Enhancing Data Security by Making Data Disappear in a P2P Systems

This paper describes the problem of securing data by making it disappear after some time limit, making it impossible for it to be recovered by an unauthorized party. This method is in response to the need to keep the data secured and to protect the privacy of archived data on the servers, Cloud and Peer-to-Peer architectures. Due to the distributed nature of these architectures, it is impossible to destroy the data completely. So, we store the data by applying encryption and then manage the key, which is easier to do as the key is small and it can be hidden in the DHT (Distributed hash table). Even if the keys in the DHT and the encrypted data were compromised, the data would still be secure. This paper describes existing solutions, points to their limitations and suggests improvements with a new secure architecture. We evaluated and executed this architecture on the Java platform and proved that it is more secure than other architectures.Comment: 18 page

Pendekatan konstruktif dalam inovasi pengajaran dan pembelajaran Bahasa Melayu di Kolej Vokasional

Pendekatan konstruktif adalah pendekatan pengajaran dan pembelajaran yang berpusatkan pelajar manakala inovasi pengajaran pula dikaitkan dengan kaedah pengajaran yang terbaru demi mengukuhkan pemahaman pelajar. Pembelajaran berasaskan pendekatan konstruktif merupakan elemen yang penting dan perlu difahami oleh guru-guru bagi memantapkan proses pengajaran dan pembelajaran sesuai dengan peredaran masa dan menjayakan proses tranformasi pendidikan negara. Objektif kajian ini dijalankan untuk mengenal pasti pemahaman guru-guru bahasa Melayu berkaitan inovasi, mengenal pasti perbezaan yang wujud antara guru lelaki dan guru perempuan dalam mengamalkan inovasi, pengkaji juga melihat adakah wujud perbezaan antara guru baru dan guru yang sudah berpengalaman dalam aspek mengaplikasikan inovasi serta mengenal pasti kekangan-kekangan yang dialami oleh para guru untuk mengaplikasikan inovasi di sekolah. Seramai 63 orang guru bahasa Melayu dari lapan buah kolej vokasional telah dipilih sebagai responden dalam kajian ini. Data dianalisis menggunakan perisian Winsteps 3.69.1.11 dengan pendekatan Model Pengukuran Rasch. Hasil analisis menunjukkan bahawa guru�guru bahasa Melayu memahami kepentingan inovasi dalam pengajaran dan pembelajaran. Hasil kajian juga menunjukkan guru-guru perempuan lebih banyak menerapkan unsur inovasi dalam pengajaran berbanding guru lelaki. Walaupun begitu, aspek pengalaman tidak menunjukkan perbezaan dari segi pengamalan inovasi sama ada guru baru ataupun guru yang sudah berpengalaman. Pengkaji juga mengenal pasti beberapa kekangan yang dialami oleh guru-guru untuk mengamalkan inovasi ini. Sebagai langkah untuk menangani masalah berkenaan, beberapa cadangan telah dikemukakan oleh pengkaji bagi memastikan guru-guru dapat merealisasikan proses pengajaran berkesan dengan penerapan inovasi mengikut model pendekatan konstruktif. Pengkaji berharap, kajian ini dapat dijadikan sebagai satu panduan kepada pelaksana kurikulum bagi memastikan budaya inovasi sentiasa menjadi amalan dalam kalangan guru demi mengangkat profesionalisme guru di Malaysia

On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure

Building Confidential and Efficient Query Services in the Cloud with RASP Data Perturbation

With the wide deployment of public cloud computing infrastructures, using clouds to host data query services has become an appealing solution for the advantages on scalability and cost-saving. However, some data might be sensitive that the data owner does not want to move to the cloud unless the data confidentiality and query privacy are guaranteed. On the other hand, a secured query service should still provide efficient query processing and significantly reduce the in-house workload to fully realize the benefits of cloud computing. We propose the RASP data perturbation method to provide secure and efficient range query and kNN query services for protected data in the cloud. The RASP data perturbation method combines order preserving encryption, dimensionality expansion, random noise injection, and random projection, to provide strong resilience to attacks on the perturbed data and queries. It also preserves multidimensional ranges, which allows existing indexing techniques to be applied to speedup range query processing. The kNN-R algorithm is designed to work with the RASP range query algorithm to process the kNN queries. We have carefully analyzed the attacks on data and queries under a precisely defined threat model and realistic security assumptions. Extensive experiments have been conducted to show the advantages of this approach on efficiency and security.Comment: 18 pages, to appear in IEEE TKDE, accepted in December 201

A secure data outsourcing scheme based on Asmuth – Bloom secret sharing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Data outsourcing is an emerging paradigm for data management in which a database is provided as a service by third-party service providers. One of the major benefits of offering database as a service is to provide organisations, which are unable to purchase expensive hardware and software to host their databases, with efficient data storage accessible online at a cheap rate. Despite that, several issues of data confidentiality, integrity, availability and efficient indexing of users’ queries at the server side have to be addressed in the data outsourcing paradigm. Service providers have to guarantee that their clients’ data are secured against internal (insider) and external attacks. This paper briefly analyses the existing indexing schemes in data outsourcing and highlights their advantages and disadvantages. Then, this paper proposes a secure data outsourcing scheme based on Asmuth–Bloom secret sharing which tries to address the issues in data outsourcing such as data confidentiality, availability and order preservation for efficient indexing