202 research outputs found
Recommended from our members
Authentication and privacy in mobile web services
This thesis looks at the issue of authentication and privacy in mobile Web services. The work in this thesis builds on GSM and UMTS security framework to develop security protocols for mobile Web services environment. The thesis initially highlights some core principles of designing security protocols in such environment. The next two chapters look at the core technologies and building blocks in Web services systems and the core security features in mobile networks mainly GSM and UMTS. Registration and authentication were identified as security issues in federated systems. Proposed solutions were developed utilizing XML security mechanisms with SIM card security in GSM environment to address these issues. Also a novel system was proposed in which it is possible for a mobile user to securely authenticate and have full anonymity as far as the service providers are concerned; however it is possible for a trusted authority to reveal the identity of the user if he or she is suspected of illegal activities. The next section analyze in detail the Generic Authentication Architecture from 3GPP. Combining SAML with the Generic Authentication Architecture, we propose a novel "generic mobile Web service platform" for M-Commerce. Various solutions have been proposed to address privacy concern in distributed networks; the Platform for Privacy Preferences is one of the popular proposal, though it has many desirable features, it is not easy to enforce it. We argue that this limitation can be managed in federated system such as the Liberty Alliance framework. In the final chapter we make the case for using timestamp based authentication protocol
in mobile Web service on the ground of efficiency gain
Privacy-preserving efficient searchable encryption
Data storage and computation outsourcing to third-party managed data centers,
in environments such as Cloud Computing, is increasingly being adopted
by individuals, organizations, and governments. However, as cloud-based outsourcing
models expand to society-critical data and services, the lack of effective
and independent control over security and privacy conditions in such settings
presents significant challenges.
An interesting solution to these issues is to perform computations on encrypted
data, directly in the outsourcing servers. Such an approach benefits
from not requiring major data transfers and decryptions, increasing performance
and scalability of operations. Searching operations, an important application
case when cloud-backed repositories increase in number and size, are good examples
where security, efficiency, and precision are relevant requisites. Yet existing
proposals for searching encrypted data are still limited from multiple perspectives,
including usability, query expressiveness, and client-side performance and
scalability.
This thesis focuses on the design and evaluation of mechanisms for searching
encrypted data with improved efficiency, scalability, and usability. There are
two particular concerns addressed in the thesis: on one hand, the thesis aims at
supporting multiple media formats, especially text, images, and multimodal data
(i.e. data with multiple media formats simultaneously); on the other hand the
thesis addresses client-side overhead, and how it can be minimized in order to
support client applications executing in both high-performance desktop devices
and resource-constrained mobile devices.
From the research performed to address these issues, three core contributions
were developed and are presented in the thesis: (i) CloudCryptoSearch, a middleware
system for storing and searching text documents with privacy guarantees,
while supporting multiple modes of deployment (user device, local proxy, or computational cloud) and exploring different tradeoffs between security, usability, and performance; (ii) a novel framework for efficiently searching encrypted images
based on IES-CBIR, an Image Encryption Scheme with Content-Based Image
Retrieval properties that we also propose and evaluate; (iii) MIE, a Multimodal
Indexable Encryption distributed middleware that allows storing, sharing, and
searching encrypted multimodal data while minimizing client-side overhead and
supporting both desktop and mobile devices
Reasoning about Unreliable Actions
We analyse the philosopher Davidson's semantics of actions, using a strongly
typed logic with contexts given by sets of partial equations between the
outcomes of actions. This provides a perspicuous and elegant treatment of
reasoning about action, analogous to Reiter's work on artificial intelligence.
