easy computation which is especially important in digital forensics due to the large amount of data that needs to be processed when working on cases. In this paper, we correlate the runtime efficiency of common hashing algorithms (MD5, SHA-family) and their implementation. Our empirical comparison focuses on C-OpenSSL, Python, Ruby, Java on Windows and …

Design And Implementation Of Ir And Laser-Based Electronic Ciphering Systems, Feyzi̇ Akar, Osman Aşkin

Turkish Journal of Electrical Engineering and Computer Sciences

This paper describes the design and implementation of infrared (IR) and laser-based electronic ciphering systems for use in both indoor and outdoor wireless remote control applications. To communicate between a user and a lock module in a secure way, the proposed systems utilize IR and laser frequencies instead of radio frequencies. Each proposed system has its specific security design. A new communication protocol is also generated, which is compatible for use with IR and laser technologies. The proposed electronic ciphering systems' prototypes are realized together with software and hardware components. They are instrumented using the peripheral interface controller series microcontrollers. …

Rfid Card Security For Public Transportation Applications Based On A Novel Neural Network Analysis Of Cardholder Behavior Characteristics, Gürsel Düzenli̇

Turkish Journal of Electrical Engineering and Computer Sciences

This paper proposes a novel approach that applies neural network forecasting to security for closed-loop prepaid cards based on low-cost technologies such as RFID and 1-Wire. The security vulnerability of low-cost RFID closed-loop prepaid card systems originates mostly from the card itself. Criminal organizations counterfeit or clone card data. Although high-security prepaid cards exist, they are often too expensive for transport ticketing, and even their security is not guaranteed for a well-defined period of time. Therefore, data encryption systems are used widely against counterfeiting with success. However, it has not been possible to develop countermeasures with comparable success against cloning. …