Efficient and Low-Cost RFID Authentication Schemes

Security in passive resource-constrained Radio Frequency Identification (RFID) tags is of much interest nowadays. Resistance against illegal tracking, cloning, timing, and replay attacks are necessary for a secure RFID authentication scheme. Reader authentication is also necessary to thwart any illegal attempt to read the tags. With an objective to design a secure and low-cost RFID authentication protocol, Gene Tsudik proposed a timestamp-based protocol using symmetric keys, named YA-TRAP*. Although YA-TRAP* achieves its target security properties, it is susceptible to timing attacks, where the timestamp to be sent by the reader to the tag can be freely selected by an adversary. Moreover, in YA-TRAP*, reader authentication is not provided, and a tag can become inoperative after exceeding its pre-stored threshold timestamp value. In this paper, we propose two mutual RFID authentication protocols that aim to improve YA-TRAP* by preventing timing attack, and by providing reader authentication. Also, a tag is allowed to refresh its pre-stored threshold value in our protocols, so that it does not become inoperative after exceeding the threshold. Our protocols also achieve other security properties like forward security, resistance against cloning, replay, and tracking attacks. Moreover, the computation and communication costs are kept as low as possible for the tags. It is important to keep the communication cost as low as possible when many tags are authenticated in batch-mode. By introducing aggregate function for the reader-to-server communication, the communication cost is reduced. We also discuss different possible applications of our protocols. Our protocols thus capture more security properties and more efficiency than YA-TRAP*. Finally, we show that our protocols can be implemented using the current standard low-cost RFID infrastructures.Comment: 21 pages, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), Vol 2, No 3, pp. 4-25, 201

An open-access platform for camera-trapping data

In southern Mexico, local communities have been playing important roles in the design and collection of wildlife data through camera-trapping in community-based monitoring of biodiversity projects. However, the methods used to store the data have limited their use in matters of decision-making and research. Thus, we present the Platform for Community-based Monitoring of Biodiversity (PCMB), a repository, which allows storage, visualization, and downloading of photographs captured by community-based monitoring of biodiversity projects in protected areas of southern Mexico. The platform was developed using agile software development with extensive interaction between computer scientists and biologists. System development included gathering data, design, built, database and attributes creation, and quality control. The PCMB currently contains 28,180 images of 6478 animals (69.4% mammals and 30.3% birds). Of the 32 species of mammals recorded in 18 PA since 2012, approximately a quarter of all photographs were of white-tailed deer (Odocoileus virginianus). Platforms permitting access to camera-trapping data are a valuable step in opening access to data of biodiversity; the PCMB is a practical new tool for wildlife management and research with data generated through local participation. Thus, this work encourages research on the data generated through the community-based monitoring of biodiversity projects in protected areas, to provide an important information infrastructure for effective management and conservation of wildlife

The Energy Landscape, Folding Pathways and the Kinetics of a Knotted Protein

The folding pathway and rate coefficients of the folding of a knotted protein are calculated for a potential energy function with minimal energetic frustration. A kinetic transition network is constructed using the discrete path sampling approach, and the resulting potential energy surface is visualized by constructing disconnectivity graphs. Owing to topological constraints, the low-lying portion of the landscape consists of three distinct regions, corresponding to the native knotted state and to configurations where either the N- or C-terminus is not yet folded into the knot. The fastest folding pathways from denatured states exhibit early formation of the N-terminus portion of the knot and a rate-determining step where the C-terminus is incorporated. The low-lying minima with the N-terminus knotted and the C-terminus free therefore constitute an off-pathway intermediate for this model. The insertion of both the N- and C-termini into the knot occur late in the folding process, creating large energy barriers that are the rate limiting steps in the folding process. When compared to other protein folding proteins of a similar length, this system folds over six orders of magnitude more slowly.Comment: 19 page

Understanding citizen science and environmental monitoring: final report on behalf of UK Environmental Observation Framework

Citizen science can broadly be defined as the involvement of volunteers in science. Over the past decade there has been a rapid increase in the number of citizen science initiatives. The breadth of environmental-based citizen science is immense. Citizen scientists have surveyed for and monitored a broad range of taxa, and also contributed data on weather and habitats reflecting an increase in engagement with a diverse range of observational science. Citizen science has taken many varied approaches from citizen-led (co-created) projects with local community groups to, more commonly, scientist-led mass participation initiatives that are open to all sectors of society. Citizen science provides an indispensable means of combining environmental research with environmental education and wildlife recording. Here we provide a synthesis of extant citizen science projects using a novel cross-cutting approach to objectively assess understanding of citizen science and environmental monitoring including: 1. Brief overview of knowledge on the motivations of volunteers. 2. Semi-systematic review of environmental citizen science projects in order to understand the variety of extant citizen science projects. 3. Collation of detailed case studies on a selection of projects to complement the semi-systematic review. 4. Structured interviews with users of citizen science and environmental monitoring data focussing on policy, in order to more fully understand how citizen science can fit into policy needs. 5. Review of technology in citizen science and an exploration of future opportunities

