1,453 research outputs found

    Hidden in the Cloud : Advanced Cryptographic Techniques for Untrusted Cloud Environments

    Get PDF
    In the contemporary digital age, the ability to search and perform operations on encrypted data has become increasingly important. This significance is primarily due to the exponential growth of data, often referred to as the "new oil," and the corresponding rise in data privacy concerns. As more and more data is stored in the cloud, the need for robust security measures to protect this data from unauthorized access and misuse has become paramount. One of the key challenges in this context is the ability to perform meaningful operations on the data while it remains encrypted. Traditional encryption techniques, while providing a high level of security, render the data unusable for any practical purpose other than storage. This is where advanced cryptographic protocols like Symmetric Searchable Encryption (SSE), Functional Encryption (FE), Homomorphic Encryption (HE), and Hybrid Homomorphic Encryption (HHE) come into play. These protocols not only ensure the confidentiality of data but also allow computations on encrypted data, thereby offering a higher level of security and privacy. The ability to search and perform operations on encrypted data has several practical implications. For instance, it enables efficient Boolean queries on encrypted databases, which is crucial for many "big data" applications. It also allows for the execution of phrase searches, which are important for many machine learning applications, such as intelligent medical data analytics. Moreover, these capabilities are particularly relevant in the context of sensitive data, such as health records or financial information, where the privacy and security of user data are of utmost importance. Furthermore, these capabilities can help build trust in digital systems. Trust is a critical factor in the adoption and use of digital services. By ensuring the confidentiality, integrity, and availability of data, these protocols can help build user trust in cloud services. This trust, in turn, can drive the wider adoption of digital services, leading to a more inclusive digital society. However, it is important to note that while these capabilities offer significant advantages, they also present certain challenges. For instance, the computational overhead of these protocols can be substantial, making them less suitable for scenarios where efficiency is a critical requirement. Moreover, these protocols often require sophisticated key management mechanisms, which can be challenging to implement in practice. Therefore, there is a need for ongoing research to address these challenges and make these protocols more efficient and practical for real-world applications. The research publications included in this thesis offer a deep dive into the intricacies and advancements in the realm of cryptographic protocols, particularly in the context of the challenges and needs highlighted above. Publication I presents a novel approach to hybrid encryption, combining the strengths of ABE and SSE. This fusion aims to overcome the inherent limitations of both techniques, offering a more secure and efficient solution for key sharing and access control in cloud-based systems. Publication II further expands on SSE, showcasing a dynamic scheme that emphasizes forward and backward privacy, crucial for ensuring data integrity and confidentiality. Publication III and Publication IV delve into the potential of MIFE, demonstrating its applicability in real-world scenarios, such as designing encrypted private databases and additive reputation systems. These publications highlight the transformative potential of MIFE in bridging the gap between theoretical cryptographic concepts and practical applications. Lastly, Publication V underscores the significance of HE and HHE as a foundational element for secure protocols, emphasizing its potential in devices with limited computational capabilities. In essence, these publications not only validate the importance of searching and performing operations on encrypted data but also provide innovative solutions to the challenges mentioned. They collectively underscore the transformative potential of advanced cryptographic protocols in enhancing data security and privacy, paving the way for a more secure digital future

    The end of probation:Successful transition of female ex-offenders with mental impairments who have served long term imprisonment

    Get PDF
    The successful transition from prison into the community and off probation licence for female ex-offenders can be a difficult time, even more so for those with mental impairments, due to the added barriers they face (Bakken & Visher, 2018; Baillargeon et al., 2009). The aim of this study was to explore this particular group of female ex-offenders with mental impairments and identify how they have been successful in their transition out of probation supervision and towards desistance from crime. This research is important because it focuses on ‘what works’ for long term support of female ex-offenders and moving towards desistance. Through the use of 20 semi structured interviews with, 10 successful female ex-offenders with mental impairments and, 10 professionals who support female offenders, the current research was able to identify the factors that are needed for successful transitions. Female ex-offender participants were recruited from two women centres as were the professionals that work there. The results identified that whilst the basic needs being met were important in achieving successful transition, it was the emotional support and preparedness that was unavailable and was necessary to further achieve desistance. Housing was a priority for the participants as this provided the foundation for all other support. Strengthening the positive family relationships was a key motivator for the women. However, it was not just the practical factors that were important, it was the meanings that the women had attached to things that made them important factors for their desistance. The findings indicated that services supporting reintegration need to build on long term support that not only considers basic needs provision but also supports resilience and change-management through self-agency and empowerment. However, desistance is a dynamic personal process that can change and adapt overtime and therefore, supporting desistance and what is understood as important may be understood differently at the time in retrospect and so provides recommendations for future research

