Physical Sciences and Mathematics Commons^™

Book Review: Securing The Cloud: Cloud Computer Security Techniques And Tactics, Katina Michael

Associate Professor Katina Michael

With so much buzz around Cloud Computing, books like this one written by Winkler are much in demand. Winkler’s experience in the computing business shines through and as readers we are spoiled with a great deal of useful strategic information- a jam packed almost 300 page volume on securing the cloud.

Book Review: Security Risk Management: Building An Information Security Risk Management Program From The Ground Up, Katina Michael

Associate Professor Katina Michael

In an age of outsourcing tasks that are not considered to be a core competency of the business, organisations have often relied on external consultants for matters pertaining to security. In actual fact, most companies could have utilized existing skill-sets in-house to produce a security risk management program, if only they knew what steps to take, and how to go about it all. Evan Wheeler in his book on information security risk management does just that- he equips professionals tasked with security, with the thinking required to create a program that is more preoccupied with the complex strategic-level questions than …

Networking And Security Solutions For Vanet Initial Deployment Stage, Baber Aslam

Electronic Theses and Dissertations

Vehicular ad hoc network (VANET) is a special case of mobile networks, where vehicles equipped with computing/communicating devices (called "smart vehicles") are the mobile wireless nodes. However, the movement pattern of these mobile wireless nodes is no more random, as in case of mobile networks, rather it is restricted to roads and streets. Vehicular networks have hybrid architecture; it is a combination of both infrastructure and infrastructure-less architectures. The direct vehicle to vehicle (V2V) communication is infrastructure-less or ad hoc in nature. Here the vehicles traveling within communication range of each other form an ad hoc network. On the other …

Cloud Computing: Architectural And Policy Implications, Christopher S. Yoo

All Faculty Scholarship

Cloud computing has emerged as perhaps the hottest development in information technology. Despite all of the attention that it has garnered, existing analyses focus almost exclusively on the issues that surround data privacy without exploring cloud computing’s architectural and policy implications. This article offers an initial exploratory analysis in that direction. It begins by introducing key cloud computing concepts, such as service-oriented architectures, thin clients, and virtualization, and discusses the leading delivery models and deployment strategies that are being pursued by cloud computing providers. It next analyzes the economics of cloud computing in terms of reducing costs, transforming capital expenditures …

On The Applications Of Deterministic Chaos For Encrypting Data On The Cloud, Jonathan Blackledge, Nikolai Ptitsyn

Conference papers

Cloud computing is expected to grow considerably in the future because it has so many advantages with regard to sale and cost, change management, next generation architectures, choice and agility. However, one of the principal concerns for users of the Cloud is lack of control and above all, data security. This paper considers an approach to encrypting information before it is ‘placed’ on the Cloud where each user has access to their own encryption algorithm, an algorithm that is based on a set of iterated function systems that outputs a chaotic number stream, designed to produce a cryptographically secure cipher. …

Privacy-Preserving Assessment Of Location Data Trustworthiness, Chenyun Dai, Fang-Yu Rao, Gabriel Ghinita, Elisa Bertino

Cyber Center Publications

Assessing the trustworthiness of location data corresponding to individuals is essential in several applications, such as forensic science and epidemic control. To obtain accurate and trustworthy location data, analysts must often gather and correlate information from several independent sources, e.g., physical observation, witness testimony, surveillance footage, etc. However, such information may be fraudulent, its accuracy may be low, and its vol-
ume may be insufficient to ensure highly trustworthy data. On the other hand, recent advancements in mobile computing and positioning systems, e.g., GPS-enabled cell phones, highway sensors, etc., bring new and effective technological means to track the location of …

Prox-Rbac: A Proximity-Based Spatially Aware Rbac, Michael Kirkpatrick, Maria Luisa Damiani, Elisa Bertino

Cyber Center Publications

As mobile computing devices are becoming increasingly dominant in enterprise and government organizations, the need for fine-grained access control in these environments continues to grow. Specifically, advanced forms of access control can be deployed to ensure authorized users can access sensitive resources only when in trusted locations. One technique that has been proposed is to augment role-based access control (RBAC) with spatial constraints. In such a system, an authorized user must be in a designated location in order to exercise the privileges associated with a role. In this work, we extend spatially aware RBAC systems by defining the notion of …

The Kerf Toolkit For Intrusion Analysis, Javed A. Aslam, Sergey Bratus, David Kotz, Ron Peterson, Brett Tofel, Daniela Rus

Javed A. Aslam

To aid system administrators with post-attack intrusion analysis, the Kerf toolkit provides an integrated front end and powerful correlation and data-representation tools, all in one package.

