Secure eHealth-Care Service on Self-Organizing Software Platform

There are several applications connected to IT health devices on the self-organizing software platform (SoSp) that allow patients or elderly users to be cared for remotely by their family doctors under normal circumstances or during emergencies. An evaluation of the SoSp applied through PAAR watch/self-organizing software platform router was conducted targeting a simple user interface for aging users, without the existence of extrasettings based on patient movement. On the other hand, like normal medical records, the access to, and transmission of, health information via PAAR watch/self-organizing software platform requires privacy protection. This paper proposes a security framework for health information management of the SoSp. The proposed framework was designed to ensure easy detection of identification information for typical users. In addition, it provides powerful protection of the user’s health information

Service Oriented Mobile Computing

La diffusione di concetti quali Pervasive e Mobile Computing introduce nell'ambito dei sistemi distribuiti due aspetti fondamentali: la mobilità dell'utente e l'interazione con l'ambiente circostante, favorite anche dal crescente utilizzo di dispositivi mobili dotati di connettività wireless come prodotti di consumo. Per estendere le funzionalità introdotte nell'ambito dei sistemi distribuiti dalle Architetture Orientate ai Servizi (SOA) e dal paradigma peer-to-peer anche a dispositivi dalle risorse limitate (in termini di capacità computazionale, memoria e batteria), è necessario disporre di un middleware leggero e progettato tenendo in considerazione tali caratteristiche. In questa tesi viene presentato NAM (Networked Autonomic Machine), un formalismo che descrive in modo esaustivo un sistema di questo tipo; si tratta di un modello teorico per la definizione di entità hardware e software in grado di condividere le proprie risorse in modo completamente altruistico. In particolare, il lavoro si concentra sulla definizione e gestione di un determinato tipo di risorse, i servizi, che possono essere offerti ed utilizzati da dispositivi mobili, mediante meccanismi di composizione e migrazione. NSAM (Networked Service-oriented Autonomic Machine) è una specializzazione di NAM per la condivisione di servizi in una rete peer-to-peer, ed è basato su tre concetti fondamentali: schemi di overlay, composizione dinamica di servizi e auto-configurazione dei peer. Nella tesi vengono presentate anche diverse attività applicative, che fanno riferimento all'utilizzo di due middleware sviluppati dal gruppo di Sistemi Distribuiti (DSG) dell'Università di Parma: SP2A (Service Oriented Peer-to-peer Architecture), framework per lo sviluppo di applicazioni distribuite attraverso la condivisione di risorse in una rete peer-to-peer, e Jxta-Soap che consente la condivisione di Web Services in una rete peer-to-peer JXTA. Le applicazioni realizzate spaziano dall'ambito della logistica, alla creazione di comunità per l'e-learning, all'Ambient Intelligence alla gestione delle emergenze, ed hanno come denominatore comune la creazione di reti eterogenee e la condivisione di risorse anche tra dispositivi mobili. Viene inoltre messo in evidenza come tali applicazioni possano essere ottimizzate mediante l'introduzione del framework NAM descritto, per consentire la condivisione di diversi tipi di risorse in modo efficiente e proattivo

Security Framework for the Web of IoT Platforms

Connected devices of IoT platforms are known to produce, process and exchange vast amounts of data, most of it sensitive or personal, that need to be protected. However, achieving minimal data protection requirements such as confidentiality, integrity, availability and non-repudiation in IoT platforms is a non-trivial issue. For one reason, the trillions of interacting devices provide larger attack surfaces. Secondly, high levels of personal and private data sharing in this ubiquitous and heterogeneous environment require more stringent protection. Additionally, whilst interoperability fuels innovation through cross-platform data flow, data ownership is a concern. This calls for categorizing data and providing different levels of access control to users known as global and local scopes. These issues present new and unique security considerations in IoT products and services that need to be addressed to enable wide adoption of the IoT paradigm. This thesis presents a security and privacy framework for the Web of IoT platforms that addresses end-to-end security and privacy needs of the platforms. It categorizes platforms’ resources into different levels of security requirements and provides appropriate access control mechanisms

A trust supportive framework for pervasive computing systems

Recent years have witnessed the emergence and rapid growth of pervasive comput- ing technologies such as mobile ad hoc networks, radio frequency identification (RFID), Wi-Fi etc. Many researches are proposed to provide services while hiding the comput- ing systems into the background environment. Trust is of critical importance to protect service integrity & availability as well as user privacies. In our research, we design a trust- supportive framework for heterogeneous pervasive devices to collaborate with high security confidence while vanishing the details to the background. We design the overall system ar- chitecture and investigate its components and their relations, then we jump into details of the critical components such as authentication and/or identification and trust management. With our trust-supportive framework, the pervasive computing system can have low-cost, privacy-friendly and secure environment for its vast amount of services

Developing a distributed electronic health-record store for India

The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India

Secure pairing-free two-party certificateless authenticated key agreement protocol with minimal computational complexity

Key agreement protocols play a vital role in maintaining security in many critical applications due to the importance of the secret key. Bilinear pairing was commonly used in designing secure protocols for the last several years; however, high computational complexity of this operation has been the main obstacle towards its practicality. Therefore, implementation of Elliptic-curve based operations, instead of bilinear pairings, has become popular recently, and pairing-free key agreement protocols have been explored in many studies. A considerable amount of literatures has been published on pairing-free key agreement protocols in the context of Public Key Cryptography (PKC). Simpler key management and non-existence of key escrow problem make certificateless PKC more appealing in practice. However, achieving certificateless pairing-free two-party authenticated key agreement protocols (CL-AKA) that provide high level of security with low computational complexity, remains a challenge in the research area. This research presents a secure and lightweight pairingfree CL-AKA protocol named CL2AKA (CertificateLess 2-party Authenticated Key Agreement). The properties of CL2AKA protocol is that, it is computationally lightweight while communication overhead remains the same as existing protocols of related works. The results indicate that CL2AKA protocol is 21% computationally less complex than the most efficient pairing-free CL-AKA protocol (KKC-13) and 53% less in comparison with the pairing-free CL-AKA protocol with highest level of security guarantee (SWZ-13). Security of CL2AKA protocol is evaluated based on provable security evaluation method under the strong eCK model. It is also proven that the CL2AKA supports all of the security requirements which are necessary for authenticated key agreement protocols. Besides the CL2AKA as the main finding of this research work, there are six pairing-free CL-AKA protocols presented as CL2AKA basic version protocols, which were the outcomes of several attempts in designing the CL2AKA

The Java Context Awareness Framework (JCAF) – A Service Infrastructure and Programming Framework for Context-Aware Applications

Abstract. Context-awareness is a key concept in ubiquitous computing. But to avoid developing dedicated context-awareness sub-systems for specific applica-tion areas there is a need for more generic programming frameworks. Such frame-works can help the programmer to develop and deploy context-aware applications faster. This paper describes the Java Context-Awareness Framework – JCAF, which is a Java-based context-awareness infrastructure and programming API for creating context-aware computer applications. The paper presents the design principles behind JCAF, its runtime architecture, and its programming API. The paper presents some applications of using JCAF in three different applications and discusses lessons learned from using JCAF.