Security Improvement Of Aes Algorithm Using S-Box Modification Based On Strict Avalanche Criterion On Image Encryption

Communication is something that cannot be separated from humans as social creatures. Images are the most commonly used visual communication in today's era. On the other hand, sending images via wireless networks is very vulnerable to piracy. AES, as one of the best cryptographic algorithms, can be applied as a solution. Even so, the AES algorithm still has weaknesses, which are weak against linear attacks and differential cryptanalysis. One solution to overcome the weaknesses of the AES algorithm is to use a stronger S-box. One of the methods to measure the strength of an S-box is the Strict Avalanche Criterion (SAC). The dataset is divided into four categories based on the image type and size of the pixels. Data that has been encrypted using the proposed algorithm will be compared with data that has been encrypted using the standard AES algorithm. Cipherimages (encrypted data) are tested using histogram analysis, information entropy, and sensitivity analysis. The results obtained from cipher image testing are differences in histogram analysis testing in grayscale and color images. The information entropy value is 0.000131583% better than the AES standard, the NPCR is 0.17613% better than the AES standard, and the UACI value. 0.211148% better than AES standard in sensitivity analysis testing. Based on these data, the proposed algorithm has a higher level of security than the standard AES algorithm on image encryption

Security and trust in cloud computing and IoT through applying obfuscation, diversification, and trusted computing technologies

