Identity and Access Management System: a Web-Based Approach for an Enterprise

Managing digital identities and access control for enterprise users and applications remains one of the greatest challenges facing computing today. An attempt to address this issue led to the proposed security paradigm called Identity and Access Management (IAM) service based on IAM standards. Current approaches such as Lightweight Directory Access Protocol (LDAP), Central Authentication Service (CAS) and Security Assertion Markup Language (SAML) lack comprehensive analysis from conception to physical implementation to incorporate these solutions thereby resulting in impractical and fractured solutions. In this paper, we have implemented Identity and Access Management System (IAMSys) using the Lightweight Directory Access Protocol (LDAP) which focuses on authentication, authorization, administration of identities and audit reporting. Its primary concern is verification of the identity of the entity and granting correct level of access for resources which are protected in either the cloud environment or on-premise systems. A phased approach methodology was used in the research where it requires any enterprise or organization willing to adopt this must carry out a careful planning and demonstrated a good understanding of the technologies involved. The results of the experimental evaluation indicated that the average rating score is 72.0 % for the participants involved in this study. This implies that the idea of IAMSys is a way to mitigating security challenges associated with authentication, authorization, data protection and accountability if properly deployed

On Lightweight Privacy-Preserving Collaborative Learning for IoT Objects

The Internet of Things (IoT) will be a main data generation infrastructure for achieving better system intelligence. This paper considers the design and implementation of a practical privacy-preserving collaborative learning scheme, in which a curious learning coordinator trains a better machine learning model based on the data samples contributed by a number of IoT objects, while the confidentiality of the raw forms of the training data is protected against the coordinator. Existing distributed machine learning and data encryption approaches incur significant computation and communication overhead, rendering them ill-suited for resource-constrained IoT objects. We study an approach that applies independent Gaussian random projection at each IoT object to obfuscate data and trains a deep neural network at the coordinator based on the projected data from the IoT objects. This approach introduces light computation overhead to the IoT objects and moves most workload to the coordinator that can have sufficient computing resources. Although the independent projections performed by the IoT objects address the potential collusion between the curious coordinator and some compromised IoT objects, they significantly increase the complexity of the projected data. In this paper, we leverage the superior learning capability of deep learning in capturing sophisticated patterns to maintain good learning performance. Extensive comparative evaluation shows that this approach outperforms other lightweight approaches that apply additive noisification for differential privacy and/or support vector machines for learning in the applications with light data pattern complexities.Comment: 12 pages,IOTDI 201

Generalized Completed Local Binary Patterns for Time-Efficient Steel Surface Defect Classification

© 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted ncomponent of this work in other works.Efficient defect classification is one of the most important preconditions to achieve online quality inspection for hot-rolled strip steels. It is extremely challenging owing to various defect appearances, large intraclass variation, ambiguous interclass distance, and unstable gray values. In this paper, a generalized completed local binary patterns (GCLBP) framework is proposed. Two variants of improved completed local binary patterns (ICLBP) and improved completed noise-invariant local-structure patterns (ICNLP) under the GCLBP framework are developed for steel surface defect classification. Different from conventional local binary patterns variants, descriptive information hidden in nonuniform patterns is innovatively excavated for the better defect representation. This paper focuses on the following aspects. First, a lightweight searching algorithm is established for exploiting the dominant nonuniform patterns (DNUPs). Second, a hybrid pattern code mapping mechanism is proposed to encode all the uniform patterns and DNUPs. Third, feature extraction is carried out under the GCLBP framework. Finally, histogram matching is efficiently accomplished by simple nearest-neighbor classifier. The classification accuracy and time efficiency are verified on a widely recognized texture database (Outex) and a real-world steel surface defect database [Northeastern University (NEU)]. The experimental results promise that the proposed method can be widely applied in online automatic optical inspection instruments for hot-rolled strip steel.Peer reviewe