Engineering Commons^™

Data Privacy And System Security For Banking And Financial Services Industry Based On Cloud Computing Infrastructure, Abhishek Mahalle, Jianming Yong, Xiaohui Tao, Jun Shen

Faculty of Engineering and Information Sciences - Papers: Part B

No abstract provided.

Who R U? Identity Theft And Unl Students, Marcia L. Dority Baker, Cheryl O'Dell

Information Technology Services: Publications

How can academic institutions help educate their students about the risks of identity theft? Or teach students to better understand how one’s online presence can hold so much joy and angst? For one campus, the University of Nebraska–Lincoln, the opportunity came from a middle school teacher engaging his students in a future problem-solving activity. UNL had the opportunity to create a 45-minute presentation on identity theft for local public school students who would be spending the day on campus researching this topic.

While preparing the presentation, we realized a top 10 list on identity theft for UNL students would be …

Emergent Ai, Social Robots And The Law: Security, Privacy And Policy Issues, Ramesh Subramanian

Journal of International Technology and Information Management

The rapid growth of AI systems has implications on a wide variety of fields. It can prove to be a boon to disparate fields such as healthcare, education, global logistics and transportation, to name a few. However, these systems will also bring forth far-reaching changes in employment, economy and security. As AI systems gain acceptance and become more commonplace, certain critical questions arise: What are the legal and security ramifications of the use of these new technologies? Who can use them, and under what circumstances? What is the safety of these systems? Should their commercialization be regulated? What are the …

An Exploration Of Mobile Device Security Artifacts At Institutions Of Higher Education, Amita Goyal Chin, Diania Mcrae, Beth H. Jones, Mark A. Harris

Journal of International Technology and Information Management

The explosive growth and rapid proliferation of smartphones and other mobile

devices that access data over communication networks has necessitated advocating

and implementing security constraints for the purpose of abetting safe computing.

Remote data access using mobile devices is particularly popular among students at

institutions of higher education. To ensure safe harbor for constituents, it is

imperative for colleges and universities to establish, disseminate, and enforce

mobile device security artifacts, where artifacts is defined as policies, procedures,

guidelines or other documented or undocumented protocols. The purpose of this

study is to explore the existence of, specific content of, and the …

Relations Between Robustness And Rka Security Under Public-Key Encryption, Hui Cui, Yi Mu, Man Ho Au

Faculty of Engineering and Information Sciences - Papers: Part A

We revisit the notions of robustness introduced by Abdalla, Bellare and Neven (TCC 2010), and related-key attack (RKA) security raised by Bellare, Cash and Miller (ASIACRYPT 2011). In the setting of public-key encryption (PKE), robustness means that it is hard to produce a ciphertext that is valid for two different users, while RKA security means that a PKE scheme is still secure even when an attacker can induce modifications in a decryption key, and subsequently observe the outcome of this PKE scheme under this modified key. In this paper, we explore the relationship between RKA security and various notions of …

Two-Factor Data Security Protection Mechanism For Cloud Storage System, Joseph K. Liu, Kaitai Liang, Willy Susilo, Jianghua Liu, Yang Xiang

Faculty of Engineering and Information Sciences - Papers: Part A

In this paper, we propose a two-factor data security protection mechanism with factor revocability for cloud storage system. Our system allows a sender to send an encrypted message to a receiver through a cloud storage server. The sender only needs to know the identity of the receiver but no other information (such as its public key or its certificate). The receiver needs to possess two things in order to decrypt the ciphertext. The first thing is his/her secret key stored in the computer. The second thing is a unique personal security device which connects to the computer. It is impossible …

A New Bio-Cryptosystem-Oriented Security Analysis Framework And Implementation Of Multibiometric Cryptosystems Based On Decision Level Fusion, Cai Li, Jiankun Hu, Josef Pieprzyk, Willy Susilo

Faculty of Engineering and Information Sciences - Papers: Part A

Biometric cryptosystems provide an innovative solution for cryptographic key generation, encryption as well as biometric template protection. Besides high authentication accuracy, a good biometric cryptosystem is expected to protect biometric templates effectively, which requires that helper data does not reveal significant information about the templates. Previous works predominantly follow an appropriate entropy definition to measure the security of biometric cryptosystems. In this paper, we point out limitations of entropy-based security analysis and propose a new security analysis framework that combines information-theoretic approach with computational security. In addition, we construct a fingerprint-based multibiometric cryptosystem using decision level fusion. Hash functions are …

Recent Advances In Security And Privacy In Big Data, Yong Yu, Yi Mu, Giuseppe Ateniese

