25,935 research outputs found
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Matrix powers algorithms for trust evaluation in PKI architectures
This paper deals with the evaluation of trust in public-key infrastructures.
Different trust models have been proposed to interconnect the various PKI
components in order to propagate the trust between them. In this paper we
provide a new polynomial algorithm using linear algebra to assess trust
relationships in a network using different trust evaluation schemes. The
advantages are twofold: first the use of matrix computations instead of graph
algorithms provides an optimized computational solution; second, our algorithm
can be used for generic graphs, even in the presence of cycles. Our algorithm
is designed to evaluate the trust using all existing (finite) trust paths
between entities as a preliminary to any exchanges between PKIs. This can give
a precise evaluation of trust, and accelerate for instance cross-certificate
validation
Preserving Link Privacy in Social Network Based Systems
A growing body of research leverages social network based trust relationships
to improve the functionality of the system. However, these systems expose
users' trust relationships, which is considered sensitive information in
today's society, to an adversary.
In this work, we make the following contributions. First, we propose an
algorithm that perturbs the structure of a social graph in order to provide
link privacy, at the cost of slight reduction in the utility of the social
graph. Second we define general metrics for characterizing the utility and
privacy of perturbed graphs. Third, we evaluate the utility and privacy of our
proposed algorithm using real world social graphs. Finally, we demonstrate the
applicability of our perturbation algorithm on a broad range of secure systems,
including Sybil defenses and secure routing.Comment: 16 pages, 15 figure
Ensuring Cyber-Security in Smart Railway Surveillance with SHIELD
Modern railways feature increasingly complex embedded computing systems for surveillance, that are moving towards fully wireless smart-sensors. Those systems are aimed at monitoring system status from a physical-security viewpoint, in order to detect intrusions and other environmental anomalies. However, the same systems used for physical-security surveillance are vulnerable to cyber-security threats, since they feature distributed hardware and software architectures often interconnected by ‘open networks’, like wireless channels and the Internet. In this paper, we show how the integrated approach to Security, Privacy and Dependability (SPD) in embedded systems provided by the SHIELD framework (developed within the EU funded pSHIELD and nSHIELD research projects) can be applied to railway surveillance systems in order to measure and improve their SPD level. SHIELD implements a layered architecture (node, network, middleware and overlay) and orchestrates SPD mechanisms based on ontology models, appropriate metrics and composability. The results of prototypical application to a real-world demonstrator show the effectiveness of SHIELD and justify its practical applicability in industrial settings
Flow-based reputation: more than just ranking
The last years have seen a growing interest in collaborative systems like
electronic marketplaces and P2P file sharing systems where people are intended
to interact with other people. Those systems, however, are subject to security
and operational risks because of their open and distributed nature. Reputation
systems provide a mechanism to reduce such risks by building trust
relationships among entities and identifying malicious entities. A popular
reputation model is the so called flow-based model. Most existing reputation
systems based on such a model provide only a ranking, without absolute
reputation values; this makes it difficult to determine whether entities are
actually trustworthy or untrustworthy. In addition, those systems ignore a
significant part of the available information; as a consequence, reputation
values may not be accurate. In this paper, we present a flow-based reputation
metric that gives absolute values instead of merely a ranking. Our metric makes
use of all the available information. We study, both analytically and
numerically, the properties of the proposed metric and the effect of attacks on
reputation values
Trust beyond reputation: A computational trust model based on stereotypes
Models of computational trust support users in taking decisions. They are
commonly used to guide users' judgements in online auction sites; or to
determine quality of contributions in Web 2.0 sites. However, most existing
systems require historical information about the past behavior of the specific
agent being judged. In contrast, in real life, to anticipate and to predict a
stranger's actions in absence of the knowledge of such behavioral history, we
often use our "instinct"- essentially stereotypes developed from our past
interactions with other "similar" persons. In this paper, we propose
StereoTrust, a computational trust model inspired by stereotypes as used in
real-life. A stereotype contains certain features of agents and an expected
outcome of the transaction. When facing a stranger, an agent derives its trust
by aggregating stereotypes matching the stranger's profile. Since stereotypes
are formed locally, recommendations stem from the trustor's own personal
experiences and perspective. Historical behavioral information, when available,
can be used to refine the analysis. According to our experiments using
Epinions.com dataset, StereoTrust compares favorably with existing trust models
that use different kinds of information and more complete historical
information
SAMI: Service-Based Arbitrated Multi-Tier Infrastructure for Mobile Cloud Computing
Mobile Cloud Computing (MCC) is the state-ofthe- art mobile computing
technology aims to alleviate resource poverty of mobile devices. Recently,
several approaches and techniques have been proposed to augment mobile devices
by leveraging cloud computing. However, long-WAN latency and trust are still
two major issues in MCC that hinder its vision. In this paper, we analyze MCC
and discuss its issues. We leverage Service Oriented Architecture (SOA) to
propose an arbitrated multi-tier infrastructure model named SAMI for MCC. Our
architecture consists of three major layers, namely SOA, arbitrator, and
infrastructure. The main strength of this architecture is in its multi-tier
infrastructure layer which leverages infrastructures from three main sources of
Clouds, Mobile Network Operators (MNOs), and MNOs' authorized dealers. On top
of the infrastructure layer, an arbitrator layer is designed to classify
Services and allocate them the suitable resources based on several metrics such
as resource requirement, latency and security. Utilizing SAMI facilitate
development and deployment of service-based platform-neutral mobile
applications.Comment: 6 full pages, accepted for publication in IEEE MobiCC'12 conference,
MobiCC 2012:IEEE Workshop on Mobile Cloud Computing, Beijing, Chin
A flexible architecture for privacy-aware trust management
In service-oriented systems a constellation of services cooperate, sharing potentially sensitive information and responsibilities. Cooperation is only possible if the different participants trust each other. As trust may depend on many different factors, in a flexible framework for Trust Management (TM) trust must be computed by combining different types of information. In this paper we describe the TAS3 TM framework which integrates independent TM systems into a single trust decision point. The TM framework supports intricate combinations whilst still remaining easily extensible. It also provides a unified trust evaluation interface to the (authorization framework of the) services. We demonstrate the flexibility of the approach by integrating three distinct TM paradigms: reputation-based TM, credential-based TM, and Key Performance Indicator TM. Finally, we discuss privacy concerns in TM systems and the directions to be taken for the definition of a privacy-friendly TM architecture.\u
Energy efficient mining on a quantum-enabled blockchain using light
We outline a quantum-enabled blockchain architecture based on a consortium of
quantum servers. The network is hybridised, utilising digital systems for
sharing and processing classical information combined with a fibre--optic
infrastructure and quantum devices for transmitting and processing quantum
information. We deliver an energy efficient interactive mining protocol enacted
between clients and servers which uses quantum information encoded in light and
removes the need for trust in network infrastructure. Instead, clients on the
network need only trust the transparent network code, and that their devices
adhere to the rules of quantum physics. To demonstrate the energy efficiency of
the mining protocol, we elaborate upon the results of two previous experiments
(one performed over 1km of optical fibre) as applied to this work. Finally, we
address some key vulnerabilities, explore open questions, and observe
forward--compatibility with the quantum internet and quantum computing
technologies.Comment: 25 pages, 5 figure
- …