Data Service Outsourcing and Privacy Protection in Mobile Internet

Mobile Internet data have the characteristics of large scale, variety of patterns, and complex association. On the one hand, it needs efficient data processing model to provide support for data services, and on the other hand, it needs certain computing resources to provide data security services. Due to the limited resources of mobile terminals, it is impossible to complete large-scale data computation and storage. However, outsourcing to third parties may cause some risks in user privacy protection. This monography focuses on key technologies of data service outsourcing and privacy protection, including the existing methods of data analysis and processing, the fine-grained data access control through effective user privacy protection mechanism, and the data sharing in the mobile Internet

Un système de collecte sécurisé et de gestion des données pour les réseaux de capteurs sans fils

Le développement des réseaux de capteurs sans fil fait que chaque utilisateur ou organisation est déjà connecté à un nombre important de nœuds. Ces nœuds génèrent une quantité importante de données, rendant la gestion de ces données non évident. De plus, ces données peuvent contenir des informations concernant la vie privée. Les travaux de la thèse attaquent ces problématiques. Premièrement, nous avons conçu un middleware qui communique avec les capteurs physiques pour collecter, stocker, traduire, indexer, analyser et générer des alertes sur les données des capteurs. Ce middleware est basé sur la notion de composants et de composites. Chaque nœud physique communique avec un composite du middleware via une interface RESTFul. Ce middleware a été testé et utilisé dans le cadre du projet Européen Mobesens dans le but de gérer les données d'un réseau de capteurs pour la surveillance de la qualité de l'eau. Deuxièmement, nous avons conçu un protocole hybride d'authentification et d'établissement de clés de paires et de groupes. Considérant qu'il existe une différence de performance entre les noeuds capteur, la passerelle et le middleware, nous avons utilisé l'authentification basé sur la cryptographie basée sur les identités entre la passerelle et le serveur de stockage et une cryptographie symétrique entre les capteurs et les deux autres parties. Ensuite, le middleware a été généralisé dans la troisième partie de la thèse pour que chaque organisation ou individu puisse avoir son propre espace pour gérer les données de ses capteurs en utilisant le cloud computing. Ensuite, nous avons portail social sécurisé pour le partage des données des réseaux de capteursNowadays, each user or organization is already connected to a large number of sensor nodes which generate a substantial amount of data, making their management not an obvious issue. In addition, these data can be confidential. For these reasons, developing a secure system managing the data from heterogeneous sensor nodes is a real need. In the first part, we developed a composite-based middleware for wireless sensor networks to communicate with the physical sensors for storing, processing, indexing, analyzing and generating alerts on those sensors data. Each composite is connected to a physical node or used to aggregate data from different composites. Each physical node communicating with the middleware is setup as a composite. The middleware has been used in the context of the European project Mobesens in order to manage data from a sensor network for monitoring water quality. In the second part of the thesis, we proposed a new hybrid authentication and key establishment scheme between senor nodes (SN), gateways (MN) and the middleware (SS). It is based on two protocols. The first protocol intent is the mutual authentication between SS and MN, on providing an asymmetric pair of keys for MN, and on establishing a pairwise key between them. The second protocol aims at authenticating them, and establishing a group key and pairwise keys between SN and the two others. The middleware has been generalized in the third part in order to provide a private space for multi-organization or -user to manage his sensors data using cloud computing. Next, we expanded the composite with gadgets to share securely sensor data in order to provide a secure social sensor networkEVRY-INT (912282302) / SudocSudocFranceF

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Collaboration Enforcement In Mobile Ad Hoc Networks

Mobile Ad hoc NETworks (MANETs) have attracted great research interest in recent years. Among many issues, lack of motivation for participating nodes to collaborate forms a major obstacle to the adoption of MANETs. Many contemporary collaboration enforcement techniques employ reputation mechanisms for nodes to avoid and penalize malicious participants. Reputation information is propagated among participants and updated based on complicated trust relationships to thwart false accusation of benign nodes. The aforementioned strategy suffers from low scalability and is likely to be exploited by adversaries. To address these problems, we first propose a finite state model. With this technique, no reputation information is propagated in the network and malicious nodes cannot cause false penalty to benign hosts. Misbehaving node detection is performed on-demand; and malicious node punishment and avoidance are accomplished by only maintaining reputation information within neighboring nodes. This scheme, however, requires that each node equip with a tamper-proof hardware. In the second technique, no such restriction applies. Participating nodes classify their one-hop neighbors through direct observation and misbehaving nodes are penalized within their localities. Data packets are dynamically rerouted to circumvent selfish nodes. In both schemes, overall network performance is greatly enhanced. Our approach significantly simplifies the collaboration enforcement process, incurs low overhead, and is robust against various malicious behaviors. Simulation results based on different system configurations indicate that the proposed technique can significantly improve network performance with very low communication cost