Cloud Computing:Strategies For Cloud Computing Adoption, Faith Shimba

Dissertations

The advent of cloud computing in recent years has sparked an interest from different organisations, institutions and users to take advantage of web applications. This is a result of the new economic model for the Information Technology (IT) department that cloud computing promises. The model promises a shift from an organisation required to invest heavily for limited IT resources that are internally managed, to a model where the organisation can buy or rent resources that are managed by a cloud provider, and pay per use. Cloud computing also promises scalability of resources and on-demand availability of resources.

Although, the adoption …

Event Study Method For Validating Agent-Based Trading Simulations, Shih-Fen Cheng

Research Collection School Of Computing and Information Systems

In this paper, we introduce how one can validate an event-centric trading simulation platform that is built with multi-agent technology. The issue of validation is extremely important for agent-based simulations, but unfortunately, so far there is no one universal method that would work in all domains. The primary contribution of this paper is a novel combination of event-centric simulation design and event study approach for market dynamics generation and validation. In our event-centric design, the simulation is progressed by announcing news events that affect market prices. Upon receiving these events, event-aware software agents would adjust their views on the market …

A Secure On-Line Credit Card Transaction Method Based On Kerberos Authentication Protocol, Jung Eun Kim

UNLV Theses, Dissertations, Professional Papers, and Capstones

Nowadays, electronic payment system is an essential part of modern business. Credit cards or debit cards have been widely used for on-site or remote transactions, greatly reducing the need for inconvenient cash transactions. However, there have been a huge number of incidents of credit card frauds over the Internet due to the security weakness of electronic payment system. A number of solutions have been proposed in the past to prevent this problem, but most of them were inconvenient and did not satisfy the needs of cardholders and merchants at the same time.

In this thesis, we present a new secure …

Dsfs: Decentralized Security For Large Parallel File Systems, Zhongying Niu, Hong Jiang, Ke Zhou, Dan Feng, Tianming Yang, Dongliang Lei, Anli Chen

CSE Technical Reports

This paper describes DSFS, a decentralized security system for large parallel file system. DSFS stores global access control lists (ACLs) in a centralized decisionmaking server and pushes pre-authorization lists (PALs) into storage devices. Thus DSFS allows users to flexibly set any access control policy for the global ACL or even change the global ACL system without having to upgrade the security code in their storage devices. With pre-authorization lists, DSFS enables a networkattached storage device to immediately authorize I/O, instead of demanding a client to acquire an authorization from a centralized authorization server at a crucial time. The client needs …

Privacy-Preserving Attribute-Based Access Control In A Grid, Sang Mork Park

Browse all Theses and Dissertations

A Grid community is composed of diverse stake holders, such as data resource providers, computing resource providers, service providers, and the users of the resources and services. In traditional security systems for Grids, most of the authentication and authorization mechanisms are based on the user's identity or the user's classification information. If the authorization mechanism is based on the user's identity, fine-grained access control policies can be implemented but the scalability of the security system would be limited. If the authorization mechanism is based on the user's classification, the scalability can be improved but the fine-grained access control policies may …

Routing In The Dark: Pitch Black, Nathan S. Evans

Electronic Theses and Dissertations

In many networks, such as mobile ad-hoc networks and friend-to-friend overlay networks, direct communication between nodes is limited to specific neighbors. Friendto-friend “darknet” networks have been shown to commonly have a small-world topology; while short paths exist between any pair of nodes in small-world networks, it is non-trivial to determine such paths with a distributed algorithm. Recently, Clarke and Sandberg proposed the first decentralized routing algorithm that achieves efficient routing in such small-world networks.

