A Survey of Trustworthy Computing on Mobile & Wearable Systems

Mobile and wearable systems have generated unprecedented interest in recent years, particularly in the domain of mobile health (mHealth) where carried or worn devices are used to collect health-related information about the observed person. Much of the information - whether physiological, behavioral, or social - collected by mHealth systems is sensitive and highly personal; it follows that mHealth systems should, at the very least, be deployed with mechanisms suitable for ensuring confidentiality of the data it collects. Additional properties - such as integrity of the data, source authentication of data, and data freshness - are also desirable to address other security, privacy, and safety issues. Developing systems that are robust against capable adversaries (including physical attacks) is, and has been, an active area of research. While techniques for protecting systems that handle sensitive data are well-known today, many of the solutions in use today are not well suited for mobile and wearable systems, which are typically limited with respect to power, memory, computation, and other capabilities. In this paper we look at prior research on developing trustworthy mobile and wearable systems. To survey this topic we begin by discussing solutions for securing computing systems that are not subject to the type of strict constraints associated with mobile and wearable systems. Next, we present other efforts to design and implement trustworthy mobile and wearable systems. We end with a discussion of future directions

Building the Infrastructure for Cloud Security

Computer scienc

Collaborative Edge Computing in Mobile Internet of Things

The proliferation of Internet-of-Things (IoT) devices has opened a plethora of opportunities for smart networking, connected applications and data driven intelligence. The large distribution of IoT devices within a finite geographical area and the pervasiveness of wireless networking present an opportunity for such devices to collaborate. Centralized decision systems have so far dominated the field, but they are starting to lose relevance in the wake of heterogeneity of the device pool. This thesis is driven by three key hypothesis: (i) In solving complex problems, it is possible to harness unused compute capabilities of the device pool instead of always relying on centralized infrastructures; (ii) When possible, collaborating with neighbors to identify security threats scales well in large environments; (iii) Given the abundance of data from a large pool of devices with possible privacy constraints, collaborative learning drives scalable intelligence. This dissertation defines three frameworks for these hypotheses; collaborative computing, collaborative security and collaborative privacy intelligence. The first framework, Opportunistic collaboration among IoT devices for workload execution, profiles applications and matches resource grants to requests using blockchain to put excess capacity at the edge to good use. The evaluation results show app execution latency comparable to the centralized edge and an outstanding resource utilization at the edge. The second framework, Integrity Threat Identification for Distributed IoT, uses a new spatio-temporal algorithm, based on Local Outlier Factor (LOF) uniquely using mean and variance collaboratively across spatial and temporal dimensions to identify potential threats. Evaluation results on real world underground sensor dataset (Thoreau) show good accuracy and efficiency. The third frame- work, Collaborative Privacy Intelligence, aims to understand privacy invasion by reverse engineering a user’s privacy model using sensors data, and score the level of intrusion for various dimensions of privacy. By having sensors track activities, and learning rule books from the collective insights, we are able to predict ones privacy attributes and states, with reasonable accuracy. As the Edge gains more prominence with computation moving closer to the data source, the above frameworks will drive key solutions and research in areas of Edge federation and collaboration

A Layered Framework Approach to Mitigate Crimeware

Crimeware attacks are growing at such an alarming rate and are becoming so prevalent that the FBI now rank cybercrime among its top priorities after terrorism and espionage. New studies estimate cyber crimes cost firms an astounding $1 trillion annually. But the good news? Over 80% of them are preventable. Crimeware is not a purely technical threat but more or a socio-technical affair. This clearly brings out the fact that computers do not commit a crime, but we (humans) do! In this paper I propose a layered approach that involves all stakeholders from end-users to service-providers and law enforcement to greatly mitigate the recent proliferation of crimeware. Keywords: Crimeware, Jurisdiction, International spac

Russian perspectives of online learning technologies in higher education: An empirical study of a MOOC