Cloud computing and Internet of Things (IoT) are very widely spread and commonly used technologies nowadays. The advanced services offered by cloud computing have made it a highly demanded technology. Enterprises and businesses are more and more relying on the cloud to deliver services to their customers. The prevalent use of cloud means that more data is stored outside the organization’s premises, which raises concerns about the security and privacy of the stored and processed data. This highlights the significance of effective security practices to secure the cloud infrastructure. The number of IoT devices is growing rapidly and the technology is being employed in a wide range of sectors including smart healthcare, industry automation, and smart environments. These devices collect and exchange a great deal of information, some of which may contain critical and personal data of the users of the device. Hence, it is highly significant to protect the collected and shared data over the network; notwithstanding, the studies signify that attacks on these devices are increasing, while a high percentage of IoT devices lack proper security measures to protect the devices, the data, and the privacy of the users. In this dissertation, we study the security of cloud computing and IoT and propose software-based security approaches supported by the hardware-based technologies to provide robust measures for enhancing the security of these environments. To achieve this goal, we use obfuscation and diversification as the potential software security techniques. Code obfuscation protects the software from malicious reverse engineering and diversification mitigates the risk of large-scale exploits. We study trusted computing and Trusted Execution Environments (TEE) as the hardware-based security solutions. Trusted Platform Module (TPM) provides security and trust through a hardware root of trust, and assures the integrity of a platform. We also study Intel SGX which is a TEE solution that guarantees the integrity and confidentiality of the code and data loaded onto its protected container, enclave. More precisely, through obfuscation and diversification of the operating systems and APIs of the IoT devices, we secure them at the application level, and by obfuscation and diversification of the communication protocols, we protect the communication of data between them at the network level. For securing the cloud computing, we employ obfuscation and diversification techniques for securing the cloud computing software at the client-side. For an enhanced level of security, we employ hardware-based security solutions, TPM and SGX. These solutions, in addition to security, ensure layered trust in various layers from hardware to the application. As the result of this PhD research, this dissertation addresses a number of security risks targeting IoT and cloud computing through the delivered publications and presents a brief outlook on the future research directions.Pilvilaskenta ja esineiden internet ovat nykyään hyvin tavallisia ja laajasti sovellettuja tekniikkoja. Pilvilaskennan pitkälle kehittyneet palvelut ovat tehneet siitä hyvin kysytyn teknologian. Yritykset enenevässä määrin nojaavat pilviteknologiaan toteuttaessaan palveluita asiakkailleen. Vallitsevassa pilviteknologian soveltamistilanteessa yritykset ulkoistavat tietojensa käsittelyä yrityksen ulkopuolelle, minkä voidaan nähdä nostavan esiin huolia taltioitavan ja käsiteltävän tiedon turvallisuudesta ja yksityisyydestä. Tämä korostaa tehokkaiden turvallisuusratkaisujen merkitystä osana pilvi-infrastruktuurin turvaamista. Esineiden internet -laitteiden lukumäärä on nopeasti kasvanut. Teknologiana sitä sovelletaan laajasti monilla sektoreilla, kuten älykkäässä terveydenhuollossa, teollisuusautomaatiossa ja älytiloissa. Sellaiset laitteet keräävät ja välittävät suuria määriä informaatiota, joka voi sisältää laitteiden käyttäjien kannalta kriittistä ja yksityistä tietoa. Tästä syystä johtuen on erittäin merkityksellistä suojata verkon yli kerättävää ja jaettavaa tietoa. Monet tutkimukset osoittavat esineiden internet -laitteisiin kohdistuvien tietoturvahyökkäysten määrän olevan nousussa, ja samaan aikaan suuri osuus näistä laitteista ei omaa kunnollisia teknisiä ominaisuuksia itse laitteiden tai niiden käyttäjien yksityisen tiedon suojaamiseksi. Tässä väitöskirjassa tutkitaan pilvilaskennan sekä esineiden internetin tietoturvaa ja esitetään ohjelmistopohjaisia tietoturvalähestymistapoja turvautumalla osittain laitteistopohjaisiin teknologioihin. Esitetyt lähestymistavat tarjoavat vankkoja keinoja tietoturvallisuuden kohentamiseksi näissä konteksteissa. Tämän saavuttamiseksi työssä sovelletaan obfuskaatiota ja diversifiointia potentiaalisiana ohjelmistopohjaisina tietoturvatekniikkoina. Suoritettavan koodin obfuskointi suojaa pahantahtoiselta ohjelmiston takaisinmallinnukselta ja diversifiointi torjuu tietoturva-aukkojen laaja-alaisen hyödyntämisen riskiä. Väitöskirjatyössä tutkitaan luotettua laskentaa ja luotettavan laskennan suoritusalustoja laitteistopohjaisina tietoturvaratkaisuina. TPM (Trusted Platform Module) tarjoaa turvallisuutta ja luottamuksellisuutta rakentuen laitteistopohjaiseen luottamukseen. Pyrkimyksenä on taata suoritusalustan eheys. Työssä tutkitaan myös Intel SGX:ää yhtenä luotettavan suorituksen suoritusalustana, joka takaa suoritettavan koodin ja datan eheyden sekä luottamuksellisuuden pohjautuen suojatun säiliön, saarekkeen, tekniseen toteutukseen. Tarkemmin ilmaistuna työssä turvataan käyttöjärjestelmä- ja sovellusrajapintatasojen obfuskaation ja diversifioinnin kautta esineiden internet -laitteiden ohjelmistokerrosta. Soveltamalla samoja tekniikoita protokollakerrokseen, työssä suojataan laitteiden välistä tiedonvaihtoa verkkotasolla. Pilvilaskennan turvaamiseksi työssä sovelletaan obfuskaatio ja diversifiointitekniikoita asiakaspuolen ohjelmistoratkaisuihin. Vankemman tietoturvallisuuden saavuttamiseksi työssä hyödynnetään laitteistopohjaisia TPM- ja SGX-ratkaisuja. Tietoturvallisuuden lisäksi nämä ratkaisut tarjoavat monikerroksisen luottamuksen rakentuen laitteistotasolta ohjelmistokerrokseen asti. Tämän väitöskirjatutkimustyön tuloksena, osajulkaisuiden kautta, vastataan moniin esineiden internet -laitteisiin ja pilvilaskentaan kohdistuviin tietoturvauhkiin. Työssä esitetään myös näkemyksiä jatkotutkimusaiheista

Animating the Ethical Demand:Exploring user dispositions in industry innovation cases through animation-based sketching

This paper addresses the challenge of attaining ethical user stances during the design process of products and services and proposes animation-based sketching as a design method, which supports elaborating and examining different ethical stances towards the user. The discussion is qualified by an empirical study of Responsible Research and Innovation (RRI) in a Triple Helix constellation. Using a three-week long innovation workshop, UCrAc, involving 16 Danish companies and organisations and 142 students as empirical data, we discuss how animation-based sketching can explore not yet existing user dispositions, as well as create an incentive for ethical conduct in development and innovation processes. The ethical fulcrum evolves around Løgstrup's Ethical Demand and his notion of spontaneous life manifestations. From this, three ethical stances are developed; apathy, sympathy and empathy. By exploring both apathetic and sympathetic views, the ethical reflections are more nuanced as a result of actually seeing the user experience simulated through different user dispositions. Exploring the three ethical stances by visualising real use cases with the technologies simulated as already being implemented makes the life manifestations of the users in context visible. We present and discuss how animation-based sketching can support the elaboration and examination of different ethical stances towards the user in the product and service development process. Finally we present a framework for creating narrative representations of emerging technology use cases, which invite to reflection upon the ethics of the user experience.</jats:p

