A Mini Review of Lifi Technology : Security Issue

Visible Light Communication (VLC) is an extension of Light Fidelity (LiFi) that uses full duplex communication or fully networked wireless communication. LiFi is one of the top technologies for solving wireless fidelity (WiFi) issues. Communication over LiFi is one of its major advantages. However, no security system is infallible. The purpose of this paper is to conduct a mini review of LIFI technology in terms of security issues. As a new technology, Lifi is still not widely known for its security issues. Literature reviews are a necessary step to determining the issues related to Lifi technology. A descriptive qualitative approach is used in this paper to describe the data. As a result, several studies have documented security issues related to LiFi technology, including data modification, spoofing, and jamming

Kajian Aspek Security Pada Jaringan Informasi Dan Komunikasi Berbasis Visible Light Communication

Cahaya tampak dapat dimanfaatkan sebagai media informasi ataupun komunikasi, teknologi ini dikenal dengan istilah Visible Light Communication yang menawarkan beberapa keunggulan dibandingkan komunikasi nirkabel lainnya seperti RF dan IR. Yakni cakupan bandwidth lebih lebar dan bebas lisensi, aman bagi kesehatan manusia dan tidak terganggu interferensi elektromagnetik. Sistem VLC terdiri atas tiga bagian besar, yakni bagian transmitter dengan menggunakan devais LED, kanal yang berupa ruang bebas (free space) dan receiver dengan menggunakan devais photodetector atau image camera. Penerapan VLC berlandaskan pedoman IEEE 802.15.17 yang mana baru dirancang dalam waktu 5 tahun belakangani ini (sejak tahun 2009), meliputi meliputi layer fisik (physical layer) dan layer MAC (medium access control).  Sebagaimana teknologi komunikasi pada umumnya, VLC juga menyediakan akses security yang dibahas pada bagian layer MAC. Namun pada praktiknya masih belum begitu masif dilakukan oleh para peneliti. Hal ini sangat wajar karena mengingat VLC merupakan teknologi yang sedang dalam tahap pengembangan yang menjadikan penelitian VLC umumnya berfokus pada ‘bagaimana meningkatkan speed dari keterbatasan komponen-komponen pembangun (IC, photodiode, LED, transistor, dll) yang tersedia saat ini\u27. Tantangan teknologi VLC selain target peningkatan kecepatan bit-rate, mobility communication, mengurangi interference noise, menyediakan layanan multi-acces juga salah satunya adalah isu security. Makalah ini merupakan studi literature (review paper) yang didapatkan dari dokumen-dokumen hasil peneltian baik di jurnal dan conference terkait dengan praktik-praktik security VLC yang pernah dilakukan dengan skema indoor maupun outdoor

Survey and Systematization of Secure Device Pairing

Secure Device Pairing (SDP) schemes have been developed to facilitate secure communications among smart devices, both personal mobile devices and Internet of Things (IoT) devices. Comparison and assessment of SDP schemes is troublesome, because each scheme makes different assumptions about out-of-band channels and adversary models, and are driven by their particular use-cases. A conceptual model that facilitates meaningful comparison among SDP schemes is missing. We provide such a model. In this article, we survey and analyze a wide range of SDP schemes that are described in the literature, including a number that have been adopted as standards. A system model and consistent terminology for SDP schemes are built on the foundation of this survey, which are then used to classify existing SDP schemes into a taxonomy that, for the first time, enables their meaningful comparison and analysis.The existing SDP schemes are analyzed using this model, revealing common systemic security weaknesses among the surveyed SDP schemes that should become priority areas for future SDP research, such as improving the integration of privacy requirements into the design of SDP schemes. Our results allow SDP scheme designers to create schemes that are more easily comparable with one another, and to assist the prevention of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications Surveys & Tutorials 2017 (Volume: PP, Issue: 99

Ethics_ How to Develop Your Firm\u27s Cybersecurity Policy

Meeting proceedings of a seminar by the same name, held August 30, 2022

Designing and Operating Safe and Secure Transit Systems: Assessing Current Practices in the United States and Abroad, MTI Report 04-05

Public transit systems around the world have for decades served as a principal venue for terrorist acts. Today, transit security is widely viewed as an important public policy issue and is a high priority at most large transit systems and at smaller systems operating in large metropolitan areas. Research on transit security in the United States has mushroomed since 9/11; this study is part of that new wave of research. This study contributes to our understanding of transit security by (1) reviewing and synthesizing nearly all previously published research on transit terrorism; (2) conducting detailed case studies of transit systems in London, Madrid, New York, Paris, Tokyo, and Washington, D.C.; (3) interviewing federal officials here in the United States responsible for overseeing transit security and transit industry representatives both here and abroad to learn about efforts to coordinate and finance transit security planning; and (4) surveying 113 of the largest transit operators in the United States. Our major findings include: (1) the threat of transit terrorism is probably not universal—most major attacks in the developed world have been on the largest systems in the largest cities; (2) this asymmetry of risk does not square with fiscal politics that seek to spread security funding among many jurisdictions; (3) transit managers are struggling to balance the costs and (uncertain) benefits of increased security against the costs and (certain) benefits of attracting passengers; (4) coordination and cooperation between security and transit agencies is improving, but far from complete; (5) enlisting passengers in surveillance has benefits, but fearful passengers may stop using public transit; (6) the role of crime prevention through environmental design in security planning is waxing; and (7) given the uncertain effectiveness of antitransit terrorism efforts, the most tangible benefits of increased attention to and spending on transit security may be a reduction in transit-related person and property crimes