    Cognitive Machine Individualism in a Symbiotic Cybersecurity Policy Framework for the Preservation of Internet of Things Integrity: A Quantitative Study

    Get PDF
    This quantitative study examined the complex nature of modern cyber threats to propose the establishment of cyber as an interdisciplinary field of public policy initiated through the creation of a symbiotic cybersecurity policy framework. For the public good (and maintaining ideological balance), there must be recognition that public policies are at a transition point where the digital public square is a tangible reality that is more than a collection of technological widgets. The academic contribution of this research project is the fusion of humanistic principles with Internet of Things (IoT) technologies that alters our perception of the machine from an instrument of human engineering into a thinking peer to elevate cyber from technical esoterism into an interdisciplinary field of public policy. The contribution to the US national cybersecurity policy body of knowledge is a unified policy framework (manifested in the symbiotic cybersecurity policy triad) that could transform cybersecurity policies from network-based to entity-based. A correlation archival data design was used with the frequency of malicious software attacks as the dependent variable and diversity of intrusion techniques as the independent variable for RQ1. For RQ2, the frequency of detection events was the dependent variable and diversity of intrusion techniques was the independent variable. Self-determination Theory is the theoretical framework as the cognitive machine can recognize, self-endorse, and maintain its own identity based on a sense of self-motivation that is progressively shaped by the machine’s ability to learn. The transformation of cyber policies from technical esoterism into an interdisciplinary field of public policy starts with the recognition that the cognitive machine is an independent consumer of, advisor into, and influenced by public policy theories, philosophical constructs, and societal initiatives

    New perspectives on A.I. in sentencing. Human decision-making between risk assessment tools and protection of humans rights.

    Get PDF
    The aim of this thesis is to investigate a field that until a few years ago was foreign to and distant from the penal system. The purpose of this undertaking is to account for the role that technology could plays in the Italian Criminal Law system. More specifically, this thesis attempts to scrutinize a very intricate phase of adjudication. After deciding on the type of an individual's liability, a judge must decide on the severity of the penalty. This type of decision implies a prognostic assessment that looks to the future. It is precisely in this field and in prognostic assessments that, as has already been anticipated in the United, instruments and processes are inserted in the pre-trial but also in the decision-making phase. In this contribution, we attempt to describe the current state of this field, trying, as a matter of method, to select the most relevant or most used tools. Using comparative and qualitative methods, the uses of some of these instruments in the supranational legal system are analyzed. Focusing attention on the Italian system, an attempt was made to investigate the nature of the element of an individual's ‘social dangerousness’ (pericolosità sociale) and capacity to commit offences, types of assessments that are fundamental in our system because they are part of various types of decisions, including the choice of the best sanctioning treatment. It was decided to turn our attention to this latter field because it is believed that the judge does not always have the time, the means and the ability to assess all the elements of a subject and identify the best 'individualizing' treatment in order to fully realize the function of Article 27, paragraph 3 of the Constitution

    The Public Performance Of Sanctions In Insolvency Cases: The Dark, Humiliating, And Ridiculous Side Of The Law Of Debt In The Italian Experience. A Historical Overview Of Shaming Practices

