Chapter Securing the Home Energy Management Platform

Recently, many efforts have been done to chemically functionalize sensors surface to achieve selectivity towards diagnostics targets, such as DNA, RNA fragments and protein tumoural biomarkers, through the surface immobilization of the related specific receptor. Especially, some kind of sensors such as microcantilevers (gravimetric sensors) and one-dimensional photonics crystals (optical sensors) able to couple Bloch surface waves are very sensitive. Thus, any kind of surface modifications devoted to functionalize them has to be finely controlled in terms of mass and optical characteristics, such as refractive index, to minimize the perturbation, on the transduced signal, that can affect the response sensitivity towards the detected target species

Securing the Home Energy Management Platform

Energy management in households gets increasingly more attention in the struggle to integrate more sustainable energy sources. Especially in the electrical system, smart grid systems are envisioned to be part in the efforts towards a better utilisation of the energy production and distribution infrastructure. The Home Energy Management System (HEMS) is a critical infrastructure component in this endeavour. Its main goal is to enable energy services utilising smart devices in the households based on the interest of the residential consumers and external actors. With the role of being both an essential link in the communication infrastructure for balancing the electrical grid and a surveillance unit in private homes, security and privacy become essential to address. In this chapter, we identify and address potential threats Home Energy Management Platform (HEMP) developers should consider in the progress of designing architecture, selecting hardware and building software. Our approach starts with a general view of the involved stakeholders and the HEMS. Given the system overview, a threat model is constructed from the HEMP developer\u27s point of view. Based on the threats that have been detected, possible mitigation strategies are proposed taking into account the state of the art of technology for securing platforms

Exploiting Java Code Interactions

Many Java technologies allow the execution of code provided by multiple parties. Service-oriented platforms based on components such as OSGi are good examples of such a scenario. Those extensible component-based platforms are service-oriented, as components may directly interact with each other via the services they provide. However, even robust languages such as Java were not designed to handle safely code interaction between trusted and untrusted parties. In this technical report, we review how basic Java interactions can break encapsulation or execution safety. The Java security layers contribution is questionable in such environments as they induce tangible overheads without covering all threats. We also review flaws in the Java access control design that can allow untrusted code to bypass restrictions by exploiting vulnerabilities in trusted code. Our audit on real-life trusted bundles from OSGi implementations shows that real-life components do not seem prepared yet to malicious interactions.De multiples technologies Java permettent l'exécution de code fourni par différentes parties dans un même environnement. Les plateformes orientées service comme OSGi en sont un exemple. Ces plateformes gèrent des composants différents qui n'interagissent entre eux que par les points d'entrées publics que sont les services. Même si Java est robuste par nature, il n'a pas été conçu pour gérer de telles interactions dans le cas où certaines parties sont malveillantes. Dans ce rapport technique, nous exposons comment les méchanismes basiques de Java peuvent mettre en danger l'encapsulation et la sureté d'exécution. Nous expliquons aussi pourquoi les couches de sécurité additionelles ne paraissent pas adaptées à ces environnements à composants et ne garantissent pas une couverture de sécurité optimale. Nous exposons également les problèmes du contrôle d'accès basé sur la pile d'appel et comment il peut permettre à du code malveillant de contourner les restrictions en s'appuyant sur du code de confiance. Enfin, notre audit de différents composants du monde réel montre que les plateformes à composants ne sont pas préparées à la présence de code malveillant

CANE: A Controlled Application Environment for privacy protection in ITS

Many of the applications proposed for intelligent transportation systems (ITS) need to process and communicate detailed personal identifiable information. Examples are detailed location traces or unique identifiers for authentication towards paid services. Existing applications often run as monolithic black boxes inside users’ cars. Hence, users cannot verify that applications behave as expected. We propose CANE, an application sandboxing approach that enhances user control over privacy properties while, at the same time, supporting common application requirements. CANE makes privacy-relevant application properties explicit and allows their analysis and enforcement during application runtime. We evaluate CANE using a common ITS use case and demonstrate feasibility with a proof-of-concept implementation

A systematic literature review of cloud computing in eHealth

Cloud computing in eHealth is an emerging area for only few years. There needs to identify the state of the art and pinpoint challenges and possible directions for researchers and applications developers. Based on this need, we have conducted a systematic review of cloud computing in eHealth. We searched ACM Digital Library, IEEE Xplore, Inspec, ISI Web of Science and Springer as well as relevant open-access journals for relevant articles. A total of 237 studies were first searched, of which 44 papers met the Include Criteria. The studies identified three types of studied areas about cloud computing in eHealth, namely (1) cloud-based eHealth framework design (n=13); (2) applications of cloud computing (n=17); and (3) security or privacy control mechanisms of healthcare data in the cloud (n=14). Most of the studies in the review were about designs and concept-proof. Only very few studies have evaluated their research in the real world, which may indicate that the application of cloud computing in eHealth is still very immature. However, our presented review could pinpoint that a hybrid cloud platform with mixed access control and security protection mechanisms will be a main research area for developing citizen centred home-based healthcare applications

More Vulnerabilities in the Java/OSGi Platform: A Focus on Bundle Interactions

Extensible Component Platforms can discover and install code during runtime. Although this feature introduces flexibility, it also brings new security threats: malicious components can quite easily be installed and exploit the rich programming environment and interactions with other components to perform attacks against the system. One example of such environments is the Java/OSGi Platform, which widespreads in the industrial world. Attacks from one component against another can not be prevented through conventional security mechanisms, since they exploit the lack of proper isolation between them: components often share classes and objects. This reports intends to list the vulnerabilities that a component can contain, both from the literature and from our own experience. The Vulnerable Bundle catalog gathers this knowledge. It provides informations related to the characteristics of the vulnerabilities, their consequence, the security mechanisms that would help prevent their exploitation, as well as to the implementation state of the proof-of-concept bundles that are developed to prove that the vulnerability is actually exploitable. The objective of vulnerability classification is of course to provide tools for identifying and preventing them. A first assessment is performed with existing tools, such as Java Permission and FindBugs, and a specific prototype we develop, WBA (Weak Bundle Analysis), and manual code review

A role and attribute based encryption approach to privacy and security in cloud based health services

Cloud computing is a rapidly emerging computing paradigm which replaces static and expensive data centers, network and software infrastructure with dynamically scalable “cloud based” services offered by third party providers on an on-demand basis. However, with the potential for seemingly limitless scalability and reduced infrastructure costs comes new issues regarding security and privacy as processing and storage tasks are delegated to potentially untrustworthy cloud providers. For the eHealth industry this loss of control makes adopting the cloud problematic when compliance with privacy laws (such HIPAA, PIPEDA and PHIPA) is required and limits third party access to patient records. This thesis presents a RBAC enabled solution to cloud privacy and security issues resulting from this loss of control to a potentially untrustworthy third party cloud provider, which remains both scalable and distributed. This is accomplished through four major components presented, implemented and evaluated within this thesis; the DOSGi based Health Cloud eXchange (HCX) architecture for managing and exchanging EHRs between authorized users, the Role Based Access Control as a Service (RBACaaS) model and web service providing RBAC policy enforcement and services to cloud applications, the Role Based Single Sign On (RBSSO) protocol, and the Distributed Multi-Authority Ciphertext-Policy Shared Attribute-Based Encryption (DMACPSABE) scheme for limiting access to sensitive records dependent on attributes (or roles) assigned to users. We show that when these components are combined the resulting system is both scalable (scaling at least linearly with users, request, records and attributes), secure and provides a level of protection from the cloud provider which preserves the privacy of user’s records from any third party. Additionally, potential use cases are presented for each component as well as the overall system