Communication Efficient Secret Sharing

A secret sharing scheme is a method to store information securely and reliably. Particularly, in a threshold secret sharing scheme, a secret is encoded into $n$ shares, such that any set of at least $t_1$ shares suffice to decode the secret, and any set of at most $t_2 < t_1$ shares reveal no information about the secret. Assuming that each party holds a share and a user wishes to decode the secret by receiving information from a set of parties; the question we study is how to minimize the amount of communication between the user and the parties. We show that the necessary amount of communication, termed "decoding bandwidth", decreases as the number of parties that participate in decoding increases. We prove a tight lower bound on the decoding bandwidth, and construct secret sharing schemes achieving the bound. Particularly, we design a scheme that achieves the optimal decoding bandwidth when $d$ parties participate in decoding, universally for all $t_1 \le d \le n$. The scheme is based on Shamir's secret sharing scheme and preserves its simplicity and efficiency. In addition, we consider secure distributed storage where the proposed communication efficient secret sharing schemes further improve disk access complexity during decoding.Comment: submitted to the IEEE Transactions on Information Theory. New references and a new construction adde

SFTSDH: Applying Spring Security Framework with TSD-Based OAuth2 to Protect Microservice Architecture APIs

The Internet of Medical Things (IoMT) combines medical devices and applications that use network technologies to connect healthcare information systems (HIS). IoMT is reforming the medical industry by adopting information and communication technologies (ICTs). Identity verification, secure collection, and exchange of medical data are essential in health applications. In this study, we implemented a hybrid security solution to secure the collection and management of personal health data using Spring Framework (SF), Services for Sensitive Data (TSD) as a service platform, and Hyper-Text-Transfer-Protocol (HTTP (H)) security methods. The adopted solution (SFTSDH = SF + TSD + H) instigated the following security features: identity brokering, OAuth2, multifactor authentication, and access control to protect the Microservices Architecture Application Programming Interfaces (APIs), following the General Data Protection Regulation (GDPR). Moreover, we extended the adopted security solution to develop a digital infrastructure to facilitate the research and innovation work in the electronic health (eHealth) section, focusing on solution validation with theoretical evaluation and experimental testing. We used a web engineering security methodology to achieve and explain the adopted security solution. As a case study, we designed and implemented electronic coaching (eCoaching) prototype system and deployed the same in the developed infrastructure to securely record and share personal health data. Furthermore, we compared the test results with related studies qualitatively for the efficient evaluation of the implemented security solution. The SFTSDH implementation and configuration in the prototype system have effectively secured the eCoach APIs from an attack in all the considered scenarios. The eCoach prototype with the SFTSDH solution effectively sustained a load of (≈) 1000 concurrent users in the developed digital health infrastructure. In addition, we performed a qualitative comparison among the following security solutions: SF security, third-party security, and SFTSDH, where SFTSDH showed a promising outcome.publishedVersio

Contextualizing Alternative Models of Secret Sharing

A secret sharing scheme is a means of distributing information to a set of players such that any authorized subset of players can recover a secret and any unauthorized subset does not learn any information about the secret. In over forty years of research in secret sharing, there has been an emergence of new models and extended capabilities of secret sharing schemes. In this thesis, we study various models of secret sharing and present them in a consistent manner to provide context for each definition. We discuss extended capabilities of secret sharing schemes, including a comparison of methods for updating secrets via local computations on shares and an analysis of approaches to reproducing/repairing shares. We present an analysis of alternative adversarial settings which have been considered in the area of secret sharing. In this work, we present a formalization of a deniability property which is inherent to some classical secret sharing schemes. We provide new, game-based definitions for different notions of verifiability and robustness. By using consistent terminology and similar game-based definitions, we are able to demystify the subtle differences in each notion raised in the literature

Driving Into the Twenty-First Century: Technology Solutions to Transportation Problems Symposium, IISTPS Report S-99-I

