Shinren : Non-monotonic trust management for distributed systems

The open and dynamic nature of modern distributed systems and pervasive environments presents significant challenges to security management. One solution may be trust management which utilises the notion of trust in order to specify and interpret security policies and make decisions on security-related actions. Most trust management systems assume monotonicity where additional information can only result in the increasing of trust. The monotonic assumption oversimplifies the real world by not considering negative information, thus it cannot handle many real world scenarios. In this paper we present Shinren, a novel non-monotonic trust management system based on bilattice theory and the anyworld assumption. Shinren takes into account negative information and supports reasoning with incomplete information, uncertainty and inconsistency. Information from multiple sources such as credentials, recommendations, reputation and local knowledge can be used and combined in order to establish trust. Shinren also supports prioritisation which is important in decision making and resolving modality conflicts that are caused by non-monotonicity

Argumentation-based fault diagnosis for home networks

Home networks are a fast growing market but managing them is a difficult task, and diagnosing faults is even more challenging. Current fault management tools provide comprehensive information about the network and the devices but it is left to the user to interpret and reason about the data and experiment in order to find the cause of a problem. Home users may not have motivation or time to learn the required skills. Furthermore current tools adopt a closed approach which hardcodes a knowledge base, making them hard to update and extend. This paper proposes an open fault management framework for home networks, whose goal is to simplify network troubleshooting for non-expert users. The framework is based on assumption-based argumentation that is an AI technique for knowledge representation and reasoning. With the underlying argumentation theory, we can easily capture and model the diagnosis procedures of network administrators. The framework is rule-based and extensible, allowing new rules to be added into the knowledge base and diagnostic strategies to be updated on the fly.The framework can also utilise external knowledge and make distributed diagnosi

Shared and Searchable Encrypted Data for Untrusted Servers

Current security mechanisms pose a risk for organisations that outsource their data management to untrusted servers. Encrypting and decrypting sensitive data at the client side is the normal approach in this situation but has high communication and computation overheads if only a subset of the data is required, for example, selecting records in a database table based on a keyword search. New cryptographic schemes have been proposed that support encrypted queries over encrypted data but all depend on a single set of secret keys, which implies single user access or sharing keys among multiple users, with key revocation requiring costly data re-encryption. In this paper, we propose an encryption scheme where each authorised user in the system has his own keys to encrypt and decrypt data. The scheme supports keyword search which enables the server to return only the encrypted data that satisfies an encrypted query without decrypting it. We provide two constructions of the scheme giving formal proofs of their security. We also report on the results of a prototype implementation. This research was supported by the UK’s EPSRC research grant EP/C537181/1. The authors would like to thank the members of the Policy Research Group at Imperial College for their support

A Consent-based Workflow System for Healthcare Systems

In this paper, we describe a new framework for healthcare systems where patients are able to control the disclosure of their medical data. In our framework, the patient's consent has a pivotal role in granting or removing access rights to subjects accessing patient's medical data. Depending on the context in which the access is being executed, different consent policies can be applied. Context is expressed in terms of workflows. The execution of a task in a given workflow carries the necessary information to infer whether the consent can be implicitly retrieved or should be explicitly requested from a patient. However, patients are always able to enforce their own decisions and withdraw consent if necessary. Additionally, the use of workflows enables us to apply the need-to-know principle. Even when the patient's consent is obtained, a subject should access medical data only if it is required by the actual situation. For example, if the subject is assigned to the execution of a medical diagnosis workflow requiring access to the patient's medical record. We also provide a complex medical case study to highlight the design principles behind our framework. Finally, the implementation of the framework is outlined

Shared and searchable encrypted data for untrusted servers

Current security mechanisms are not suitable for organisations that outsource their data management to untrusted servers. Encrypting and decrypting sensitive data at the client side is the normal approach in this situation but has high communication and computation overheads if only a subset of the data is required, for example, selecting records in a database table based on a keyword search. New cryptographic schemes have been proposed that support encrypted queries over encrypted data. But they all depend on a single set of secret keys, which implies single user access or sharing keys among multiple users, with key revocation requiring costly data re-encryption. In this paper, we propose an encryption scheme where each authorised user in the system has his own keys to encrypt and decrypt data. The scheme supports keyword search which enables the server to return only the encrypted data that satisfies an encrypted query without decrypting it. We provide a concrete construction of the scheme and give formal proofs of its security. We also report on the results of our implementation

