Active architecture for pervasive contextual services

International Workshop on Middleware for Pervasive and Ad-hoc Computing MPAC 2003), ACM/IFIP/USENIX International Middleware Conference (Middleware 2003), Rio de Janeiro, Brazil This work was supported by the FP5 Gloss project IST2000-26070, with partners at Trinity College Dublin and Université Joseph Fourier, and by EPSRC grants GR/M78403/GR/M76225, Supporting Internet Computation in Arbitrary Geographical Locations, and GR/R45154, Bulk Storage of XML Documents.Pervasive services may be defined as services that are available "to any client (anytime, anywhere)". Here we focus on the software and network infrastructure required to support pervasive contextual services operating over a wide area. One of the key requirements is a matching service capable of as-similating and filtering information from various sources and determining matches relevant to those services. We consider some of the challenges in engineering a globally distributed matching service that is scalable, manageable, and able to evolve incrementally as usage patterns, data formats, services, network topologies and deployment technologies change. We outline an approach based on the use of a peer-to-peer architecture to distribute user events and data, and to support the deployment and evolution of the infrastructure itself.Peer reviewe

Data Minimisation in Communication Protocols: A Formal Analysis Framework and Application to Identity Management

With the growing amount of personal information exchanged over the Internet, privacy is becoming more and more a concern for users. One of the key principles in protecting privacy is data minimisation. This principle requires that only the minimum amount of information necessary to accomplish a certain goal is collected and processed. "Privacy-enhancing" communication protocols have been proposed to guarantee data minimisation in a wide range of applications. However, currently there is no satisfactory way to assess and compare the privacy they offer in a precise way: existing analyses are either too informal and high-level, or specific for one particular system. In this work, we propose a general formal framework to analyse and compare communication protocols with respect to privacy by data minimisation. Privacy requirements are formalised independent of a particular protocol in terms of the knowledge of (coalitions of) actors in a three-layer model of personal information. These requirements are then verified automatically for particular protocols by computing this knowledge from a description of their communication. We validate our framework in an identity management (IdM) case study. As IdM systems are used more and more to satisfy the increasing need for reliable on-line identification and authentication, privacy is becoming an increasingly critical issue. We use our framework to analyse and compare four identity management systems. Finally, we discuss the completeness and (re)usability of the proposed framework

Secure Credits for Micro Payments Scheme using Encrypted Techniques

Online shopping payment scheme is one of the popular in recent years. During payment process the attackers aim to stealing the customer date by targeting the point of scale (PoS) system. Increasing malware that ca steal card data as soon they are read by the device details. This server is identified from legal to illegal control is provided to customer key approach. Once collect the details at customer side are customer account is disabling automatically by erasable PUFs. It includes that limited activity as server to client transaction is sure. Attackers often aim at staling such customer data by targeting the Point of scale (for sort, PoS) system. I.e. the point at which retailer first acquires customer data. Modern PoS system is powerful computer equipped with card reader and running specialized software. Increasingly often, user device are leveraged as input to the PoS. In these scenarios, malware that can steal card data as soon as they are read by the device has flourished .As such as, in case where customer and vendor are persistently or intermittently disconnected from the net work, no secure on-line payment is possible. This work describes SPEF, over up to date approaches I term of flexibility and security. To the best of our knowledge SPEF is the first solution that provide secure fully off line payment while being resilient to all currently known Pops breaches. In particular details SPEF architecture components and protocols .Further a thorough analysis of SPEF functional security properties is provider showing its effectiveness and visibility

Secure Credits for Micro Payments Scheme using Encrypted Techniques

Online shopping payment scheme is one of the popular in recent years. During payment process the attackers aim to stealing the customer date by targeting the point of scale (PoS) system. Increasing malware that ca steal card data as soon they are read by the device details. This server is identified from legal to illegal control is provided to customer key approach. Once collect the details at customer side are customer account is disabling automatically by erasable PUFs. It includes that limited activity as server to client transaction is sure. Attackers often aim at staling such customer data by targeting the Point of scale (for sort, PoS) system. I.e. the point at which retailer first acquires customer data. Modern PoS system is powerful computer equipped with card reader and running specialized software. Increasingly often, user device are leveraged as input to the PoS. In these scenarios, malware that can steal card data as soon as they are read by the device has flourished .As such as, in case where customer and vendor are persistently or intermittently disconnected from the net work, no secure on-line payment is possible. This work describes SPEF, over up to date approaches I term of flexibility and security. To the best of our knowledge SPEF is the first solution that provide secure fully off line payment while being resilient to all currently known Pops breaches. In particular details SPEF architecture components and protocols .Further a thorough analysis of SPEF functional security properties is provider showing its effectiveness and visibility

Droplet: Decentralized Authorization for IoT Data Streams

This paper presents Droplet, a decentralized data access control service, which operates without intermediate trust entities. Droplet enables data owners to securely and selectively share their encrypted data while guaranteeing data confidentiality against unauthorized parties. Droplet's contribution lies in coupling two key ideas: (i) a new cryptographically-enforced access control scheme for encrypted data streams that enables users to define fine-grained stream-specific access policies, and (ii) a decentralized authorization service that handles user-defined access policies. In this paper, we present Droplet's design, the reference implementation of Droplet, and experimental results of three case-study apps atop of Droplet: Fitbit activity tracker, Ava health tracker, and ECOviz smart meter dashboard

Secure data sharing in cloud and IoT by leveraging attribute-based encryption and blockchain

“Data sharing is very important to enable different types of cloud and IoT-based services. For example, organizations migrate their data to the cloud and share it with employees and customers in order to enjoy better fault-tolerance, high-availability, and scalability offered by the cloud. Wearable devices such as smart watch share user’s activity, location, and health data (e.g., heart rate, ECG) with the service provider for smart analytic. However, data can be sensitive, and the cloud and IoT service providers cannot be fully trusted with maintaining the security, privacy, and confidentiality of the data. Hence, new schemes and protocols are required to enable secure data sharing in the cloud and IoT. This work outlines our research contribution towards secure data sharing in the cloud and IoT. For secure data sharing in the cloud, this work proposes several novel attribute-based encryption schemes. The core contributions to this end are efficient revocation, prevention of collusion attacks, and multi-group support. On the other hand, for secure data sharing in IoT, a permissioned blockchain-based access control system has been proposed. The system can be used to enforce fine-grained access control on IoT data where the access control decision is made by the blockchain-based on the consensus of the participating nodes”--Abstract, page iv

Peer-to-Peer Networks and Computation: Current Trends and Future Perspectives

This research papers examines the state-of-the-art in the area of P2P networks/computation. It attempts to identify the challenges that confront the community of P2P researchers and developers, which need to be addressed before the potential of P2P-based systems, can be effectively realized beyond content distribution and file-sharing applications to build real-world, intelligent and commercial software systems. Future perspectives and some thoughts on the evolution of P2P-based systems are also provided