Faculty of Engineering and Information Sciences - Papers: Part A

Big data has become an important topic in science, engineering, medicine, healthcare, finance, business and ultimately society itself. Big data refers to the massive amount of digital information stored or transmitted in computer systems. Approximately, 2.5 quintillion bytes of data are created every day. Almost 90% of data in the world today are created in the last two years alone. Security and privacy issues becomes more critical due to large volumes and variety, due to data hosted in large-scale cloud infrastructures, diversity of data sources and formats, streaming nature of data acquisition and high volume inter-cloud migration. In large-scale cloud …

On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo

Professor Willy Susilo

Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data …

Security Pitfalls Of An Efficient Threshold Proxy Signature Scheme For Mobile Agents, Yong Yu, Yi Mu, Willy Susilo, Man Ho Au

Professor Willy Susilo

A (t,n) threashold proxy signature scheme enables an original signer to delegate his/her signing power to n proxy signers such that any t or more proxy signers can sign messages on behalf of the original signer, but t-1 or less of them cannot produce a valid proxy signature. Based on the RSA cryptosystem, Hong proposed an efficient (t,n) threshold proxy signature for mobile agents. Cai et al. found that the scheme due to Hong is proxy-unprotected , meaning that the original signer can generate a valid proxy signature by himself. However, it is unclear whether the scheme can be used …

Lll For Ideal Lattices Re-Evaluation Of The Security Of Gentry-Halevi's Fhe Scheme, Thomas Plantard, Willy Susilo, Zhenfei Zhang

Faculty of Engineering and Information Sciences - Papers: Part A

The LLL algorithm, named after its inventors, Lenstra, Lenstra and Lovász, is one of themost popular lattice reduction algorithms in the literature. In this paper, we propose the first variant of LLL algorithm that is dedicated for ideal lattices, namely, the iLLL algorithm. Our iLLL algorithm takes advantage of the fact that within LLL procedures, previously reduced vectors can be re-used for further reductions. Using this method, we prove that the iLLL is at least as fast as the LLL algorithm, and it outputs a basis with the same quality. We also provide a heuristic approach that accelerates the re-use …

On The Security Of Text-Based 3d Captchas, Vu Duc Nguyen, Yang-Wai Chow, Willy Susilo

Faculty of Engineering and Information Sciences - Papers: Part A

CAPTCHAs have become a standard security mechanism that are used to deter automated abuse of online services intended for humans. However, many existing CAPTCHA schemes to date have been successfully broken. As such, a number of CAPTCHA developers have explored alternative methods of designing CAPTCHAs. 3D CAPTCHAs is a design alternative that has been proposed to overcome the limitations of traditional CAPTCHAs. These CAPTCHAs are designed to capitalize on the human visual system's natural ability to perceive 3D objects from an image. The underlying security assumption is that it is difficult for a computer program to identify the 3D content. …

Distribution Expansion Planning Considering Reliability And Security Of Energy Using Modified Pso (Particle Swarm Optimization) Algorithm, Jamshid Aghaei, Kashem M. Muttaqi, Ali Azizivahed, Mohsen Gitizadeh

Faculty of Engineering and Information Sciences - Papers: Part A

Distribution feeders and substations need to provide additional capacity to serve the growing electrical demand of customers without compromising the reliability of the electrical networks. Also, more control devices, such as DG (Distributed Generation) units are being integrated into distribution feeders. Distribution networks were not planned to host these intermittent generation units before construction of the systems. Therefore, additional distribution facilities are needed to be planned and prepared for the future growth of the electrical demand as well as the increase of network hosting capacity by DG units. This paper presents a multiobjective optimization algorithm for the MDEP (Multi-Stage Distribution …

On The Security Of Auditing Mechanisms For Secure Cloud Storage, Yong Yu, Lei Niu, Guomin Yang, Yi Mu, Willy Susilo

Faculty of Engineering and Information Sciences - Papers: Part A

Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data …

Security Pitfalls Of An Efficient Threshold Proxy Signature Scheme For Mobile Agents, Yong Yu, Yi Mu, Willy Susilo, Man Ho Au

Faculty of Engineering and Information Sciences - Papers: Part A

A (t,n) threashold proxy signature scheme enables an original signer to delegate his/her signing power to n proxy signers such that any t or more proxy signers can sign messages on behalf of the original signer, but t-1 or less of them cannot produce a valid proxy signature. Based on the RSA cryptosystem, Hong proposed an efficient (t,n) threshold proxy signature for mobile agents. Cai et al. found that the scheme due to Hong is proxy-unprotected , meaning that the original signer can generate a valid proxy signature by himself. However, it is unclear whether the scheme can be used …