Herein this thesis we discuss the first independent security analysis of Clarke and Sandberg’s routing algorithm. We show that a relatively weak participating adversary can render …

Generalized Neuron Based Secure Media Access Control Protocol For Wireless Sensor Networks, Raghavendra V. Kulkarni, Ganesh K. Venayagamoorthy, Abhishek V. Thakur, Sanjay Kumar Madria

Electrical and Computer Engineering Faculty Research & Creative Works

Security plays a pivotal role in most applications of wireless sensor networks. It is common to find inadequately secure networks confined only to controlled environments. The issue of security in wireless sensor networks is a hot research topic for over a decade. This paper presents a compact generalized neuron (GN) based medium access protocol that renders a CSMA/CD network secure against denial-of-service attacks launched by adversaries. The GN enhances the security by constantly monitoring multiple parameters that reflect the possibility that an attack is launched by an adversary. Particle swarm optimization, a popular bio-inspired evolutionary-like optimization algorithm is used for …

Beyond K-Anonymity: A Decision Theoretic Framework For Assessing Privacy Risk, Guy Lebanon, Monica Scannapieco, Mohamed Fouad, Elisa Bertino

Cyber Center Publications

An important issue any organization or individual has to face when managing data containing sensitive information, is the risk that can be incurred when releasing such data. Even though data may be sanitized before being released, it is still possible for an adversary to reconstruct the original data using additional information thus resulting in privacy violations. To date, however, a systematic approach to quantify such risks is not available. In this paper we develop a framework, based on statistical decision theory, that assesses the relationship between the disclosed data and the resulting privacy risk. We model the problem of deciding …

Data Security Measures In The It Service Industry: A Balance Between Knowledge & Action, N. Mlitwa, Y. Kachala

Journal of Digital Forensics, Security and Law

That “knowledge is power” is fast becoming a cliché within the intelligentsia. Such power however, depends largely on how knowledge itself is exchanged and used, which says a lot about the tools of its transmission, exchange, and storage. Information and communication technology (ICT) plays a significant role in this respect. As a networked tool, it enables efficient exchanges of video, audio and text data beyond geographical and time constraints. Since this data is exchanged over the worldwide web (www), it can be accessible by anyone in the world using the internet. The risk of unauthorised access, interception, modification, or even …

Alphaco: A Teaching Case On Information Technology Audit And Security, Hüseyin Tanriverdi, Joshua Bertsch, Jonathan Harrison, Po-Ling Hsiao, Ketan S. Mesuria, David Hendrawirawan

Journal of Digital Forensics, Security and Law

Recent regulations in the United States (U.S.) such as the Sarbanes-Oxley Act of 2002 require top management of a public firm to provide reasonable assurance that they institute internal controls that minimize risks over the firm’s operations and financial reporting. External auditors are required to attest to the management’s assertions over the effectiveness of those internal controls. As firms rely more on information technology (IT) in conducting business, they also become more vulnerable to IT related risks. IT is critical for initiating, recording, processing, summarizing and reporting accurate financial and non-financial data. Thus, understanding IT related risks and instituting internal …

Collaboration Enforcement In Mobile Ad Hoc Networks, Ning Jiang

Electronic Theses and Dissertations

Mobile Ad hoc NETworks (MANETs) have attracted great research interest in recent years. Among many issues, lack of motivation for participating nodes to collaborate forms a major obstacle to the adoption of MANETs. Many contemporary collaboration enforcement techniques employ reputation mechanisms for nodes to avoid and penalize malicious participants. Reputation information is propagated among participants and updated based on complicated trust relationships to thwart false accusation of benign nodes. The aforementioned strategy suffers from low scalability and is likely to be exploited by adversaries. To address these problems, we first propose a finite state model. With this technique, no reputation …

Jess – A Java Security Scanner For Eclipse, Russell Spitler

Honors Theses

Secure software is the responsibility of every developer. In order to help a developer with this responsibility there are many automated source code security auditors. These tools perform a variety of functions, from finding calls to insecure functions to poorly generated random numbers. These programs have existed for years and perform the security audit with varying degrees of success.

Largely missing in the world of programming is such a security auditor for the Java programming language. Currently, Fortify Software produces the only Java source code security auditor; this is a commercially available package.

This void is what inspired JeSS, Java …

Food Based Approaches For A Healthy Nutrition In Africa, Mamoudou Hama Dicko

Pr. Mamoudou H. DICKO, PhD

The latest estimates of the FAO demonstrate the problems of the fight against hunger. These problems are manifested by the ever-increasing number of chronically undernourished people worldwide. Their numbers during the 1999-2001 period were estimated at about 840 million of which 798 million live in developing countries. Sub-Saharan Africa alone represented 198 million of those. In this part of Africa the prevalence of undernourishment ranges from 5-34%, causing growth retardation and insufficient weight gain among one third of the children under five years of age and resulting in a mortality of 5-15% among these children. Malnutrition resulting from undernourishment is …