Efficient (k, n) : threshold secret sharing method with cheater prevention for QR code application

To protect secret message, secret sharing technique divides it into n shares and distributes them to n involved participants. However, it is hardly to prevent a dishonest participant to cheat other by providing a fake share. To overcome this weakness, this paper presents an efficient (k, n)-threshold secret sharing approach with the functionality of cheater identification using meaningful QR codes. The secret message would be split into k pieces, and used as the coefficients of polynomial function to generate n shares. These shares would be concealed into cover QR codes based on its fault tolerance to generate meaningful QR code shares. The meaningful QR code shares are helpful to reduce the curiosity of unrelated persons when transmitted in public channel. The legitimacy of QR code share would be verified before secret reconstruction to prevent cheater in secret revealing procedure. Some experiments were done to evaluate the performance of the proposed scheme. The experimental results show that the proposed scheme is efficient, highly secure and highly robust, and it also achieves a higher embedding capacity compared to previous methods

PENERAPAN QR-CODE UNTUK SISTEM INFORMASI MUSEUM MPU TANTULAR BERBASIS WEB

Dengan dukungan teknologi yang berkembang saat ini, memungkinkan untuk menerapkan QR-Code ke dalam sistem informasi berbasis web. Apalagi untuk pengenalan detail koleksi museum, peranan sistem informasi ini sangat di perlukan. Dalam penelitian ini objek yang digunakan adalah UPT MUSEUM MPU TANTULAR, untuk melakukan pengenalan dari beberapa koleksi yang ada di dalam museum. Museum tersebut beralamatkan di jalan Raya Buduran – Jembatan Layang, kecamatan Sidoarjo. Aktivitas oprasional museum ini masih menggunakan sistem manual. Hal ini menyebabkan kegiatan pengenalan koleksi museum kurang efisien. Dengan adanya penerapan QR-Code pada sistem informasi museum Mpu Tantular ini diharapkan agar aktivitas operasional maupun pengenalan koleksi museum dapat menghasilkan data yang akurat dan efisien. Sistem informasi berbasis web dimaksudkan untuk membantu penanganan operasional museum sedangkan aplikasi berbasis android untuk pengenalan koleksi museum secara audio visual. Metode penelitian dilaksanakan dengan tahapan-tahapan observasi, studi kelayakan, analisa kebutuhan sistem, desain sistem, pembuatan aplikasi, uji coba dan evaluasi

A granular approach to source trustworthiness for negative trust assessment

The problem of determining what information to trust is crucial in many contexts that admit uncertainty and polarization. In this paper, we propose a method to systematically reason on the trustworthiness of sources. While not aiming at establishing their veracity, the metho

FoodSQRBlock: Digitizing Food Production and the Supply Chain with Blockchain and QR Code in the Cloud

Food safety is an important issue in today’s world. The traditional agri-food production system does not offer easy traceability of the produce at any point of the supply chain, and hence, during a food-borne outbreak, it is very difficult to sift through food production data to track produce and the origin of the outbreak. In recent years, the blockchain based food production system has resolved this challenge; however, none of the proposed methodologies makes the food production data easily accessible, traceable and verifiable by consumers or producers using mobile/edge devices. In this paper, we propose FoodSQRBlock (Food Safety Quick Response Block), a blockchain technology based framework that digitises the food production information and makes it easily accessible, traceable and verifiable by the consumers and producers by using QR codes. We also propose a large-scale integration of FoodSQRBlock in the cloud to show the feasibility and scalability of the framework, as well as give an experimental evaluation to prove this

QR code design: From digital graphics to environmental, product and fashion design

Classification of design codes by the level of complexity of their design was cre-ated for the first time. The obtained results are key to understanding the role of the QR code as a full-fledged work of art in the context of modern design. In the future, this will allow us to single out the most noticeable trends in the development of coded information in the conditions of modern visual culture

SmartNoshWaste: Using Blockchain, Machine Learning, Cloud Computing and QR Code to Reduce Food Waste in Decentralized Web 3.0 Enabled Smart Cities

Food waste is an important social and environmental issue that the current society faces, where one third of the total food produced is wasted or lost every year while more than 820 million people around the world do not have access to adequate food. However, as we move towards a decentralized Web 3.0 enabled smart city, we can utilize cutting edge technologies such as blockchain, artificial intelligence, cloud computing and many more to reduce food waste in different phases of the supply chain. In this paper, we propose SmartNoshWaste—a blockchain based multi-layered framework utilizing cloud computing, QR code and reinforcement learning to reduce food waste. We also evaluate SmartNoshWaste on real world food data collected from the nosh app to show the efficacy of the proposed framework and we are able to reduce food waste by 9.46% in comparison to the originally collected food data based on the experimental evaluation

Identifiable Cheating Entity Flexible Round-Optimized Schnorr Threshold (ICE FROST) Signature Protocol