Optimal Allocation Of Reactive Power Resources To Minimise Losses And Maintain System Security, Eknath Vittal, Lasantha Meegahapola, Damian Flynn, Andrew Keane

Dr Lasantha G Meegahapola

Modern doubly-fed induction generator (DFIG) wind turbines have significant reactive power control capability, even during low wind speed conditions. This can improve system security by providing terminal voltage control at buses in the system. Generally, such control employs the full range of reactive power production from the turbine which can lead to increased system losses. By utilizing optimal power flow analysis, and limiting the range of reactive power production at certain wind farms, system losses can be minimized. If the reactive power of the wind farms are optimized to achieve the minimum system losses this may adversely affect the voltage …

Voltage Security Constrained Reactive Power Optimization Incorporating Wind Generation, L G. Meegahapola, E Vittal, A Keane, D Flynn

Dr Lasantha G Meegahapola

This paper presents a comparative analysis between conventional optimal power flow (OPF) and voltage constrained OPF strategies with wind generation. The study has been performed using the New England 39 bus system with 12 doublyfed induction generator (DFIG) based wind farms installed across the network. A voltage security assessment is carried out to determine the critical wind farms for voltage stability enhancement. The power losses and individual wind farm reactive power generation have been compared with and without voltage stability constraints imposed on the OPF simulation. It is shown that voltage constrained OPF leads to much greater active power losses …

Security Analysis Of A Single Sign-On Mechanism For Distributed Computer Networks, Guilin Wang, Jiangshan Yu, Qi Xie

Faculty of Engineering and Information Sciences - Papers: Part A

Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential to be authenticated by multiple service providers in a distributed computer network. Recently, Chang and Lee proposed a new SSO scheme and claimed its security by providing well-organized security arguments. In this paper, however, we demonstrative that their scheme is actually insecure as it fails to meet credential privacy and soundness of authentication. Specifically, we present two impersonation attacks. The first attack allows a malicious service provider, who has successfully communicated with a legal user twice, to recover the user's credential and then …

On Security Of A Certificateless Signcryption Scheme, Songqin Miao, Futai Zhang, Sujuan Li, Yi Mu

Faculty of Engineering and Information Sciences - Papers: Part A

It would be interesting if a signcryption scheme in the standard model could be made certificateless. One of the interesting attempts is due to Liu et al. [Z. Liu, Y. Hu, X. Zhang, H. Ma, Certificateless signcryption scheme in the standard model, Information Sciences 180 (3) (2010) 452-464]. In this paper, we provide a cryptanalysis on this scheme by depicting two kinds of subtle public key replacement attacks against it. Our analysis reveals that it does not meet the basic requirements of confidentiality and non-repudiation.

Security Analysis Of A Distributed Reprogramming Protocol For Wireless Sensor Networks, Yong Yu, Jianbing Ni, Ying Sun

Faculty of Engineering and Information Sciences - Papers: Part A

Reprogramming for wireless sensor networks is essential to upload new code or to alter the functionality of existing code. To overcome the weakness of the centralized approach of the traditional solutions, He et al. proposed the notion of distributed reprogramming where multiple authorized network users are able to reprogram sensor nodes without involving the base station. They also gave a novel distributed reprogramming protocol called SDRP by using identity-based signature, and provided a comprehensive security analysis for their protocol. In this letter, unfortunately, we demonstrate that SDRP is insecure as the protocol fails to satisfy the property of authenticity and …

Cil Security Proof For A Password-Based Key Exchange, Cristian Ene, Clementine Gritti, Yassine Lakhnech

Faculty of Engineering and Information Sciences - Papers: Part A

Computational Indistinguishability Logic (CIL) is a logic for reasoning about cryptographic primitives in computational model. It is sound for standard model, but also supports reasoning in the random oracle and other idealized models. We illustrate the benefits of CIL by formally proving the security of a Password-Based Key Exchange (PBKE) scheme, which is designed to provide entities communicating over a public network and sharing a short password, under a session key.

A Ciphertext-Policy Attribute-Based Proxy Re-Encryption With Chosen-Ciphertext Security, Kaitai Liang, Liming Fang, Willy Susilo, Duncan S. Wong

Faculty of Engineering and Information Sciences - Papers: Part A

Cipher text-Policy Attribute-Based Proxy Re-Encryption (CP-ABPRE) extends the traditional Proxy Re-Encryption (PRE) by allowing a semi-trusted proxy to transform a cipher text under an access policy to the one with the same plaintext under another access policy (i.e. attribute-based re-encryption). The proxy, however, learns nothing about the underlying plaintext. CP-ABPRE has many real world applications, such as fine-grained access control in cloud storage systems and medical records sharing among different hospitals. Previous CP-ABPRE schemes leave how to be secure against Chosen-Cipher text Attacks (CCA) as an open problem. This paper, for the first time, proposes a new CP-ABPRE to tackle …

