Towards a Pervasive Access Control within Video Surveillance Systems

Part 1: Cross-Domain Conference and Workshop on Multidisciplinary Research and Practice for Information Systems (CD-ARES 2013)International audienceThis paper addresses two emerging challenges that multimedia distributed systems have to deal with: the user’s constant mobility and the information’s sensitivity. The systems have to adapt, in real time, to the user’s context and situation in order to provide him with relevant results without breaking the security and privacy policies. Distributed multimedia systems, such as the oneproposed by the LINDO project, do not generally consider both issues. In this paper, we apply an access control layer on top of the LINDO architecture that takes into consideration the user’s context and situation and recommends alternative resources to the user when he is facing an important situation. The proposed solution was implemented and tested in a video surveillance use case

A Context-Aware System to Secure Enterprise Content: Incorporating Reliability Specifiers

The sensors of a context-aware system extract contextual information from the environment and relay that information to higher-level processes of the system so to influence the system\u2019s control decisions. However, an adversary can maliciously influence such controls indirectly by manipulating the environment in which the sensors are monitoring, thereby granting privileges the adversary would otherwise not normally have. To address such context monitoring issues, we extend CASSEC by incorporating sentience-like constructs, which enable the emulation of \u201dconfidence\u201d, into our proximity-based access control model to grant the system the ability to make more inferable decisions based on the degree of reliability of extracted contextual information. In CASSEC 2.0, we evaluate our confidence constructs by implementing two new authentication mechanisms. Co-proximity authentication employs our time-based challenge-response protocol, which leverages Bluetooth Low Energy beacons as its underlying occupancy detection technology. Biometric authentication relies on the accelerometer and fingerprint sensors to measure behavioral and physiological user features to prevent unauthorized users from using an authorized user\u2019s device. We provide a feasibility study demonstrating how confidence constructs can improve the decision engine of context-aware access control systems

Event-Oriented Dynamic Security Service for Demand Response in Smart Grid Employing Mobile Networks

Equipped with millions of sensors and smart meters in smart gird, a reliable and resilient wireless communication technology is badly needed. Mobile networks are among the major energy communication networks which contribute to global energy consumption increase rapidly. As one of core technologies of smart grid employing mobile networks, Demand Response (DR) helps improving efficiency, reliability and security for electric power grid infrastructure. Security of DR events is one of the most important issues in DR. However, the security requirements of different DR events are dynamic for variousactual demands. To address this, an event-oriented dynamic security service mechanism is proposed for DR. Three kinds of security services including security access service, security communication service and security analysis service for DR event are composited dynamically by the fine-grained sub services. An experiment prototype of the network of State Grid Corporation of China (SGCC) is established. Experiment and evaluations shows the feasibility and effectiveness of the proposed scheme in smart grid employing mobile network

IaaS-cloud security enhancement: an intelligent attribute-based access control model and implementation

The cloud computing paradigm introduces an efficient utilisation of huge computing resources by multiple users with minimal expense and deployment effort compared to traditional computing facilities. Although cloud computing has incredible benefits, some governments and enterprises remain hesitant to transfer their computing technology to the cloud as a consequence of the associated security challenges. Security is, therefore, a significant factor in cloud computing adoption. Cloud services consist of three layers: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Cloud computing services are accessed through network connections and utilised by multi-users who can share the resources through virtualisation technology. Accordingly, an efficient access control system is crucial to prevent unauthorised access. This thesis mainly investigates the IaaS security enhancement from an access control point of view. [Continues.

Integrating security solutions to support nanoCMOS electronics research

The UK Engineering and Physical Sciences Research Council (EPSRC) funded Meeting the Design Challenges of nanoCMOS Electronics (nanoCMOS) is developing a research infrastructure for collaborative electronics research across multiple institutions in the UK with especially strong industrial and commercial involvement. Unlike other domains, the electronics industry is driven by the necessity of protecting the intellectual property of the data, designs and software associated with next generation electronics devices and therefore requires fine-grained security. Similarly, the project also demands seamless access to large scale high performance compute resources for atomic scale device simulations and the capability to manage the hundreds of thousands of files and the metadata associated with these simulations. Within this context, the project has explored a wide range of authentication and authorization infrastructures facilitating compute resource access and providing fine-grained security over numerous distributed file stores and files. We conclude that no single security solution meets the needs of the project. This paper describes the experiences of applying X.509-based certificates and public key infrastructures, VOMS, PERMIS, Kerberos and the Internet2 Shibboleth technologies for nanoCMOS security. We outline how we are integrating these solutions to provide a complete end-end security framework meeting the demands of the nanoCMOS electronics domain

HUC-HISF: A Hybrid Intelligent Security Framework for Human-centric Ubiquitous Computing

制度:新 ; 報告番号:乙2336号 ; 学位の種類:博士(人間科学) ; 授与年月日:2012/1/18 ; 早大学位記番号:新584

Secure Dynamic Cloud-based Collaboration with Hierarchical Access

In recent years, the Cloud has emerged as an attractive way of hosting and delivering services over the Internet. This has resulted in a renewed focus on information security in the case where data is stored in the virtual space of the cloud and is not physically accessible to the customer. Through this thesis the boundaries of securing data in a cloud context, while retaining the benefits of the cloud, are explored. The thesis addresses the increasing security concerns of migrating to the cloud andutilising it for data storage.The research of this thesis is divided into three separate areas: securing data in an untrusted cloud environment, ensuring data access control in the cloud, and securing data outside the cloud in the user's environment. Each area is addressed by separate conceptual designs. Together these comprise a secure dynamic cloud-based collaboration environment with hierarchical access. To further validate the conceptual designs, proof of concept prototypes have been constructed.The conceptual designs have been devised by exploring and extending the boundaries of existing secure data-storage schemes, and then combining these with well-known security principles and cutting-edge research within the field of cryptography. The results of this thesis are feasible conceptual designs for a cloud-based dynamic collaboration environment. The conceptual designs address the challenges of secure cloud-based storage and allow the benefits of cloud-based storage to be utilised. Furthermore, this thesis provides a solid foundation for further work within this field