This paper presents an Identifiable Cheating Entity (ICE) FROST signature protocol that is an improvement over the FROST signature scheme (Komlo and Goldberg, SAC 2020) since it can identify cheating participants in its Key Generation protocol. The proposed threshold signature protocol achieves robustness in the Key Generation phase of the threshold signature protocol by introducing a cheating identification mechanism and then excluding cheating participants from the protocol. By enabling the cheating identification mechanism, we remove the need to abort the Key Generation protocol every time cheating activity is suspected. Our cheating identification mechanism allows every participant to individually check the validity of complaints issued against possibly cheating participants. Then, after all of the cheating participants are eliminated, the Key Generation protocol is guaranteed to finish successfully. On the other hand, the signing process only achieves a weak form of robustness, as in the original FROST. We then introduce static public key variant of ICE FROST. Our work is the first to consider static private/public keys for a round-optimized Schnorr-based signature scheme. With static public keys, the group’s established public and private keys remain constant for the lifetime of signers, while the signing shares of each participant are updated overtime, as well as the set of group members, which ensures the long-term security of the static keys and facilitates the verification process of the generated threshold signature because a group of signers communicates their public key to the verifier only once during the group’s lifetime. Our implementation benchmarks demonstrate that the runtime of the protocol is feasible for real-world applications

Sécurité collaborative pour l internet des objets

Cette thèse aborde des nouveaux défis de sécurité dans l'Internet des Objets (IdO). La transition actuelle de l'Internet classique vers l'Internet des Objets conduit à de nombreux changements dans les modèles de communications sous-jacents. La nature hétérogène des communications de l IdO et le déséquilibre entre les capacités des entités communicantes qui le constituent rendent difficile l'établissement de connexions sécurisées de bout en bout. Contrairement aux nœuds de l Internet traditionnel, la plupart des composants de l'Internet des Objets sont en effet caractérisés par de faibles capacités en termes d'énergie et de puissance calcul. Par conséquent, ils ne sont pas en mesure de supporter des systèmes de sécurité complexes. En particulier, la mise en place d'un canal de communication sécurisé de bout en bout nécessite l établissement d'une clé secrète commune entre les deux nœuds souhaitant communiquer, qui sera négociée en s'appuyant sur un protocole d'échange de clés tels que le Transport Layer Security (TLS) Handshake ou l Internet Key Exchange (IKE). Or, une utilisation directe de ces protocoles pour établir des connexions sécurisées entre deux entités de l IdO peut être difficile en raison de l'écart technologique entre celles-ci et des incohérences qui en résultent sur le plan des primitives cryptographiques supportées. Le sujet de l'adaptation des protocoles de sécurité existants pour répondre à ces nouveaux défis a récemment été soulevé dans la communauté scientifique. Cependant, les premières solutions proposées n'ont pas réussi à répondre aux besoins des nœuds à ressources limitées. Dans cette thèse, nous proposons de nouvelles approches collaboratives pour l'établissement de clés, dans le but de réduire les exigences des protocoles de sécurité existants, afin que ceux-ci puissent être mis en œuvre par des nœuds à ressources limitées. Nous avons particulièrement retenu les protocoles TLS Handshake, IKE et HIP BEX comme les meilleurs candidats correspondant aux exigences de sécurité de bout en bout pour l'IdO. Puis nous les avons modifiés de sorte que le nœud contraint en énergie puisse déléguer les opérations cryptographiques couteuses à un ensemble de nœuds au voisinage, tirant ainsi avantage de l'hétérogénéité spatiale qui caractérise l IdO. Nous avons entrepris des vérifications formelles de sécurité et des analyses de performance qui prouvent la sureté et l'efficacité énergétique des protocoles collaboratifs proposés. Dans une deuxième partie, nous avons porté notre attention sur une classe d attaques internes que la collaboration entre les nœuds peut induire et que les mécanismes cryptographiques classiques, tels que la signature et le chiffrement, s'avèrent impuissants à contrer. Cela nous a amené à introduire la notion de confiance au sein d'un groupe collaboratif. Le niveau de fiabilité d'un nœud est évalué par un mécanisme de sécurité dédié, connu sous le nom de système de gestion de confiance. Ce système est lui aussi instancié sur une base collaborative, dans laquelle plusieurs nœuds partagent leurs témoignages respectifs au sujet de la fiabilité des autres nœuds. En nous appuyant sur une analyse approfondie des systèmes de gestion de confiance existants et des contraintes de l IoD, nous avons conçu un système de gestion de confiance efficace pour nos protocoles collaboratifs. Cette efficacité a été évaluée en tenant compte de la façon dont le système de gestion de la confiance répond aux exigences spécifiques à nos approches proposées pour l'établissement de clés dans le contexte de l'IdO. Les résultats des analyses de performance que nous avons menées démontrent le bon fonctionnement du système proposé et une efficacité accrue par rapport à la littératureThis thesis addresses new security challenges in the Internet of Things (IoT). The current transition from legacy Internet to Internet of Things leads to multiple changes in its communication paradigms. Wireless sensor networks (WSNs) initiated this transition by introducing unattended wireless topologies, mostly made of resource constrained nodes, in which radio spectrum therefore ceased to be the only resource worthy of optimization. Today's Machine to Machine (M2M) and Internet of Things architectures further accentuated this trend, not only by involving wider architectures but also by adding heterogeneity, resource capabilities inconstancy and autonomy to once uniform and deterministic systems. The heterogeneous nature of IoT communications and imbalance in resources capabilities between IoT entities make it challenging to provide the required end-to-end secured connections. Unlike Internet servers, most of IoT components are characterized by low capabilities in terms of both energy and computing resources, and thus, are unable to support complex security schemes. The setup of a secure end-to-end communication channel requires the establishment of a common secret key between both peers, which would be negotiated relying on standard security key exchange protocols such as Transport Layer Security (TLS) Handshake or Internet Key Exchange (IKE). Nevertheless, a direct use of existing key establishment protocols to initiate connections between two IoT entities may be impractical because of the technological gap between them and the resulting inconsistencies in their cryptographic primitives. The issue of adapting existing security protocols to fulfil these new challenges has recently been raised in the international research community but the first proposed solutions failed to satisfy the needs of resource-constrained nodes. In this thesis, we propose novel collaborative approaches for key establishment designed to reduce the requirements of existing security protocols, in order to be supported by resource-constrained devices. We particularly retained TLS handshake, Internet key Exchange and HIP BEX protocols as the best keying candidates fitting the end-to-end security requirements of the IoT. Then we redesigned them so that the constrained peer may delegate its heavy cryptographic load to less constrained nodes in neighbourhood exploiting the spatial heterogeneity of IoT nodes. Formal security verifications and performance analyses were also conducted to ensure the security effectiveness and energy efficiency of our collaborative protocols. However, allowing collaboration between nodes may open the way to a new class of threats, known as internal attacks that conventional cryptographic mechanisms fail to deal with. This introduces the concept of trustworthiness within a collaborative group. The trustworthiness level of a node has to be assessed by a dedicated security mechanism known as a trust management system. This system aims to track nodes behaviours to detect untrustworthy elements and select reliable ones for collaborative services assistance. In turn, a trust management system is instantiated on a collaborative basis, wherein multiple nodes share their evidences about one another's trustworthiness. Based on an extensive analysis of prior trust management systems, we have identified a set of best practices that provided us guidance to design an effective trust management system for our collaborative keying protocols. This effectiveness was assessed by considering how the trust management system could fulfil specific requirements of our proposed approaches for key establishment in the context of the IoT. Performance analysis results show the proper functioning and effectiveness of the proposed system as compared with its counterparts that exist in the literatureEVRY-INT (912282302) / SudocSudocFranceF