There has been a rapid growth of massive open online courses (MOOCs) in the global education market in the last decade. Online learning technologies are becoming increasingly widespread in the non-formal education sector and in higher and supplementary vocational education. The use of MOOCs in Russia to support the delivery of educational programmes at university level opens opportunities in terms of expanding the educational choice for students, the development of virtual academic mobility, reduction in the cost of educational services, and improvement in the accessibility of education. However, the effectiveness of using different online learning technologies at university level, and the consequences of their widespread adoption, has not been sufficiently explored. In this research study, a comparative analysis is made of the effects of different online learning models on student educational outcomes in a university setting. A study was undertaken in which different groups of students at the Ural Federal University, Russia, were encouraged to study technical and humanities disciplines using a framework of blended learning, and online learning with tutoring support. The results of the study were compared with the results of a reference (control) group of students who studied the same disciplines in a traditionally taught model. It was found that both models (blended and online) of MOOC implementation demonstrated greater learning gains, in comparison with the traditional model. For engineering and technical disciplines, there was no statistically significant difference between blended or online learning technologies. For the humanities discipline, where the communicative component of the learning process was significant, the blended learning technology produced better results. Conclusions of this empirical research may be useful for heads of educational organizations and teachers in helping them to make strategic decisions about the modernization of university courses by increasing the effectiveness of the implementation of new educational technologies. The results of this research project will be used for implementing the State Priority Project, ‘The Modern Digital Educational Environment of the Russian Federation’

Secure Remote Attestation for Safety-Critical Embedded and IoT Devices

In recent years, embedded and cyber-physical systems (CPS), under the guise of Internet-of-Things (IoT), have entered many aspects of daily life. Despite many benefits, this develop-ment also greatly expands the so-called attack surface and turns these newly computerizedgadgets into attractive attack targets. One key component in securing IoT devices is malwaredetection, which is typically attained with (secure) remote attestation. Remote attestationis a distinct security service that allows a trusted verifier to verify the internal state of aremote untrusted device. Remote attestation is especially relevant for low/medium-end em-bedded devices that are incapable of protecting themselves against malware infection. Assafety-critical IoT devices become commonplace, it is crucial for remote attestation not tointerfere with the device’s normal operations. In this dissertation, we identify major issues inreconciling remote attestation and safety-critical application needs. We show that existingattestation techniques require devices to perform uninterruptible (atomic) operations duringattestation. Such operations can be time-consuming and thus may be harmful to the device’ssafety-critical functionality. On the other hand, simply relaxing security requirements of re-mote attestation can lead to other vulnerabilities. To resolve this conflict, this dissertationpresents the design, implementation, and evaluation of several mitigation techniques. In par-ticular, we propose two light-weight techniques capable of providing interruptible attestationmodality. In contrast to traditional techniques, our proposed techniques allow interrupts tooccur during attestation while ensuring malware detection via shuffled memory traversals ormemory locking mechanisms. Another type of techniques pursued in this dissertation aimsto minimize the real-time computation overhead during attestation. We propose using peri-odic self-measurements to measure and record the device’s state, resulting in more flexiblescheduling of the attestation process and also in no real-time burden as part of its interactionwith verifier. This technique is particularly suitable for swarm settings with a potentiallylarge number of safety-critical devices. Finally, we develop a remote attestation HYDRAarchitecture, based on a formally verified component, and use it as a building block in ourproposed mitigation techniques. We believe that this architecture may be of independentinterest

Securing Critical Infrastructures

1noL'abstract è presente nell'allegato / the abstract is in the attachmentopen677. INGEGNERIA INFORMATInoopenCarelli, Albert

Demystifying Internet of Things Security

Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. The IoT presents unique challenges in implementing security and Intel has both CPU and Isolated Security Engine capabilities to simplify it. This book explores the challenges to secure these devices to make them immune to different threats originating from within and outside the network. The requirements and robustness rules to protect the assets vary greatly and there is no single blanket solution approach to implement security. Demystifying Internet of Things Security provides clarity to industry professionals and provides and overview of different security solutions What You'll Learn Secure devices, immunizing them against different threats originating from inside and outside the network Gather an overview of the different security building blocks available in Intel Architecture (IA) based IoT platforms Understand the threat pyramid, secure boot, chain of trust, and the software stack leading up to defense-in-depth Who This Book Is For Strategists, developers, architects, and managers in the embedded and Internet of Things (IoT) space trying to understand and implement the security in the IoT devices/platforms