    Get PDF
    This study provides a diachronic comparative overview of how the law of debt has been applied by certain institutions in Italy. Specifically, it offers historical and comparative insights into the public performance of sanctions for insolvency through shaming and customary practices in Roman Imperial Law, in the Middle Ages, and in later periods. The first part of the essay focuses on the Roman bonorum cessio culo nudo super lapidem and on the medieval customary institution called pietra della vergogna (stone of shame), which originates from the Roman model. The second part of the essay analyzes the social function of the zecca and the pittima Veneziana during the Republic of Venice, and of the practice of lu soldate a castighe (no translation is possible). The author uses a functionalist approach to apply some arguments and concepts from the current context to this historical analysis of ancient institutions that we would now consider ridiculous. The article shows that the customary norms that play a crucial regulatory role in online interactions today can also be applied to the public square in the past. One of these tools is shaming. As is the case in contemporary online settings, in the public square in historic periods, shaming practices were used to enforce the rules of civility in a given community. Such practices can be seen as virtuous when they are intended for use as a tool to pursue positive change in forces entrenched in the culture, and thus to address social wrongs considered outside the reach of the law, or to address human rights abuses

    Trustworthy Decentralized Last Mile Delivery Framework Using Blockchain

    Get PDF
    The fierce competition and rapidly growing eCommerce market are painful headaches for logistics companies. In 2021, Canada Post’s parcel volume peaked at 361 million units with a minimum charge of $10 per each. The Last-Mile Delivery (LMD) is the final leg of the supply chain that ends with the package at the customer’s doorstep. LMD involves moving small shipments to geographically dispersed locations with high expectations on service levels and precise time windows. Therefore, it is the most complex and costly logistics process, accounting for more than 50% of the overall supply chain cost. Innovations like Crowdshipping, such as Uber and Amazon Flex, help overcome this inefficiency and provide an outstanding delivery experience by enabling freelancers willing to deliver packages if they are around. However, apartfrom the centralized nature of the Crowdshipping platforms, retailers pay a fee for outsourcing the delivery process, which is rising. Besides, they lack transparency, and most of them, if not all, are platform monopolies in the making. New technologies such as blockchain recently introduced an opportunity to improve logistics and LMD operations. Several papers in the literature suggested employing blockchain and other cryptographic techniques for parcel delivery. Hence,this thesis presents a blockchain-based free-intermediaries crowd-logistics model and investigates the challenges that could harbor adopting this solution, such as user trust, data safety, security of transactions, and tracking service quality. Our framework combines a security assessment that examines the possible vulnerabilities of the proposed design and suggestions for mitigation and protection. Besides, it encourages couriers to act honestly by using a decentralized reputation model for couriers’ ratings based on their past behavior. A security analysis of our proposed system hasbeen provided, and the complete code of the smart contract has been publicly made available on GitHub

    Blockchain-based secret key extraction for efficient and secure authentication in VANETs

    Get PDF
    Intelligent transportation systems are an emerging technology that facilitates real-time vehicle-to-everything communication. Hence, securing and authenticating data packets for intra- and inter-vehicle communication are fundamental security services in vehicular ad-hoc networks (VANETs). However, public-key cryptography (PKC) is commonly used in signature-based authentication, which consumes significant computation resources and communication bandwidth for signatures generation and verification, and key distribution. Therefore, physical layer-based secret key extraction has emerged as an effective candidate for key agreement, exploiting the randomness and reciprocity features of wireless channels. However, the imperfect channel reciprocity generates discrepancies in the extracted key, and existing reconciliation algorithms suffer from significant communication costs and security issues. In this paper, PKC-based authentication is used for initial legitimacy detection and exchanging authenticated probing packets. Accordingly, we propose a blockchain-based reconciliation technique that allows the trusted third party (TTP) to publish the correction sequence of the mismatched bits through a transaction using a smart contract. The smart contract functions enable the TTP to map the transaction address to vehicle-related information and allow vehicles to obtain the transaction contents securely. The obtained shared key is then used for symmetric key cryptography (SKC)-based authentication for subsequent transmissions, saving significant computation and communication costs. The correctness and security robustness of the scheme are proved using Burrows–Abadi–Needham (BAN)-logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) simulator. We also discussed the scheme’s resistance to typical attacks. The scheme’s performance in terms of packet delay and loss ratio is evaluated using the network simulator (OMNeT++). Finally, the computation analysis shows that the scheme saves ~99% of the time required to verify 1000 messages compared to existing PKC-based schemes

