Trust and Privacy Permissions for an Ambient World

Ambient intelligence (AmI) and ubiquitous computing allow us to consider a future where computation is embedded into our daily social lives. This vision raises its own important questions and augments the need to understand how people will trust such systems and at the same time achieve and maintain privacy. As a result, we have recently conducted a wide reaching study of people’s attitudes to potential AmI scenarios with a view to eliciting their privacy concerns. This chapter describes recent research related to privacy and trust with regard to ambient technology. The method used in the study is described and findings discussed

Fog Computing in Medical Internet-of-Things: Architecture, Implementation, and Applications

In the era when the market segment of Internet of Things (IoT) tops the chart in various business reports, it is apparently envisioned that the field of medicine expects to gain a large benefit from the explosion of wearables and internet-connected sensors that surround us to acquire and communicate unprecedented data on symptoms, medication, food intake, and daily-life activities impacting one's health and wellness. However, IoT-driven healthcare would have to overcome many barriers, such as: 1) There is an increasing demand for data storage on cloud servers where the analysis of the medical big data becomes increasingly complex, 2) The data, when communicated, are vulnerable to security and privacy issues, 3) The communication of the continuously collected data is not only costly but also energy hungry, 4) Operating and maintaining the sensors directly from the cloud servers are non-trial tasks. This book chapter defined Fog Computing in the context of medical IoT. Conceptually, Fog Computing is a service-oriented intermediate layer in IoT, providing the interfaces between the sensors and cloud servers for facilitating connectivity, data transfer, and queryable local database. The centerpiece of Fog computing is a low-power, intelligent, wireless, embedded computing node that carries out signal conditioning and data analytics on raw data collected from wearables or other medical sensors and offers efficient means to serve telehealth interventions. We implemented and tested an fog computing system using the Intel Edison and Raspberry Pi that allows acquisition, computing, storage and communication of the various medical data such as pathological speech data of individuals with speech disorders, Phonocardiogram (PCG) signal for heart rate estimation, and Electrocardiogram (ECG)-based Q, R, S detection.Comment: 29 pages, 30 figures, 5 tables. Keywords: Big Data, Body Area Network, Body Sensor Network, Edge Computing, Fog Computing, Medical Cyberphysical Systems, Medical Internet-of-Things, Telecare, Tele-treatment, Wearable Devices, Chapter in Handbook of Large-Scale Distributed Computing in Smart Healthcare (2017), Springe

JavaScript: Bringing Object-Level Security to the Browser

JavaScript has evolved from a simple language intended to give web browsers basic hinteraction into a fully featured dynamic language that allows the browser to become an application delivery platform. With innovations such as asynchronous JavaScript and XML (AJAX) and JavaScript Object Notation (JSON), JavaScript has become the de facto standard for creating interactive web applications. With its new found power and popularity, JavaScript has been the target of many attacks. In this paper, we present a framework that allows programmers to define secure properties of JavaScript objects such that they are more immune to malicious activity and require a smaller footprint that existing solutions. We then use our framework and apply it to an already built JavaScript system to analyze its properties and effectiveness.unpublishednot peer reviewe

H2B: Heartbeat-based Secret Key Generation Using Piezo Vibration Sensors

We present Heartbeats-2-Bits (H2B), which is a system for securely pairing wearable devices by generating a shared secret key from the skin vibrations caused by heartbeat. This work is motivated by potential power saving opportunity arising from the fact that heartbeat intervals can be detected energy-efficiently using inexpensive and power-efficient piezo sensors, which obviates the need to employ complex heartbeat monitors such as Electrocardiogram or Photoplethysmogram. Indeed, our experiments show that piezo sensors can measure heartbeat intervals on many different body locations including chest, wrist, waist, neck and ankle. Unfortunately, we also discover that the heartbeat interval signal captured by piezo vibration sensors has low Signal-to-Noise Ratio (SNR) because they are not designed as precision heartbeat monitors, which becomes the key challenge for H2B. To overcome this problem, we first apply a quantile function-based quantization method to fully extract the useful entropy from the noisy piezo measurements. We then propose a novel Compressive Sensing-based reconciliation method to correct the high bit mismatch rates between the two independently generated keys caused by low SNR. We prototype H2B using off-the-shelf piezo sensors and evaluate its performance on a dataset collected from different body positions of 23 participants. Our results show that H2B has an overwhelming pairing success rate of 95.6%. We also analyze and demonstrate H2B's robustness against three types of attacks. Finally, our power measurements show that H2B is very power-efficient

M-health review: joining up healthcare in a wireless world

In recent years, there has been a huge increase in the use of information and communication technologies (ICT) to deliver health and social care. This trend is bound to continue as providers (whether public or private) strive to deliver better care to more people under conditions of severe budgetary constraint

Survey and Systematization of Secure Device Pairing

Secure Device Pairing (SDP) schemes have been developed to facilitate secure communications among smart devices, both personal mobile devices and Internet of Things (IoT) devices. Comparison and assessment of SDP schemes is troublesome, because each scheme makes different assumptions about out-of-band channels and adversary models, and are driven by their particular use-cases. A conceptual model that facilitates meaningful comparison among SDP schemes is missing. We provide such a model. In this article, we survey and analyze a wide range of SDP schemes that are described in the literature, including a number that have been adopted as standards. A system model and consistent terminology for SDP schemes are built on the foundation of this survey, which are then used to classify existing SDP schemes into a taxonomy that, for the first time, enables their meaningful comparison and analysis.The existing SDP schemes are analyzed using this model, revealing common systemic security weaknesses among the surveyed SDP schemes that should become priority areas for future SDP research, such as improving the integration of privacy requirements into the design of SDP schemes. Our results allow SDP scheme designers to create schemes that are more easily comparable with one another, and to assist the prevention of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications Surveys & Tutorials 2017 (Volume: PP, Issue: 99