Sistema de valoración funcional para sistemas de aeronavegación no tripulados a partir de la calidad de la información

Unmanned aerial navigation systems are not used in many military and non-military applications. However, these systems are susceptible be operated by hackers partially or completely. Therefore, in this article based on the JDL model for safety assessment of the drone’s framework it is proposed. Metrics for each level of the merger in conjunction with a mapping system in order to determine the dependence of data between different levels are proposed, considering the contextual user ratings.Los sistemas de aeronavegación no tripulados son utilizados en múltiples aplicaciones militares y no militares. Sin embargo, estos sistemas son susceptibles de ser intervenidos por delincuentes informáticos parcial o totalmente. En este artículo se propone un framework basado en el modelo JDL para la evaluación de la seguridad de los drones y se establecen criterios de evaluación de desempeño y de calidad de la información para cada nivel de la fusión, en conjunto con un sistema de mapeo de estas métricas, con el fin de determinar la dependencia de los datos entre diferentes niveles, contemplando la valoración contextual del usuario

Investigating Identity Fraud Management Practices in E-tail sector:A Systematic Review

Purpose: Identity fraud is a growing issue for online retail organisations. The literature on this issue is scattered, and none of the studies presents a holistic view of identity fraud management practices in the online retail context. Therefore, the purpose of this paper is to investigate the identity fraud management practices and present a comprehensive set of practices for e-tail sector. Design/methodology/approach: A systematic literature review approach was adopted, and the articles were selected through pre-set inclusion criteria. The authors synthesised existing literature to investigate identity fraud management in e-tail sector. Findings: The research finds that literature on practices for identity fraud management is scattered. The findings also reveal that firms assume identity fraud issues as a technological challenge, which is one of the major reasons for a gap in effective management of identity frauds. This research suggests e-tailers to deal this issue as a management challenge and counter strategies should be developed in technological, human and organisational aspects. Research limitations/implications: This study is limited to the published sources of data. Studies, based on empirical data, will be helpful to support the argument of this study; additionally, future studies are recommended to include a wide number of databases. Practical implications: This research will help e-tail organisations to understand the whole of identity fraud management and help them develop and implement a comprehensive set of practices at each stage, for effective management identity frauds. Originality/value: This research makes unique contributions by synthesising existing literature at each stage of fraud management and encompasses social, organisational and technological aspects. It will also help academicians understanding a holistic view of available research and opens new lines for future research.</p

A Secure RFID Authentication Protocol Adopting Error Correction Code

RFID technology has become popular in many applications; however, most of the RFID products lack security related functionality due to the hardware limitation of the low-cost RFID tags. In this paper, we propose a lightweight mutual authentication protocol adopting error correction code for RFID. Besides, we also propose an advanced version of our protocol to provide key updating. Based on the secrecy of shared keys, the reader and the tag can establish a mutual authenticity relationship. Further analysis of the protocol showed that it also satisfies integrity, forward secrecy, anonymity, and untraceability. Compared with other lightweight protocols, the proposed protocol provides stronger resistance to tracing attacks, compromising attacks and replay attacks. We also compare our protocol with previous works in terms of performance

Disseminação segura de conteúdo diante ataques sybil para a internet das coisas

Orientador : Prof. Aldri Luiz dos SantosCoorientador : Prof. Michele Nogueira LimaDissertação (mestrado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Informática. Defesa: Curitiba, 20/04/2016Inclui referências : f. 59-64Resumo: O avanço das tecnologias de comunicação e a redução dos dispositivos computacionais estão propiciando o desenvolvimento da Internet das Coisas (IoT). Esta rede integra desde lâmpadas, geladeiras, roupas, e até dispositivos computacionais, promovendo a geração de um grande volume de dados como também a interação entre os objetos e os seres humanos em ambientes residenciais, industriais, de saúde, entre outros. A integração entre estes objetos e dispositivos computacionais promove a geração de um grande volume de dados, os quais serão disseminados para o desenvolvimento de vários serviços em tempo real como o monitoramento das funções vitais, a localização de objetos, a mensuração da temperatura de um local. Contudo, uma rede IoT precisa lidar também com fatores como limitações de recursos, heterogeneidade dos dispositivos, perdas de enlace e a vulnerabilidade do meio sem fio. Tais fatores quando explorados por usuários maliciosos tornam a disseminação de conteúdo insegura. O serviço de disseminação de conteúdo nessas redes está sujeito a diversas ações maliciosas, entre as quais destaca-se a personificação de identidades realizada pelo ataque Sybil. Embora existam várias abordagens de detecção de ataque Sybil, como o Lightweight Sybil Detection (LSD), elas são custosas, desconsideram dispositivos heterogêneos, e não levam em conta atacantes Sybil com identidades roubadas. Assim, esta dissertação apresenta um mecanismo de controle de associações, denominado SA2CI (Sybil Attack Association Control for IoT), que busca prevenir associações de atacantes Sybil à disseminação de conteúdo da IoT. O desenvolvimento deste mecanismo é baseado em criptografia de curvas elípticas (ECC), funções não clonáveis (PUF) e recibos de identidades. A ECC auxilia na criação de um canal seguro com baixo custo computacional por onde a comprovação da identidade, representada pela PUF dos dispositivos será transportada para o cálculo e distribuição dos recibos de identidade, garantindo a sua legitimidade. O SA2CI foi avaliado através de simulações, e comparado com o LSD através de métricas de eficácia e eficiência. Os resultados mostraram que o SA2CI foi capaz de detectar ataque Sybil de forma eficaz, eficiente e constante, independente do tipo e quantidade de identidades. Palavras-chave: IoT, disseminação segura, ataque Sybil, mecanismo de detecção.Abstract: The technological advance in communication and the reduction of computational devices are providing the development of the Internet of Things (IoT). This network integrates from lamps, fridges, clothes to computational devices, promoting promoting a huge volume of data, as well as an interaction between objects and humans in residential, industrial and health environments, allows the integration of communication between objects, computing devices, various services can be provided in real time, such as the monitoring of vital functions, the location of objects, the temperature measurement. However, an IoT network needs to deal with factors such as resource constraints, heterogeneity of devices, link losses and the vulnerability of the wireless medium. This factors, when exploited by malicious users, make the dissemination insecure. The content dissemination service in these networks is subject to various malicious actions, among which stands out the personification of identities held by Sybil attack. While there are several approaches to Sybil attack detection, such as Lightweight Sybil Detection (LSD), they are costly, disregard heterogeneous devices, and do not take into account Sybil attackers with stolen identities. This dissertation presents a mechanism of control of associations, denominated SA2CI, that seeks to prevent associations of attackers Sybil to the dissemination of IoT content. The development of this mechanism is based on the usage of elliptic curve cryptography (ECC), non-clonable functions (PUF) and identity receipts. An ECC will assist in the creation of a secure channel with low computational cost through which a proof of identity, represented by the PUF of the devices will be transported to calculate the distribution of identity receipts, guaranteeing their legitimacy. The SA2CI was evaluated through simulations and compared with LSD through metrics of effectiveness and efficiency. The results showed that the SA2CI was able to detect Sybil attack effective, efficient and consistent manner, regardless of the type and amount of identities. Keywords: IoT, security dissemination, Sybil attack, detection mecanism