    The global problem of image-based sexual abuse considered in the Irish context: An evaluation of existing legal responses with a focus on effective enforcement in the online environment

    Get PDF
    The recording and/or sharing of intimate images without consent – known as image-based sexual abuse (IBSA) – has received significant legislative attention in recent years. Various approaches to addressing the harm of IBSA have been adopted internationally and this thesis identifies a need to consider the Irish response to IBSA. Adopting a victim-centred approach, this thesis derives lessons from the Australian experience where an innovative system of redress and enforcement has been developed through the establishment of a regulatory structure supported by a statutory body, the Office of the eSafety Commissioner (OESC). The immediate importance of this research is clear. Remediating harm in the world of the internet where both identities and jurisdictional boundaries are blurred is challenging. This thesis investigates the effectiveness of the OESC in practice in order to better assess the Irish approach and the potential of the Irish Online Safety Commissioner to provide adequate redress for victims of IBSA in Ireland. Through the use of doctrinal and comparative analysis and the conducting of interviews with key stakeholders in the area of online regulation, this thesis identifies the key needs of victims of IBSA and identifies numerous mechanisms designed to address those needs, at least in part. This victim-centred approach underlies the in-depth analysis of the Australian system and is used to inform the policy recommendations made in this thesis. Particular attention is afforded to whether the Irish approach should include an individual complaints mechanism. By drawing inferences between the Irish and Australian situations, a clearer picture is drawn as to the optimum remit, structure, functions, and powers of the Irish OSC in order to effectively address the harms of IBSA

    Blockchain-Coordinated Frameworks for Scalable and Secure Supply Chain Networks

    Full text link
    Supply chains have progressed through time from being limited to a few regional traders to becoming complicated business networks. As a result, supply chain management systems now rely significantly on the digital revolution for the privacy and security of data. Due to key qualities of blockchain, such as transparency, immutability and decentralization, it has recently gained a lot of interest as a way to solve security, privacy and scalability problems in supply chains. However conventional blockchains are not appropriate for supply chain ecosystems because they are computationally costly, have a limited potential to scale and fail to provide trust. Consequently, due to limitations with a lack of trust and coordination, supply chains tend to fail to foster trust among the network’s participants. Assuring data privacy in a supply chain ecosystem is another challenge. If information is being shared with a large number of participants without establishing data privacy, access control risks arise in the network. Protecting data privacy is a concern when sending corporate data, including locations, manufacturing supplies and demand information. The third challenge in supply chain management is scalability, which continues to be a significant barrier to adoption. As the amount of transactions in a supply chain tends to increase along with the number of nodes in a network. So scalability is essential for blockchain adoption in supply chain networks. This thesis seeks to address the challenges of privacy, scalability and trust by providing frameworks for how to effectively combine blockchains with supply chains. This thesis makes four novel contributions. It first develops a blockchain-based framework with Attribute-Based Access Control (ABAC) model to assure data privacy by adopting a distributed framework to enable fine grained, dynamic access control management for supply chain management. To solve the data privacy challenge, AccessChain is developed. This proposed AccessChain model has two types of ledgers in the system: local and global. Local ledgers are used to store business contracts between stakeholders and the ABAC model management, whereas the global ledger is used to record transaction data. AccessChain can enable decentralized, fine-grained and dynamic access control management in SCM when combined with the ABAC model and blockchain technology (BCT). The framework enables a systematic approach that advantages the supply chain, and the experiments yield convincing results. Furthermore, the results of performance monitoring shows that AccessChain’s response time with four local ledgers is acceptable, and therefore it provides significantly greater scalability. Next, a framework for reducing the bullwhip effect (BWE) in SCM is proposed. The framework also focuses on combining data visibility with trust. BWE is first observed in SC and then a blockchain architecture design is used to minimize it. Full sharing of demand data has been shown to help improve the robustness of overall performance in a multiechelon SC environment, especially for BWE mitigation and cumulative cost reduction. It is observed that when it comes to providing access to data, information sharing using a blockchain has some obvious benefits in a supply chain. Furthermore, when data sharing is distributed, parties in the supply chain will have fair access to other parties’ data, even though they are farther downstream. Sharing customer demand is important in a supply chain to enhance decision-making, reduce costs and promote the final end product. This work also explores the ability of BCT as a solution in a distributed ledger approach to create a trust-enhanced environment where trust is established so that stakeholders can share their information effectively. To provide visibility and coordination along with a blockchain consensus process, a new consensus algorithm, namely Reputation-based proof-of cooperation (RPoC), is proposed for blockchain-based SCM, which does not involve validators to solve any mathematical puzzle before storing a new block. The RPoC algorithm is an efficient and scalable consensus algorithm that selects the consensus node dynamically and permits a large number of nodes to participate in the consensus process. The algorithm decreases the workload on individual nodes while increasing consensus performance by allocating the transaction verification process to specific nodes. Through extensive theoretical analyses and experimentation, the suitability of the proposed algorithm is well grounded in terms of scalability and efficiency. The thesis concludes with a blockchain-enabled framework that addresses the issue of preserving privacy and security for an open-bid auction system. This work implements a bid management system in a private BC environment to provide a secure bidding scheme. The novelty of this framework derives from an enhanced approach for integrating BC structures by replacing the original chain structure with a tree structure. Throughout the online world, user privacy is a primary concern, because the electronic environment enables the collection of personal data. Hence a suitable cryptographic protocol for an open-bid auction atop BC is proposed. Here the primary aim is to achieve security and privacy with greater efficiency, which largely depends on the effectiveness of the encryption algorithms used by BC. Essentially this work considers Elliptic Curve Cryptography (ECC) and a dynamic cryptographic accumulator encryption algorithm to enhance security between auctioneer and bidder. The proposed e-bidding scheme and the findings from this study should foster the further growth of BC strategies