Secure Communication in Disaster Scenarios

Während Naturkatastrophen oder terroristischer Anschläge ist die bestehende Kommunikationsinfrastruktur häufig überlastet oder fällt komplett aus. In diesen Situationen können mobile Geräte mithilfe von drahtloser ad-hoc- und unterbrechungstoleranter Vernetzung miteinander verbunden werden, um ein Notfall-Kommunikationssystem für Zivilisten und Rettungsdienste einzurichten. Falls verfügbar, kann eine Verbindung zu Cloud-Diensten im Internet eine wertvolle Hilfe im Krisen- und Katastrophenmanagement sein. Solche Kommunikationssysteme bergen jedoch ernsthafte Sicherheitsrisiken, da Angreifer versuchen könnten, vertrauliche Daten zu stehlen, gefälschte Benachrichtigungen von Notfalldiensten einzuspeisen oder Denial-of-Service (DoS) Angriffe durchzuführen. Diese Dissertation schlägt neue Ansätze zur Kommunikation in Notfallnetzen von mobilen Geräten vor, die von der Kommunikation zwischen Mobilfunkgeräten bis zu Cloud-Diensten auf Servern im Internet reichen. Durch die Nutzung dieser Ansätze werden die Sicherheit der Geräte-zu-Geräte-Kommunikation, die Sicherheit von Notfall-Apps auf mobilen Geräten und die Sicherheit von Server-Systemen für Cloud-Dienste verbessert

Performance of information discovery and message relaying in mobile ad hoc networks

This paper presents 7DS, a novel peer-to-peer resource sharing system. 7DS is an architecture, a set of protocols and an implementation enabling the exchange of data among peers that are not necessarily connected to the Internet. Peers can be either mobile or stationary. We focus on three different facets of cooperation, namely, data sharing, message relaying and network connection sharing. 7DS enables wireless devices to discover, disseminate, relay information among each other to increase the data access. We evaluate via extensive simulations the effectiveness of our system for data dissemination and message relaying among mobile devices with a large number of user mobility scenarios. We model several general data dissemination approaches and investigate the effect of the wireless coverage range, 7DS host density, and cooperation strategy among the mobile hosts as a function of time. We also present a power conservation mechanism that is beneficial, since it increases the power savings, without degrading the data dissemination. Using theory from random walks, random environments and diffusion of controlled processes, we model one of these data dissemination schemes and show that the analysis confirms the simulation results for this scheme

