PD agent : a platform for developing and deploying mobile agent-enabled applications for wireless devices

2004-2005 > Academic research: refereed > Refereed conference paperVersion of RecordPublishe

W3Bcrypt: Encryption as a Stylesheet

While web-based communications (e.g., webmail or web chatrooms) are increasingly protected by transport-layer cryptographic mechanisms, such as the SSL/TLS protocol, there are many situations where even the web server (or its operator) cannot be trusted. The end-to-end (E2E) encryption of data becomes increasingly important in these trust models to protect the confidentiality and integrity of the data against snooping and modification. We introduce W3Bcrypt, an extension to the Mozilla Firefox platform that enables application-level cryptographic protection for web content. In effect, we view cryptographic operations as a type of style to be applied to web content, similar to and along with layout and coloring operations. Among the main benefits of using encryption as a stylesheet are (a) reduced workload on the web server, (b) targeted content publication, and (c) greatly increased privacy. This paper discusses our implementation for Firefox, although the core ideas are applicable to most current browsers

Enhanced Stegano-Cryptographic Model for Secure Electronic Voting

The issue of security in Information and Communication Technology has been identified as the most critical barrier in the widespread adoption of electronic voting (e-voting). Earlier cryptographic models for secure e-voting are vulnerable to attacks and existing stegano-cryptographic models can be manipulated by an eavesdropper. These shortcomings of existing models of secure e-voting are threats to confidentiality, integrity and verifiability of electronic ballot which are critical to overall success of e-democratic decision making through e-voting.This paper develops an enhanced stegano-cryptographic model for secure electronic voting system in poll-site, web and mobile voting scenarios for better citizens’ participation and credible e-democratic election. The electronic ballot was encrypted using Elliptic Curve Cryptography and Rivest-Sharma-Adleman cryptographic algorithm. The encrypted voter’s ballot was scattered and hidden in the Least Significant Bit (LSB) of the cover media using information hiding attribute of modified LSB-Wavelet steganographic algorithm. The image quality of the model, stego object was quantitatively assessed using Peak Signal to Noise Ratio (PSNR), Signal to Noise Ratio (SNR), Root Mean Square Error (RMSE) and Structural Similarity Index Metrics (SSIM).The results after quantitative performance evaluation shows that the developed stegano-cryptographic model has generic attribute of secured e-voting relevant for the delivery of credible e-democratic decision making. The large scale implementation of the model would be useful to deliver e-voting of high electoral integrity and political trustworthiness, where genuine e-elections are conducted for the populace by government authority. Keywords: Electronic Voting, Cryptography, Steganography, Video, Image, Wavelet, Securit

Agent-Based Cloud Resource Management for Secure Cloud Infrastructures

The cloud offers clear benefits for computations as well as for storage for diverse application areas. Security concerns are by far the greatest barriers to the wider uptake of cloud computing, particularly for privacy-sensitive applications. The aim of this article is to propose an approach for establishing trust between users and providers of cloud infrastructures (IaaS model) based on certified trusted agents. Such approach would remove barriers that prevent security sensitive applications being moved to the cloud. The core technology encompasses a secure agent platform for providing the execution environment for agents and the secure attested software base which ensures the integrity of the host platform. In this article we describe the motivation, concept, design and initial implementation of these technologies

A framework for the protection of mobile agents against malicious hosts

The mobility attribute of a mobile agent implies deployment thereof in untrustworthy environments, which introduces malicious host threats. The research question deals with how a security framework could be constructed to address the mentioned threats without introducing high costs or restraining the mobile agent's autonomy or performance. Available literature have been studied, analysed and discussed. The salient characteristics as well as the drawbacks of current solutions were isolated. Through this knowledge a dynamic mobile agent security framework was defined. The framework is based on the definition of multiple security levels, depending on type of deployment environment and type of application. A prototype was constructed and tested and it was found to be lightweight and efficient, giving developers insight into possible security threats as well as tools for maximum protection against malicious hosts. The framework outperformed other frameworks / models as it provides dynamic solutions without burdening a system with unnecessary security gadgets and hence paying for it in system cost and performanceComputingD.Phil