    Efficient Security Protocols for Constrained Devices

    Get PDF
    During the last decades, more and more devices have been connected to the Internet.Today, there are more devices connected to the Internet than humans.An increasingly more common type of devices are cyber-physical devices.A device that interacts with its environment is called a cyber-physical device.Sensors that measure their environment and actuators that alter the physical environment are both cyber-physical devices.Devices connected to the Internet risk being compromised by threat actors such as hackers.Cyber-physical devices have become a preferred target for threat actors since the consequence of an intrusion disrupting or destroying a cyber-physical system can be severe.Cyber attacks against power and energy infrastructure have caused significant disruptions in recent years.Many cyber-physical devices are categorized as constrained devices.A constrained device is characterized by one or more of the following limitations: limited memory, a less powerful CPU, or a limited communication interface.Many constrained devices are also powered by a battery or energy harvesting, which limits the available energy budget.Devices must be efficient to make the most of the limited resources.Mitigating cyber attacks is a complex task, requiring technical and organizational measures.Constrained cyber-physical devices require efficient security mechanisms to avoid overloading the systems limited resources.In this thesis, we present research on efficient security protocols for constrained cyber-physical devices.We have implemented and evaluated two state-of-the-art protocols, OSCORE and Group OSCORE.These protocols allow end-to-end protection of CoAP messages in the presence of untrusted proxies.Next, we have performed a formal protocol verification of WirelessHART, a protocol for communications in an industrial control systems setting.In our work, we present a novel attack against the protocol.We have developed a novel architecture for industrial control systems utilizing the Digital Twin concept.Using a state synchronization protocol, we propagate state changes between the digital and physical twins.The Digital Twin can then monitor and manage devices.We have also designed a protocol for secure ownership transfer of constrained wireless devices. Our protocol allows the owner of a wireless sensor network to transfer control of the devices to a new owner.With a formal protocol verification, we can guarantee the security of both the old and new owners.Lastly, we have developed an efficient Private Stream Aggregation (PSA) protocol.PSA allows devices to send encrypted measurements to an aggregator.The aggregator can combine the encrypted measurements and calculate the decrypted sum of the measurements.No party will learn the measurement except the device that generated it
    • …
    corecore