XML Messaging for Mobile Devices

In recent years, XML has been widely adopted as a universal format for structured data. A variety of XML-based systems have emerged, most prominently SOAP for Web services, XMPP for instant messaging, and RSS and Atom for content syndication. This popularity is helped by the excellent support for XML processing in many programming languages and by the variety of XML-based technologies for more complex needs of applications. Concurrently with this rise of XML, there has also been a qualitative expansion of the Internet's scope. Namely, mobile devices are becoming capable enough to be full-fledged members of various distributed systems. Such devices are battery-powered, their network connections are based on wireless technologies, and their processing capabilities are typically much lower than those of stationary computers. This dissertation presents work performed to try to reconcile these two developments. XML as a highly redundant text-based format is not obviously suitable for mobile devices that need to avoid extraneous processing and communication. Furthermore, the protocols and systems commonly used in XML messaging are often designed for fixed networks and may make assumptions that do not hold in wireless environments. This work identifies four areas of improvement in XML messaging systems: the programming interfaces to the system itself and to XML processing, the serialization format used for the messages, and the protocol used to transmit the messages. We show a complete system that improves the overall performance of XML messaging through consideration of these areas. The work is centered on actually implementing the proposals in a form usable on real mobile devices. The experimentation is performed on actual devices and real networks using the messaging system implemented as a part of this work. The experimentation is extensive and, due to using several different devices, also provides a glimpse of what the performance of these systems may look like in the future.Matkapuhelimien ja muiden mobiililaitteiden määrä on kasvanut erittäin nopeasti viime vuosina. Laitteiden pieni koko, niiden tarjoamat ohjelmointimahdollisuudet ja langattomat verkkoyhteydet mahdollistavat Internet- ja muiden verkkosovellusten käytön kaikkialla. Akusta johtuva rajallinen käyttöaika, heikko suoritusteho ja verkkokäytön vaatima virta ja aika toimivat kuitenkin selkeinä rajoitteina mobiililaitteiden mahdollisuuksille, ja jotta mobiilimaailma ei joutuisi kokonaan tulevaisuuden Internetin ulkopuolelle, järjestelmien ja sovellusten suunnittelussa on otettava sen erityispiirteet huomioon. Tulevaisuuden verkkosovelluksissa suoran päätelaitteiden välisen viestinnän odotetaan olevan keskeinen osa sovelluksen toimintaa. Nyky-Internetissä tällaisessa viestinnässä käytetään yhä useammin XML-kieltä, joka laajennettavuutensa ja helppokäyttöisyytensä ansiosta vähentää sovelluskehittäjän taakkaa. XML-kielen ongelmina ovat kuitenkin sen vaatimat suuret tiedonsiirto- ja käsittelyajat, jotka ovat olleet esteenä XML:n laajalle käytölle mobiiliympäristöissä. Väitöskirja tutkii XML-pohjaisen laitteiden välisen viestinnän perusedellytyksiä mobiililaitteilla langattomissa verkoissa. Keskeiset tutkimuskohteet ovat tiivis ja tehokkaasti käsiteltävä XML-esitysmuoto, XML:n käsittelyyn paremmin sopivat ohjelmointirajapinnat ja mobiiliympäristön viestiprotokollat. Työn tuloksena on syntynyt mobiililaitteille suunniteltu XML-pohjainen viestintäjärjestelmä, joka on sellaisenaan käytettävissä verkkosovellusten perustana. Järjestelmälle on suoritettu kattavat mittaukset, jotka osoittavat järjestelmän sopivuuden käyttötarkoitukseensa. Tulosten analyysissa otetaan myös huomioon, miten järjestelmän eri ominaisuudet sopivat kuhunkin mobiililaitteiden tukemaan ympäristöön, sekä tarkastellaan, miltä tulevaisuuden mobiililaitteiden suorituskyky saattaisi näyttää

Top 10 technologies 2003 and their impact on the accounting profession

https://egrove.olemiss.edu/aicpa_guides/1609/thumbnail.jp

Health Participatory Sensing Networks for Mobile Device Public Health Data Collection and Intervention

The pervasive availability and increasingly sophisticated functionalities of smartphones and their connected external sensors or wearable devices can provide new data collection capabilities relevant to public health. Current research and commercial efforts have concentrated on sensor-based collection of health data for personal fitness and personal healthcare feedback purposes. However, to date there has not been a detailed investigation of how such smartphones and sensors can be utilized for public health data collection. Unlike most sensing applications, in the case of public health, capturing comprehensive and detailed data is not a necessity, as aggregate data alone is in many cases sufficient for public health purposes. As such, public health data has the characteristic of being capturable whilst still not infringing privacy, as the detailed data of individuals that may allow re-identification is not needed, but rather only aggregate, de-identified and non-unique data for an individual. These types of public health data collection provide the challenge of the need to be flexible enough to answer a range of public health queries, while ensuring the level of detail returned preserves privacy. Additionally, the distribution of public health data collection request and other information to the participants without identifying the individual is a core requirement. An additional requirement for health participatory sensing networks is the ability to perform public health interventions. As with data collection, this needs to be completed in a non-identifying and privacy preserving manner. This thesis proposes a solution to these challenges, whereby a form of query assurance provides private and secure distribution of data collection requests and public health interventions to participants. While an additional, privacy preserving threshold approach to local processing of data prior to submission is used to provide re-identification protection for the participant. The evaluation finds that with manageable overheads, minimal reduction in the detail of collected data and strict communication privacy; privacy and anonymity can be preserved. This is significant for the field of participatory health sensing as a major concern of participants is most often real or perceived privacy risks of contribution