Public Archaeology in a Digital Age

This thesis examines the impact of the democratic promises of Internet communication technologies, social, and participatory media on the practice of public archaeology. It is focused on work within archaeological organisations in the UK in commercial archaeology, higher education, local authority planning departments and community settings, as well the voluntary planning departments and community settings, as well the voluntary archaeology sector archaeology sector . This work has taken an innovative approach to the subject matter through its use of a Grounded Theory method for data collection and analysis, and the use of a combination of online surveys, case studies and email questionnaires in order to address the following issues: the provision of authoritative archaeological information online; barriers to participation; policy and organisational approaches to evaluating success and archiving; community formation and activism, and the impact of digital inequalities and literacies. This thesis is the first overarching study into the use of participatory media in archaeology. It is an important exploration of where and how the profession is creating and managing digital platforms, and the expanding opportunities for networking and sharing information within the discipline, against a backdrop of rapid advancement in the use of Internet technologies within society. This work has made significant contributions to debates on the practice and impact of public archaeology. It has shown that archaeologists do not yet fully understand the complexities of Internet use and issues of digital literacy, the impact of audience demographics or disposition towards participation in online projects. It has shown that whilst recognition of democratic participation is not, on the whole, undertaken through a process of actively acknowledging responses to archaeological information, there remains potential for participatory media to support and accommodate these ideals. This work documents a period of great change within the practice of archaeology in the UK, and concludes with the observation that it is vital that the discipline undertake research into online audiences for archaeological information if we are to create sustainable digital public archaeologies

Identity Fraud Management: A Qualitative Study into the Managerial Practices in E-tail Sector

E-commerce has offered many opportunities to business firms to minimise their operational costs, enhance the customer base and develop better customer relationships. These opportunities have also created some challenges, especially those related to identity frauds. Therefore, this study aims at understanding identity fraud management and analyses existing managerial practices at large e-tailers to suggest improvements. To attain the objectives of this study, the qualitative approach of data collection was adopted. The interview method of data collection helped to get in-depth information about the context under study. The case study research approach was chosen to investigate the what, how and why of the issues and practices of identity fraud management. The data were collected at three large e-tailers based in the UK, in the course of 33 semi-structured interviews. For the analysis, thematic approach was adopted and the results were processed using single and cross-case analysis. The findings revealed that identity fraud was one of the biggest challenges for e-tailers, as they are losing a significant amount of their revenues. Various types and methods of identity frauds have been explored. The results show that the case firms have the process of managing identity frauds, and the stages of fraud management suggested by Wilhelm (2004) were present. It was also found that e-tailers prioritised the technological aspects of fraud management, while the developing the skills and awareness of their staff was not given required focus, which may be one of the possible reasons for the existing deficiencies in fraud management. In fact, this study has found that human factor is a critical aspect of fraud management. It has also been established that customer education is not carried out effectively, despite the fact that identity theft mostly occurs at the customer side. A more active and explicit stance against identity fraud is recommended. However, because the e-tailers operate in a highly competitive environment, there is a trade-off between putting up extra security layers and the ease for customers for making a purchase, making identity fraud management ever more challenging for them. Present study contributes to the body of literature by understanding identity fraud management and analysing current managerial practices at large e-tailers. Reflecting on the theoretical and empirical data, e-tailers are forwarded some novel practices for better management of identity frauds. Additionally, e-tailers are also suggested improvements in existing managerial practices. This study may help e-tailers to effectively manage identity frauds, which will result in reduced fraud losses, better firm image and favourable customer relations and offering the society a secure environment for online shopping. Finally, a conceptual framework has been suggested for effective management of identity frauds in e-tail context. Managerial practices are suggested and guidelines are given at each stage of the framework for effective management of identity frauds