We define a sequent calculus for this logic, prove cut elimination, and give a
semantics based on fibrations over partial cartesian categories: we give a
structure theory for such fibrations. The existence of lax comma objects is
necessary for the proof of cut elimination, and we give conditions on the
domain fibration of a partial cartesian category for such comma objects to
exist
Essays on Displacement During and After War
How do internally displaced persons navigate the contested environment of conflicts? When violence breaks out, civilians have to make difficult decisions regarding the questions of whether to leave, how to protect themselves from armed actors and when to return. In three empirical chapters, this thesis investigates how violence affects population movements but also how population movements shape conflict dynamics and post-conflict recovery. The first chapter investigates how different patterns of violence lead to differential decisions to flee by conducting a survey experiment in the Kurdish dominated areas of Turkey. I find that certain patterns of violence, in particular the threat of repeated and future violence but also the perpetrator of violence, explain when civilians flee and where they go. The second empirical chapter highlights how armed actors respond to the resulting displacement. I propose a revised theory of civilian victimization during civil wars in which the local population is not static but moves dynamically through zones of territorial control. In a spatial regression analysis of one-sided violence against civilians and IDPs, I show in the context of the Iraq war against the Islamic State that territorial rulers respond with violence to disloyal IDPs moving into their areas while territorial challengers spoil local rule by targeting civilians that support the current local ruler and move towards their territories. This study contributes to the literature on territorial control, civilian victimization, and conflict contagion. The last chapter analyses how housing, land and property rights affect the decision to return home after displacement. Using a matching analysis of actual return decisions in Northern Iraq and survey experiments with the Yazidis in Iraq, I demonstrate that political discrimination and economic uncertainty in property rights security slow down returns and hinder a speedy recovery in post-conflict environments. Situated at the intersection between forced migration research and conflict studies, the thesis as a whole provides insights into the interlinked dynamics of violence and displacement during and after conflicts
Continuous trust management frameworks : concept, design and characteristics
PhD ThesisA Trust Management Framework is a collection of technical components and governing
rules and contracts to establish secure, confidential, and Trustworthy transactions
among the Trust Stakeholders whether they are Users, Service Providers, or Legal
Authorities. Despite the presence of many Trust Frameworks projects, they still fail
at presenting a mature Framework that can be Trusted by all its Stakeholders. Particularly
speaking, most of the current research focus on the Security aspects that may
satisfy some Stakeholders but ignore other vital Trust Properties like Privacy, Legal
Authority Enforcement, Practicality, and Customizability. This thesis is all about
understanding and utilising the state of the art technologies of Trust Management to
come up with a Trust Management Framework that could be Trusted by all its Stakeholders
by providing a Continuous Data Control where the exchanged data would be
handled in a Trustworthy manner before and after the data release from one party to
another. For that we call it: Continuous Trust Management Framework.
In this thesis, we present a literature survey where we illustrate the general picture
of the current research main categorise as well as the main Trust Stakeholders, Trust
Challenges, and Trust Requirements. We picked few samples representing each of
the main categorise in the literature of Trust Management Frameworks for detailed
comparison to understand the strengths and weaknesses of those categorise. Showing
that the current Trust Management Frameworks are focusing on fulfilling most of the
Trust Attributes needed by the Trust Stakeholders except for the Continuous Data
Control Attribute, we argued for the vitality of our proposed generic design of the
Continuous Trust Management Framework.
To demonstrate our Design practicality, we present a prototype implementing its
basic Stakeholders like the Users, Service Providers, Identity Provider, and Auditor
on top of the OpenID Connect protocol. The sample use-case of our prototype is to
protect the Users’ email addresses. That is, Users would ask for their emails not to be
iii
shared with third parties but some Providers would act maliciously and share these
emails with third parties who would, in turn, send spam emails to the victim Users.
While the prototype Auditor would be able to protect and track data before their
release to the Service Providers, it would not be able to enforce the data access policy
after release. We later generalise our sample use-case to cover various Mass Active
Attacks on Users’ Credentials like, for example, using stolen credit cards or illegally
impersonating third-party identity.
To protect the Users’ Credentials after release, we introduce a set of theories and
building blocks to aid our Continuous Trust Framework’s Auditor that would act as
the Trust Enforcement point. These theories rely primarily on analysing the data
logs recorded by our prototype prior to releasing the data. To test our theories, we
present a Simulation Model of the Auditor to optimise its parameters. During some
of our Simulation Stages, we assumed the availability of a Data Governance Unit,
DGU, that would provide hardware roots of Trust. This DGU is to be installed in the
Service Providers’ server-side to govern how they handle the Users’ data. The final
simulation results include a set of different Defensive Strategies’ Flavours that could
be utilized by the Auditor depending on the environment where it operates.
This thesis concludes with the fact that utilising Hard Trust Measures such as DGU
without effective Defensive Strategies may not provide the ultimate Trust solution.
That is especially true at the bootstrapping phase where Service Providers would be
reluctant to adopt a restrictive technology like our proposed DGU. Nevertheless, even
in the absence of the DGU technology now, deploying the developed Defensive Strategies’
Flavours that do not rely on DGU would still provide significant improvements
in terms of enforcing Trust even after data release compared to the currently widely
deployed Strategy: doing nothing!Public Authority for Applied Education and Training in Kuwait, PAAET
Security in Distributed, Grid, Mobile, and Pervasive Computing
This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security
Impact of Small Scale Irrigation on Household Welfare: Case of Laelay Dayu Irrigation Scheme
This paper evaluates the impact of small scale irrigation on household welfare measured by household income and consumption expenditure. The study is based on cross-sectional data collected from a sample of 180 households [80 adopters and 100 non adopters] using two stage random sampling. The analysis was performed applying propensity score matching and poverty analysis. These results suggest that access to irrigation has profound impact on improving household welfare and reducing rural poverty. Key words: Impact, propensity score matching, small scale irrigation, welfare, poverty
- …