Driving Into the Twenty-First Century: Technology Solutions to Transportation Problems is the transcript of a symposium held on November 16, 1998. The symposium was sponsored by the Norman Y. Mineta International Institute for Surface Transportation Policy Studies, the Silicon Valley Manufacturing Group, Hewlett-Packard and Lockheed Martin. Numerous industry leaders and innovators were invited to participate in the open forum, and several vendors of electric and alternative power vehicles were on hand for participants to view and test drive. Topics of discussion included new technologies which will make commute times more pleasant for the 21st century worker. These possibilities include high-tech user-friendly highways, electronic toll collections, quicker response times for emergency vehicles, and the Intelligent Vehicles of tomorrow will help ease time spent in traffic thus making commute time less stressful, and perhaps even productive

Adaptive Multiprocessor Real-Time Systems

Over the past few years, as multicore technology has become cost-effective, multiprocessor systems have become increasingly prevalent. The growing availability of such systems has spurred the development of computationally-intensive applications for which single-processor designs are insufficient. Many such applications have timing constraints; such timing constraints are often not static, but may change in response to both external and internal stimuli. Examples of such applications include tracking systems and many multimedia applications. Motivated by these observations, this dissertation proposes several different adaptive scheduling algorithms that are capable of guaranteeing flexible timing constraints on multiprocessor platforms. Under traditional task models (e.g., periodic, sporadic, etc.), the schedulability of a system is based on each task’s worst-case execution time (WCET), which defines the maximum amount of time that each of its jobs can execute. The disadvantage of using WCETs is that systems may be deemed unschedulable even if they would function correctly most of the time when deployed. Adaptive real-time scheduling algorithms allow the timing constraints of applications to be adjusted based upon runtime conditions, instead of always using fixed timing constraints based upon WCETs. While there is a substantial body of prior work on scheduling applications with static timing constraints on multiprocessor systems, prior to this dissertation, no adaptive multiprocessor scheduling approach existed that is capable of ensuring bounded “error” (where error is measured by comparison to an ideal allocation). In this dissertation, this limitation is addressed by proposing five different multiprocessor scheduling algorithms that allow a task’s timing constraints to change at runtime. The five proposed adaptive algorithms are based on different non-adaptive multiprocessor scheduling algorithms that place different restrictions on task migrations and preemptions. The relative advantages of these algorithms are compared by simulating both the Whisper human tracking system and the Virtual Exposure Camera (VEC), both of which were developed at The University of North Carolina at Chapel Hill. In addition, a feedback-based adaptive framework is proposed that not only allows timing constraints to adapt at runtime, but also detects which adaptions are needed. An implementation of this adaptive framework on a real-time multiprocessor testbed is discussed and its performance is evaluated by using the core operations of both Whisper and VEC. From this dissertation, it can be concluded that feedback and optimization techniques can be used to determine at runtime which adaptions are needed. Moreover, the accuracy of an adaptive algorithm can be improved by allowing more frequent task migrations and preemptions; however, this accuracy comes at the expense of higher migration and preemption costs, which impacts average-case performance. Thus, there is a tradeoff between accuracy and average-case performance that depends on the frequency of task migrations/preemptions and their cost

Towards a Common Software/Hardware Methodology for Future Advanced Driver Assistance Systems

The European research project DESERVE (DEvelopment platform for Safe and Efficient dRiVE, 2012-2015) had the aim of designing and developing a platform tool to cope with the continuously increasing complexity and the simultaneous need to reduce cost for future embedded Advanced Driver Assistance Systems (ADAS). For this purpose, the DESERVE platform profits from cross-domain software reuse, standardization of automotive software component interfaces, and easy but safety-compliant integration of heterogeneous modules. This enables the development of a new generation of ADAS applications, which challengingly combine different functions, sensors, actuators, hardware platforms, and Human Machine Interfaces (HMI). This book presents the different results of the DESERVE project concerning the ADAS development platform, test case functions, and validation and evaluation of different approaches. The reader is invited to substantiate the content of this book with the deliverables published during the DESERVE project. Technical topics discussed in this book include:Modern ADAS development platforms;Design space exploration;Driving modelling;Video-based and Radar-based ADAS functions;HMI for ADAS;Vehicle-hardware-in-the-loop validation system