Cybersecurity & Ethics for Lawyers in Plain English

Meeting proceedings of a seminar by the same name, held April 26, 2022

Security and Privacy for IoT Ecosystems

Smart devices have become an integral part of our everyday life. In contrast to smartphones and laptops, Internet of Things (IoT) devices are typically managed by the vendor. They allow little or no user-driven customization. Users need to use and trust IoT devices as they are, including the ecosystems involved in the processing and sharing of personal data. Ensuring that an IoT device does not leak private data is imperative. This thesis analyzes security practices in popular IoT ecosystems across several price segments. Our results show a gap between real-world implementations and state-of-the-art security measures. The process of responsible disclosure with the vendors revealed further practical challenges. Do they want to support backward compatibility with the same app and infrastructure over multiple IoT device generations? To which extent can they trust their supply chains in rolling out keys? Mature vendors have a budget for security and are aware of its demands. Despite this goodwill, developers sometimes fail at securing the concrete implementations in those complex ecosystems. Our analysis of real-world products reveals the actual efforts made by vendors to secure their products. Our responsible disclosure processes and publications of design recommendations not only increase security in existing products but also help connected ecosystem manufacturers to develop secure products. Moreover, we enable users to take control of their connected devices with firmware binary patching. If a vendor decides to no longer offer cloud services, bootstrapping a vendor-independent ecosystem is the only way to revive bricked devices. Binary patching is not only useful in the IoT context but also opens up these devices as research platforms. We are the first to publish tools for Bluetooth firmware and lower-layer analysis and uncover a security issue in Broadcom chips affecting hundreds of millions of devices manufactured by Apple, Samsung, Google, and more. Although we informed Broadcom and customers of their technologies of the weaknesses identified, some of these devices no longer receive official updates. For these, our binary patching framework is capable of building vendor-independent patches and retrofit security. Connected device vendors depend on standards; they rarely implement lower-layer communication schemes from scratch. Standards enable communication between devices of different vendors, which is crucial in many IoT setups. Secure standards help making products secure by design and, thus, need to be analyzed as early as possible. One possibility to integrate security into a lower-layer standard is Physical-Layer Security (PLS). PLS establishes security on the Physical Layer (PHY) of wireless transmissions. With new wireless technologies emerging, physical properties change. We analyze how suitable PLS techniques are in the domain of mmWave and Visible Light Communication (VLC). Despite VLC being commonly believed to be very secure due to its limited range, we show that using VLC instead for PLS is less secure than using it with Radio Frequency (RF) communication. The work in this thesis is applied to mature products as well as upcoming standards. We consider security for the whole product life cycle to make connected devices and IoT ecosystems more secure in the long term

Exposing Neoliberalism\u27s Erosion of Special Education in Ontario Schools

My positionality as a critical scholar frames the problem of practice. The POP discusses a lack of transparency stemming from a longstanding hierarchy of influence from the ministry of education to local school boards and then to individual schools. A political, economic and social analysis frames the organizational context which impacts my role and agency within the organization. The organization’s worldview, tied to the ministry’s worldview, undermines student experience, as does both organization’s leadership approach. Using a critical bureaucracy and anti-oppressive theory, this organizational improvement plan investigates the physical and bureaucratic barriers that undermine special education student experience. Critical theory supports the leadership approach to change due to my agency. There is a tethering of neoliberalism, bureaucracy, and ableism that all intersect in this organizational improvement plan. The framework for leading the change process uses the zone of mediation as a framework for change. The leadership and humility change model is used to propel change as it aligns with the theoretical framing of this organization improvement plan. This organizational improvement plan uses an adapted community analysis model to assess readiness for change. Three options to address solutions to the POP are investigated with a preferred solution, an equity audit, selected. As a change facilitator, the support for change will be explored through servant, transformative and advocacy leadership theories. The change implementation plan uses a spiral of inquiry to monitor the change process, and communicating the change process occurs through tailoring messages to the various audience, aligning with the servant-leadership approach. Keywords: neoliberalism, critical bureaucracy theory, anti-oppressive theory, leadership and humility change model, servant-leadership, transformational-leadership, advocacy-leadership, special educatio