Let Your CyberAlter Ego Share Information and Manage Spam

Almost all of us have multiple cyberspace identities, and these {\em cyber}alter egos are networked together to form a vast cyberspace social network. This network is distinct from the world-wide-web (WWW), which is being queried and mined to the tune of billions of dollars everyday, and until recently, has gone largely unexplored. Empirically, the cyberspace social networks have been found to possess many of the same complex features that characterize its real counterparts, including scale-free degree distributions, low diameter, and extensive connectivity. We show that these topological features make the latent networks particularly suitable for explorations and management via local-only messaging protocols. {\em Cyber}alter egos can communicate via their direct links (i.e., using only their own address books) and set up a highly decentralized and scalable message passing network that can allow large-scale sharing of information and data. As one particular example of such collaborative systems, we provide a design of a spam filtering system, and our large-scale simulations show that the system achieves a spam detection rate close to 100%, while the false positive rate is kept around zero. This system has several advantages over other recent proposals (i) It uses an already existing network, created by the same social dynamics that govern our daily lives, and no dedicated peer-to-peer (P2P) systems or centralized server-based systems need be constructed; (ii) It utilizes a percolation search algorithm that makes the query-generated traffic scalable; (iii) The network has a built in trust system (just as in social networks) that can be used to thwart malicious attacks; iv) It can be implemented right now as a plugin to popular email programs, such as MS Outlook, Eudora, and Sendmail.Comment: 13 pages, 10 figure

Guidelines and Standard Operating Procedures for IDDE and Pollution Prevention/Good Housekeeping

In April 2003, the United States Environmental Protection Agency (USEPA) issued a National Pollutant Discharge Elimination System (NPDES) General Permit for Stormwater Discharges from Small Municipal Separate Storm Sewer Systems (MS4s). A total of 45 New Hampshire communities (six fully regulated and 39 partially regulated) became subject to Stormwater Phase II regulations based on their designation as Urbanized Areas according to the 2000 US Census

Computational Simulation and 3D Virtual Reality Engineering Tools for Dynamical Modeling and Imaging of Composite Nanomaterials

An adventure at engineering design and modeling is possible with a Virtual Reality Environment (VRE) that uses multiple computer-generated media to let a user experience situations that are temporally and spatially prohibiting. In this paper, an approach to developing some advanced architecture and modeling tools is presented to allow multiple frameworks work together while being shielded from the application program. This architecture is being developed in a framework of workbench interactive tools for next generation nanoparticle-reinforced damping/dynamic systems. Through the use of system, an engineer/programmer can respectively concentrate on tailoring an engineering design concept of novel system and the application software design while using existing databases/software outputs.Comment: Submitted on behalf of TIMA Editions (http://irevues.inist.fr/tima-editions

Using Capec Attack Patterns For Developing Abuse Cases

To engineer secure software, it is imperative to understand attackers’ perspectives and approaches. This information has been captured by attack patterns. The Common Attack Patterns Enumeration Classification (CAPEC) repository hosts over 450 attack patterns that contain information about how attacks have been launched against software. Researches have indicated that attack patterns can be utilized for developing secure software; however, there exists no systematic methodology to address this concern. This research proposes a methodology for utilizing CAPEC attack patterns for developing abuse cases at the requirements stage of the secure software development lifecycle (SDLC). In previous research, a tool for retrieving attack patterns (TrAP) was developed to retrieve CAPEC attack patterns according to Microsoft STRIDE threat categories. This tool also features a search function using keywords. The proposed methodology starts with a set of initial abuse cases developed through brainstorming. Microsoft SDL threat modelling tool is then used to identify and rank possible security threats in the system. The SDL tool generates a series of questions for each threat and these questions are used to extract keywords that serve as input to the TrAP tool to retrieve attack patterns relevant to the abuse cases. Keywords can also be system prerequisites or any technology being implemented in the system. From the list of retrieved attack patterns, the most relevant attack patterns are selected and used to extend the initial abuse cases. New abuse cases can also be discovered through this process