Measuring knowledge sharing processes through social network analysis within construction organisations

The construction industry is a knowledge intensive and information dependent industry. Organisations risk losing valuable knowledge, when the employees leave them. Therefore, construction organisations need to nurture opportunities to disseminate knowledge through strengthening knowledge-sharing networks. This study aimed at evaluating the formal and informal knowledge sharing methods in social networks within Australian construction organisations and identifying how knowledge sharing could be improved. Data were collected from two estimating teams in two case studies. The collected data through semi-structured interviews were analysed using UCINET, a Social Network Analysis (SNA) tool, and SNA measures. The findings revealed that one case study consisted of influencers, while the other demonstrated an optimal knowledge sharing structure in both formal and informal knowledge sharing methods. Social networks could vary based on the organisation as well as the individuals’ behaviour. Identifying networks with specific issues and taking steps to strengthen networks will enable to achieve optimum knowledge sharing processes. This research offers knowledge sharing good practices for construction organisations to optimise their knowledge sharing processes

The 45th Australasian Universities Building Education Association Conference: Global Challenges in a Disrupted World: Smart, Sustainable and Resilient Approaches in the Built Environment, Conference Proceedings, 23 - 25 November 2022, Western Sydney University, Kingswood Campus, Sydney, Australia

This is the proceedings of the 45th Australasian Universities Building Education Association (AUBEA) conference which will be hosted by Western Sydney University in November 2022. The conference is organised by the School of Engineering, Design, and Built Environment in collaboration with the Centre for Smart Modern Construction, Western Sydney University. This year’s conference theme is “Global Challenges in a Disrupted World: Smart, Sustainable and Resilient Approaches in the Built Environment”, and expects to publish over a hundred double-blind peer review papers under the proceedings

Design Space Exploration and Resource Management of Multi/Many-Core Systems

The increasing demand of processing a higher number of applications and related data on computing platforms has resulted in reliance on multi-/many-core chips as they facilitate parallel processing. However, there is a desire for these platforms to be energy-efficient and reliable, and they need to perform secure computations for the interest of the whole community. This book provides perspectives on the aforementioned aspects from leading researchers in terms of state-of-the-art contributions and upcoming trends

INTERACT 2015 Adjunct Proceedings. 15th IFIP TC.13 International Conference on Human-Computer Interaction 14-18 September 2015, Bamberg, Germany

INTERACT is among the world’s top conferences in Human-Computer Interaction. Starting with the first INTERACT conference in 1990, this conference series has been organised under the aegis of the Technical Committee 13 on Human-Computer Interaction of the UNESCO International Federation for Information Processing (IFIP). This committee aims at developing the science and technology of the interaction between humans and computing devices. The 15th IFIP TC.13 International Conference on Human-Computer Interaction - INTERACT 2015 took place from 14 to 18 September 2015 in Bamberg, Germany. The theme of INTERACT 2015 was "Connection.Tradition.Innovation". This volume presents the Adjunct Proceedings - it contains the position papers for the students of the Doctoral Consortium as well as the position papers of the participants of the various workshops

The Proceedings of the 23rd Annual International Conference on Digital Government Research (DGO2022) Intelligent Technologies, Governments and Citizens June 15-17, 2022

The 23rd Annual International Conference on Digital Government Research theme is “Intelligent Technologies, Governments and Citizens”. Data and computational algorithms make systems smarter, but should result in smarter government and citizens. Intelligence and smartness affect all kinds of public values - such as fairness, inclusion, equity, transparency, privacy, security, trust, etc., and is not well-understood. These technologies provide immense opportunities and should be used in the light of public values. Society and technology co-evolve and we are looking for new ways to balance between them. Specifically, the conference aims to advance research and practice in this field. The keynotes, presentations, posters and workshops show that the conference theme is very well-chosen and more actual than ever. The challenges posed by new technology have underscored the need to grasp the potential. Digital government brings into focus the realization of public values to improve our society at all levels of government. The conference again shows the importance of the digital government society, which brings together scholars in this field. Dg.o 2022 is fully online and enables to connect to scholars and practitioners around the globe and facilitate global conversations and exchanges via the use of digital technologies. This conference is primarily a live conference for full engagement, keynotes, presentations of research papers, workshops, panels and posters and provides engaging exchange throughout the entire duration of the conference