Change blindness: eradication of gestalt strategies

Arrays of eight, texture-defined rectangles were used as stimuli in a one-shot change blindness (CB) task where there was a 50% chance that one rectangle would change orientation between two successive presentations separated by an interval. CB was eliminated by cueing the target rectangle in the first stimulus, reduced by cueing in the interval and unaffected by cueing in the second presentation. This supports the idea that a representation was formed that persisted through the interval before being 'overwritten' by the second presentation (Landman et al, 2003 Vision Research 43149–164]. Another possibility is that participants used some kind of grouping or Gestalt strategy. To test this we changed the spatial position of the rectangles in the second presentation by shifting them along imaginary spokes (by ±1 degree) emanating from the central fixation point. There was no significant difference seen in performance between this and the standard task [F(1,4)=2.565, p=0.185]. This may suggest two things: (i) Gestalt grouping is not used as a strategy in these tasks, and (ii) it gives further weight to the argument that objects may be stored and retrieved from a pre-attentional store during this task

Urban--intricacy--darkness.

Cheng Pak Chiu Lemuel."Architecture Department, Chinese University of Hong Kong, Master of Architecture Programme 1999-2000, design report."project synopsis --- p.4Chapter i/ --- background --- p.10"my first moment, personal experience I" --- p.12urban intricacy --- p.13fluidiy of mass (people) --- p.14transience of time --- p.15flooding --- p.17notes: flooding --- p.18Chapter ii/ --- paradox --- p.20to go with it? --- p.22notes: bernard tschumibody in shadow --- p.24notes: time --- p.25notes: time --- p.27notes: film --- p.29the evaporation --- p.30the value --- p.31urban paradox? --- p.32my scope --- p.32personal experience II: an electrical failure --- p.33what if?... --- p.33Chapter iii/ --- inquiry --- p.34"momentary ""darkness""" --- p.38notes --- p.39[frag]miliarity --- p.42the spirit of intricacy --- p.44the possiblity of body --- p.45the possibility of time --- p.47"other ""darkness"""notes: --- p.48konnonji temple in japan --- p.49"Exodous, competition entry, Rem Koolhaas" --- p.50"Laban Center for Movement and Dance, Peter Zumthor" --- p.51Chapter iv/ --- translation --- p.52Tanslation into program --- p.54concept I between --- p.55concept II within --- p.57program(s): urban columbaria + public bath --- p.60s.o. program (provisioinal) --- p.61users --- p.62client --- p.64other possible programs? --- p.66urban / sitewhere? --- p.68district I: sheung wan / central --- p.69district II: tsim sha tsui --- p.73district III: causeway bay --- p.77my choice --- p.81Chapter v/ --- appedix --- p.82bibliographies --- p.83review 1 --- p.84"paper ""architectural from spontaneous, a phenomal sense in Hong Kong""" --- p.85diaglogue with instructor --- p.90amendment and responses --- p.9

Security of Cyber-Physical Systems

Cyber-physical system (CPS) innovations, in conjunction with their sibling computational and technological advancements, have positively impacted our society, leading to the establishment of new horizons of service excellence in a variety of applicational fields. With the rapid increase in the application of CPSs in safety-critical infrastructures, their safety and security are the top priorities of next-generation designs. The extent of potential consequences of CPS insecurity is large enough to ensure that CPS security is one of the core elements of the CPS research agenda. Faults, failures, and cyber-physical attacks lead to variations in the dynamics of CPSs and cause the instability and malfunction of normal operations. This reprint discusses the existing vulnerabilities and focuses on detection, prevention, and compensation techniques to improve the security of safety-critical systems