The Value of User-Visible Internet Cryptography

Cryptographic mechanisms are used in a wide range of applications, including email clients, web browsers, document and asset management systems, where typical users are not cryptography experts. A number of empirical studies have demonstrated that explicit, user-visible cryptographic mechanisms are not widely used by non-expert users, and as a result arguments have been made that cryptographic mechanisms need to be better hidden or embedded in end-user processes and tools. Other mechanisms, such as HTTPS, have cryptography built-in and only become visible to the user when a dialogue appears due to a (potential) problem. This paper surveys deployed and potential technologies in use, examines the social and legal context of broad classes of users, and from there, assesses the value and issues for those users

Survey On Ensuring Distributed Accountability for Data Sharing in the Cloud

Cloud computing is the use of computing of sources that are delivered as a service over a network for example on internet. It enables highly scalable services to be easily utilized over the Internet on an as needed basis. Important characteristic of the cloud services is that users’ data are usually processed remotely in unknown machines that users do not operate. It can become a substantial barrier to the wide taking on cloud services. To address this problem highly decentralized responsibility framework to keep track of the actual usage of the user’s data in the cloud. In this work has automated logging and distributed auditing mechanism. The Cloud Information Accountability framework proposed in this work conducts distributed auditing of relevant access performed by any entity, carried out at any point of time at any cloud service provider. It conations two major elements: logger and log harmonizer. This methodology will also take concern of the JAR file by converting the JAR into obfuscated code which will adds an additional layer of security to the infrastructure. Rather than this here in this work, increase the security of user’s data by provable data control for integrity verificatio

Secure data communication over mobile devices in health networks.

The continuous developments in the field of mobile computing have made it possible to use mobile devices for healthcare applications. These devices can be used by healthcare providers to collect and share patients' medical data. However, with increasing adoption of mobile devices that carry confidential data, organizations need to secure the data from unauthorized users and mobile device theft. When unencrypted data is transmitted from one device to another it faces various security threats from malicious code, unsecure networks, unauthorized access, and data theft. The objective of this research is to develop a secure data sharing solution customized for healthcare environments, which would allow authorized users to securely access and share patients' data over mobile devices. We identify the vulnerable locations in mobile communication network that can possibly be exploited by unauthorized users or malicious code to access the confidential data, and develop an efficient security protocol that provides end to end data protection without compromising device's performance. To demonstrate the feasibility of our proposed data sharing architecture, a prototype customized for Point-of-Care-Testing (POCT) scenarios was built in collaboration with Northern Health, Prince George. Simulations were performed to analyze and validate our solution against the pre-defined requirement criteria. --P. ii.The original print copy of this thesis may be available here: http://wizard.unbc.ca/record=b178382

Securing cloud service archives for function and data shipping in industrial environments

Cloud Computing paradigm needs a standard for portability, and automated deployment and management of cloud services, to eliminate vendor lock-in and minimization of management efforts respectively. Topology and Orchestration Specification for Cloud Applications (TOSCA) language provides such standard by employing semantics for representation of components and business processes of a cloud application. Advancements in the fields of Cloud Computing and Internet of Things (IoT) has opened new research areas to support 4th industrial revolution (Industry 4.0), which in turn has resulted in the emergence of smart services. One application of smart services is predictive maintenance, which enables the anticipation of future devicesí states by implementing functions, for example, analytics algorithms, and collecting huge amounts of data from sensors. Considering performance demands and runtime constraints, either the data can be shipped to the function site, called data shipping or the functionality is provisioned closely to the data site, called function shipping. However, since this data can contain confidential information, it has to be assured that access to the data is strictly controlled. Although TOSCA already enables defining policies in general, a concrete data security policy approach is missing. Moreover, constituents of TOSCA are packaged in a self-contained and portable archive, called Cloud Service Archive (CSAR), which is also required to be secured and restricted to authorized personals only. Taking the above facts into account, the goal of this thesis is to refine and enhance the TOSCA standard to the field of smart services in production environments through the usage of policies, for example, being effectively able to define the security aspects. In this thesis, various available policy languages with frameworks supporting them are researched, and their applicability for the field of Industry 4.0 is analyzed. An approach is formulated with one language selected, to define policies for TOSCA compliant cloud applications. Furthermore, a prototype is developed to secure the content of CSAR using the proposed approach