Mip-Based Stochastic Security-Constrained Daily Hydrothermal Generation Scheduling, J Aghaei, M Karami, K M. Muttaqi, A Ahmadi, H A. Shayanfar

Faculty of Engineering and Information Sciences - Papers: Part A

This paper presents the application of a mixedinteger programming (MIP) approach for solving stochastic security-constrained daily hydrothermal generation scheduling (SCDHGS). Power system uncertainties including generating units and branch contingencies and load uncertainty are explicitly considered in the stochastic programming of SCDHGS. The roulette wheel mechanism and lattice Monte Carlo simulation (LMCS) are first employed for random scenario generation wherein the stochastic SCDHGS procedure is converted into its respective deterministic equivalents (scenarios). Then, the generating units are scheduled through MIP over the set of deterministic scenarios for the purpose of minimizing the cost of supplying energy and ancillary services over the …

Privacy Issues And Solutions In Social Network Sites, Xi Chen, Katina Michael

Associate Professor Katina Michael

The boom of the internet and the explosion of new technologies have brought with them new challenges and thus new connotations of privacy. Clearly, when people deal with e-government and e-business, they do not only need the right to be let alone, but also to be let in secret. Not only do they need freedom of movement, but also to be assured of the secrecy of their information. Solove [6] has critiqued traditional definitions of privacy and argued that they do not address privacy issues created by new online technologies. Austin [7] also asserts: “[w]e do need to sharpen and …

Book Review: Handbook On Securing Cyber-Physical Critical Infrastructure: Foundations And Challenges (Written By Sajal K. Das, Krishna Kant, Nan Zhang), Katina Michael

Professor Katina Michael

This 800+ page handbook is divided into eight parts and contains thirty chapters, ideal for either an advanced undergraduate or graduate course in security. At the heart of this handbook is how we might go about managing both physical and cyber infrastructures, as they continue to become embedded and enmeshed, through advanced control systems, and new computing and communications paradigms.

Book Review Of Hacking: The Next Generation (Written By Nitesh Dhanjani, Billy Rios & Brett Hardin), Katina Michael

Professor Katina Michael

Hacking: The Next Generation demonstrates just how hackers continue to exploit “back doors”. New ways of working and new ways of communicating have meant that the number of attack vectors continue to rise rapidly. This provides hackers with a greater number of opportunities to penetrate systems using blended approaches while organizations struggle to come up to speed with the latest technology developments and commensurate security capabilities. Dealing with anticipated threats is a lot harder than dealing with known threats.

Book Review: Securing The Cloud: Cloud Computer Security Techniques And Tactics, Katina Michael

Associate Professor Katina Michael

With so much buzz around Cloud Computing, books like this one written by Winkler are much in demand. Winkler’s experience in the computing business shines through and as readers we are spoiled with a great deal of useful strategic information- a jam packed almost 300 page volume on securing the cloud.

Book Review: Security Risk Management: Building An Information Security Risk Management Program From The Ground Up, Katina Michael

Associate Professor Katina Michael

In an age of outsourcing tasks that are not considered to be a core competency of the business, organisations have often relied on external consultants for matters pertaining to security. In actual fact, most companies could have utilized existing skill-sets in-house to produce a security risk management program, if only they knew what steps to take, and how to go about it all. Evan Wheeler in his book on information security risk management does just that- he equips professionals tasked with security, with the thinking required to create a program that is more preoccupied with the complex strategic-level questions than …

Voltage Security Constrained Reactive Power Optimization Incorporating Wind Generation, L G. Meegahapola, E Vittal, A Keane, D Flynn

Faculty of Engineering and Information Sciences - Papers: Part A

This paper presents a comparative analysis between conventional optimal power flow (OPF) and voltage constrained OPF strategies with wind generation. The study has been performed using the New England 39 bus system with 12 doublyfed induction generator (DFIG) based wind farms installed across the network. A voltage security assessment is carried out to determine the critical wind farms for voltage stability enhancement. The power losses and individual wind farm reactive power generation have been compared with and without voltage stability constraints imposed on the OPF simulation. It is shown that voltage constrained OPF leads to much greater active power losses …

Rough Consensus And Running Code: Integrating Engineering Principles Into Internet Policy Debates, Christopher S. Yoo

All Faculty Scholarship

This is the introduction to a symposium issue for a conference designed to bring the engineering community, policymakers, legal academics, and industry participants together in an attempt to provide policymakers with a better understanding of the Internet’s technical aspects and to explore emerging issues of particular importance to current broadband policy.