Personalizing Situated Workflows for Pervasive Healthcare Applications

In this paper, we present an approach where a workflow system is combined with a policy-based framework for the specification and enforcement of policies for healthcare applications. In our approach, workflows are used to capture entitiespsila responsibilities and to assist entities in fulfilling them. The policy-based framework allows us to express authorisation policies to define the rights that entities have in the system, and event-condition-action (ECA) policies that are used to adapt the system to the actual situation. Authorisations will often depend on the context in which patientspsila care takes place, and our policies support predicates that reflect the environment. ECA policies capture events that reflect the current state of the environment and can perform actions to accordingly adapt the workflow execution. We show how the approach can be used for the Edema treatment and how fine-grained authorisation and ECA policies are expressed and used

Policies for Self Tuning Home Networks

A home network (HN) is usually managed by a user who does not possess knowledge and skills required to perform management tasks. When abnormalities are detected, it is desirable to let the network tune itself under the direction of certain policies. However, self tuning tasks usually require coordination between several network components and most of the network management policies can only specify local tasks. In this paper, we propose a state machine based policy framework to address the problem of fault and performance management in the context of HN. Policies can be specified for complex management tasks as global state machines which incorporate global system behaviour monitoring and reactions. We demonstrate the policy framework through a case study in which policies are specified for dynamic selection of frequency channel in order to improve wireless link quality in the presence of RF interference

Style Talk: A collection of Interviews on Personal Style

My concept for this creative Capstone project is to see how much of a correlation there is between culture and fashion. I wanted to speak to people from a variety of backgrounds to see how much a person’s family and culture impacts the way one regards fashion and affects the way one dresses. In order to have a diverse set of interviews, I chose to interview three American female students and three non-American female students who attend Syracuse University. In the past, I have noticed that many style shows focus on the current trends and do profiles on celebrities and fashion designers. Those stories are filled with entertainment news and are intended to feed us information about what’s up and coming in the fashion and beauty world. There are television pieces I have seen online, in which interview centers on the designer and a couple models before a runway show. I appreciate interviews that take the time to discover the designer’s inspiration for a collection and the model’s experience preparing for the show, because it seems more intimate than a typical promotional interview. Jessica Simpson’s The Price of Beauty, which aired on VH1 in March 2010, was a show aimed at discussing culture with fashion and beauty with local citizens around the world. It seemed coincidental that her show came out around the time I developed an idea for my Capstone. I knew that different cultures have varying opinions on fashion and beauty, but I wanted to localize that idea, since it’s out of my budget to fly around the world. Syracuse University has a diverse body of students and I wanted to focus on the individual who happens to be part of a specific culture. That way I can get to know that female’s personal story and not stereotype her culture’s perception of fashion and beauty. It will solely be the views of someone who comes from a particular culture. As a Television-Radio-Film major, I used video as my medium, but also incorporated still images and graphics into the videos, so it would be a multiplatform project. I did short interviews instead of one short twenty-minute movie, so the interviews would be easy to upload online and people can watch one of the interviews during a quick five-minute break. Through a handheld flipcamera, I recorded my interviews. The advantage of the flipcamera was the ability to easily upload my footage to any computer and edit in the specialized labs that contain the video editing programs. After putting all the interviews together, I branded the project as Style Talk. It’s a simple, self-explanatory title that fits the project perfectly. My interviews focused on individuals to talk about their personal style. It’s a direct process where these young women tell their story to the camera and talk about their style, hence Style Talk. I noticed throughout the interviews that all the girls had a varied amount of interest in regards to fashion. Even the girl who would be classified as the “least fashionable” still puts effort into her look knowing that she doesn’t follow the high-end fashion magazines and works with pieces that she can afford and tailors them to suit her personal needs. Overall, family and culture has had some effect on the way these girls view fashion. What they’ve observed with fashion among their family, friends, and the media, has given them a foundation of how they perceive fashion, in which they have developed their personal style over the years, so now they can make independent decisions in regards to what they wear on a daily basis