FPGA based remote code integrity verification of programs in distributed embedded systems

The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems

From access and integration to mining of secure genomic data sets across the grid

The UK Department of Trade and Industry (DTI) funded BRIDGES project (Biomedical Research Informatics Delivered by Grid Enabled Services) has developed a Grid infrastructure to support cardiovascular research. This includes the provision of a compute Grid and a data Grid infrastructure with security at its heart. In this paper we focus on the BRIDGES data Grid. A primary aim of the BRIDGES data Grid is to help control the complexity in access to and integration of a myriad of genomic data sets through simple Grid based tools. We outline these tools, how they are delivered to the end user scientists. We also describe how these tools are to be extended in the BBSRC funded Grid Enabled Microarray Expression Profile Search (GEMEPS) to support a richer vocabulary of search capabilities to support mining of microarray data sets. As with BRIDGES, fine grain Grid security underpins GEMEPS

Developing a Framework for Creating mHealth Surveys

Various issues in the design of surveys for mobile health (mHealth) research projects yet exist. As mHealth solutions become more popular, new issues are brought into consideration. Researchers need to collect some critical information from participants in these mHealth studies. These mHealth studies require a specialized framework to create surveys, track progress and analyze user data. In these procedures, mHealth’s needs differ from other studies. Therefore, there has to be a new framework that satisfies needs of mHealth research studies. Although there are studies for creating efficient, robust and user-friendly surveys, there is no solution or study, which is specialized in mHealth area and solves specific problems of mHealth research studies. mHealth research studies sometimes require real-time access to user data. Reward systems may play a key role in their study. Most importantly, storing user information securely plays a key role in these studies. There is no such solution or study, which covers all these areas. In this thesis, we present guidelines for developing a framework for creating mHealth surveys. In doing this, we hope that we propose a solution for problems of creating and using of surveys in mHealth studies

Reliability, availability and security of wireless networks in the community

Wireless networking increases the flexibility in the home, work place and community to connect to the Internet without being tied to a single location. Wireless networking has rapidly increased in popularity over recent years. There has also been a change in the use of the internet by users. Home users have embraced wireless technology and businesses see it as having a great impact on their operational efficiency. Both home users and industry are sending increasingly sensitive information through these wireless networks as online delivery of banking, commercial and governmental services becomes more widespread. However undeniable the benefits of wireless networking are, there are additional risks that do not exist in wired networks. It is imperative that adequate assessment and management of risk is undertaken by businesses and home users. This paper reviews wireless network protocols, investigates issues of reliability, availability and security when using wireless networks. The paper, by use of a case study, illustrates the issues and importance of implementing secured wireless networks, and shows the significance of the issue. The paper presents a discussion of the case study and a set of recommendations to mitigate the threat

Towards distributed architecture for collaborative cloud services in community networks

Internet and communication technologies have lowered the costs for communities to collaborate, leading to new services like user-generated content and social computing, and through collaboration, collectively built infrastructures like community networks have also emerged. Community networks get formed when individuals and local organisations from a geographic area team up to create and run a community-owned IP network to satisfy the community’s demand for ICT, such as facilitating Internet access and providing services of local interest. The consolidation of today’s cloud technologies offers now the possibility of collectively built community clouds, building upon user-generated content and user-provided networks towards an ecosystem of cloud services. To address the limitation and enhance utility of community networks, we propose a collaborative distributed architecture for building a community cloud system that employs resources contributed by the members of the community network for provisioning infrastructure and software services. Such architecture needs to be tailored to the specific social, economic and technical characteristics of the community networks for community clouds to be successful and sustainable. By real deployments of clouds in community networks and evaluation of application performance, we show that community clouds are feasible. Our result may encourage collaborative innovative cloud-based services made possible with the resources of a community.Peer ReviewedPostprint (author’s final draft

International Cryptography Regulation and the Global Information Economy

With the meteoric rise of the Internet and e-commerce in the 1990s came great attention to the problems and opportunities associated with cryptography. Throughout that decade, the United States and many foreign countries debated and experimented with various forms of cryptography regulation, and attempts were made at international harmonization. Since then, however, policy-making activity around cryptography has slowed, if not halted altogether, leaving individuals and companies to face a bewildering array of regulations—or, in many cases, to face regulations that are extraordinarily unclear and haphazardly applied. This Note seeks to introduce the reader to the issue of international cryptography regulation by focusing on laws in a select group of countries, including the two largest global economies—China and the United State

International Cryptography Regulation and the Global Information Economy

With the meteoric rise of the Internet and e-commerce in the 1990s came great attention to the problems and opportunities associated with cryptography. Throughout that decade, the United States and many foreign countries debated and experimented with various forms of cryptography regulation, and attempts were made at international harmonization. Since then, however, policy-making activity around cryptography has slowed, if not halted altogether, leaving individuals and companies to face a bewildering array of regulations—or, in many cases, to face regulations that are extraordinarily unclear and haphazardly applied. This Note seeks to introduce the reader to the issue of international cryptography regulation by focusing on laws in a select group of countries, including the two largest global economies—China and the United State

Digital Rights Management and Consumer Acceptability: A Multi-Disciplinary Discussion of Consumer Concerns and Expectations

The INDICARE project – the Informed Dialogue about Consumer Acceptability of DRM Solutions in Europe – has been set up to raise awareness about consumer and user issues of Digital Rights Management (DRM) solutions. One of the main goals of the INDICARE project is to contribute to the consensus-building among multiple players with heterogeneous interests in the digital environment. To promote this process and to contribute to the creation of a common level of understanding is the aim of the present report. It provides an overview of consumer concerns and expectations regarding DRMs, and discusses the findings from a social, legal, technical and business perspective. A general overview of the existing EC initiatives shows that questions of consumer acceptability of DRM have only recently begun to draw wider attention. A review of the relevant statements, studies and reports confirms that awareness of consumer concerns is still at a low level. Five major categories of concerns have been distinguished so far: (1) fair conditions of use and access to digital content, (2) privacy, (3) interoperability, (4) transparency and (5) various aspects of consumer friendliness. From the legal point of view, many of the identified issues go beyond the scope of copyright law, i.e. the field of law where DRM was traditionally discussed. Often they are a matter of general or sector-specific consumer protection law. Furthermore, it is still unclear to what extent technology and an appropriate design of technical solutions can provide an answer to some of the concerns of consumers. One goal of the technical chapter was exactly to highlight some of these technical possibilities. Finally, it is shown that consumer acceptability of DRM is important for the economic success of different business models based on DRM. Fair and responsive DRM design can be a profitable strategy, however DRM-free alternatives do exist too.Digital Rights Management; consumers; Intellectual property; business models