Model-driven Personalisation of Human-Computer Interaction across Ubiquitous Computing Applications

Personalisation is essential to Ubiquitous Computing (Ubicomp), which focuses on a human-centred paradigm aiming to provide interaction with adaptive content, services, and interfaces towards each one of its users, according to the context of the applications’ scenarios. However, the provision of that appropriated personalised interaction is a true challenge due to different reasons, such as the user interests, heterogeneous environments and devices, dynamic user behaviour and data capture. This dissertation focuses on a model-driven personalisation solution that has the main goal of facili-tating the implementation of a personalised human-computer interaction across different Ubicomp scenarios and applications. The research reported here investigates how a generic and interoperable model for personalisation can be used, shared and processed by different applications, among diverse devices, and across different scenarios, studying how it can enrich human-computer interaction. The research started by the definition of a consistent user model with the integration of context to end in a pervasive model for the definition of personalisations across different applications. Besides the model proposal, the other key contributions within the solution are the modelling frame-work, which encapsulates the model and integrates the user profiling module, and a cloud-based platform to pervasively support developers in the implementation of personalisation across different applications and scenarios. This platform provides tools to put end users in control of their data and to support developers through web services based operations implemented on top of a personalisa-tion API, which can also be used independently of the platform for testing purposes, for instance. Several Ubicomp applications prototypes were designed and used to evaluate, at different phases, both the solution as a whole and each one of its components. Some were specially created with the goal of evaluating specific research questions of this work. Others were being developed with a pur-pose other than for personalisation evaluation, but they ended up as personalised prototypes to better address their initial goals. The process of applying the personalisation model to the design of the latter should also work as a proof of concept on the developer side. On the one hand, developers have been probed with the implementation of personalised applications using the proposed solution, or a part of it, to assess how it works and can help them. The usage of our solution by developers was also important to assess how the model and the platform respond to the developers’ needs. On the other hand, some prototypes that implement our model-driven per-sonalisation solution have been selected for end user evaluation. Usually, user testing was conducted at two different stages of the development, using: (1) a non-personalised version; (2) the final per-sonalised version. This procedure allowed us to assess if personalisation improved the human-com-puter interaction. The first stage was also important to know who were the end users and gather interaction data to come up with personalisation proposals for each prototype. Globally, the results of both developers and end users tests were very positive. Finally, this dissertation proposes further work, which is already ongoing, related to the study of a methodology to the implementation and evaluation of personalised applications, supported by the development of three mobile health applications for rehabilitation

Computer misuse as a facilitator of Domestic Abuse

This project report explored how computer misuse act (CMA) offences facilitate domestic abuse and the relationship between technology and abuse to assess how the link between CMA and domestic abuse can be formally evaluated. The study involved the following methods: media case analysis, a technology review, and interviews with domestic service providers