TINA Service Validation: The ErnesTINA project

While extensive work has been carried out with the goal of validating the TINA architecture and the TINA documents, little has been done yet for the validation of TINA services. This is the main focus of the ErnesTINA project. In the ErnesTINA project, we propose an integrated approach to facilitate the validation of TINA services by verifying at run-time that the service implementation has not violated and is not violating certain predefined properties. In this paper, we present the specification of the properties, the run-time observation of the distributed environment, the validation of the properties and finally the implementation of the concepts in a prototype

Improving Secure Device Insertion in Home Ad Hoc Networks

Home ad-hoc networks are sets of devices that interact to offer enhanced services to the users. These networks are heterogeneous, dynamic and fully decentralized. Moreover, they generally lack of a skilled administrator. These properties dramatically reduce the efficiency of classical security approaches: even defining the boundaries of such networks can be difficult. Ways to solve this problem where recently found, using the concept of secure long-term communities. Solutions rely on one critical operation: the secure insertion of a device in the home ad-hoc network. In this paper, we propose two ways to improve this operation, using store-and-forward techniques. The first improvement deals with the ability to realize insertion under loose connectivity circumstances. The other improvement deals with the ability for the user to use any trusted device in order to realize insertion. Keywords: Network Security, Key-management

Internet of things: where to be is to trust

[EN] Networks' creation is getting more and more required, anytime, anywhere. Devices that can participate on these networks can be quite different among them. Sensors, mobiles, home appliances, or other type of devices will have to collaborate to increase and improve the services provided to clients. In the same way, network configuration, security mechanisms establishment, and optimal performance control must be done by them. Some of these devices could have limited resources to work, sometimes even resources restriction not existing, they must work to optimize network traffic. In this article, we center our researching on spontaneous networks. We propose a secure spontaneous ad-hoc network, based on direct peer-to-peer interaction and communities' creation to grant a quick, easy, and secure access to users to surf the Web. Each device will have an identity in the network. Each community will also have an identity and will act as a unity on a world based on Internet connection. Security will be established in the moment they access to the network through the use of the trust chain generated by nodes. Trust is modified by each node on the basis of nodes behaviorLacuesta, R.; Palacios-Navarro, G.; Cetina Englada, C.; Peñalver Herrero, ML.; Lloret, J. (2012). Internet of things: where to be is to trust. EURASIP Journal on Wireless Communications and Networking. (203):1-16. doi:10.1186/1687-1499-2012-203S116203Lipnack J, Stamps J: Virtual Teams: Researching Across Space, Time, and Organizations with Technology. New York: John Wiley and Sons; 1997.Ahuja MK, Carley KN: Network structure in virtual organizations, organization science, Vol. 10, No. 6, Special Issue: Communication Processes for Virtual Organizations, November–December. 1999, 741-757.Mowshowitz A: Virtual organization. Commun ACM 1997, 40(9):30-37. 10.1145/260750.260759Preuß S: CH Cap, Overview of spontaneous networking-evolving concepts and technologies, in Rostocker Informatik-Berichte. Rostock: Fachbereich Informatik der Universit; 2000:113-123.Feeney LM, Ahlgren B, Westerlund A: Spontaneous networking: an application-oriented approach to ad hoc networking. IEEE Commun Mag 2001, 39(6):176-181. 10.1109/35.925687Latvakoski J, Pakkala D, Pääkkönen P: A communication architecture for spontaneous systems. IEEE Wirel Commun 2004, 11(3):36-42. 10.1109/MWC.2004.1308947Mani M, Nguyen A-M, Crespi N: SCOPE: a prototype for spontaneous P2P social networking. Proceedings of 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops) 2010, 220-225.Legendre F, de Amorim MD, Fdida S: Implicit merging of overlapping spontaneous networks. Proceedings of Vehicular Technology Conference 2004, 3050-3054.Zarate Silva VH, De Cruz Salgado EI, Ramos Quintana F: AWISPA: an awareness framework for collaborative spontaneous networks. 36th Annual Frontiers in Education Conference 2006, 27-31.Perkins CE, Bhagwat P: Highly dynamic destination sequenced distance-vector routing (DSDV) for mobile computers. Proceedings of the Conference on Communications Architectures, Protocols and Applications (SIGCOMM’94 1994, 234-244.Johnson DB, Maltz DA, Broch J: DSR: The Dynamic Source Routing Protocol for Multihop Wireless Ad Hoc Networks. Boston, MA: Ad Hoc Networking (Addison-Wesley Longman Publishing; 2001.Perkins C, Belding-Royer E, Das S: Ad hoc on-demand distance vector (AODV) routing, RFC 3561. 2003.Park V, Corson MS: IETF MANET Internet Draft “draft-ietf-MANET-tora-spe03.txt”, November 2000. 2012. Accessed March http://tools.ietf.org/html/draft-ietf-manet-tora-spec-03Viana AC, De Amorim MD, Fdida S, de Rezende JF: Self-organization in spontaneous networks: the approach of DHT-based routing protocols. Ad Hoc Networks 2005, 3(5):589-606. 10.1016/j.adhoc.2004.08.006Lacuesta R, Peñalver L: IP addresses configuration in spontaneous networks. In Proceedings of the 9th WSEAS International Conference on Computers. Athens, Greece; 2005:1-6.Alvarez-Hamelin JI, Viana AC, de Amorim M Dias: Architectural considerations for a self-configuring routing scheme for spontaneous networks, Technical Report 1. 2005.Lacuesta R, Peñalver L: Automatic configuration of ad-hoc networks: establishing unique IP link-local addresses. In Proceedings of the International Conference on Emerging Security Information, Systems and Technologies (SECURWARE’07). Valencia, Spain; 2007:157-162.Foulks EF: Social network therapies and society: an overview. Contemp Fam Therapy 1985, 3(4):316-320.IBM: A Smarter Planet. 2012. http://www.ibm.com/smarterplanetMontenegro G, Kushalnagar N, Hui J, Culler D: RFC 4944: Transmission of IPv6 Packets over IEEE 802.15.4 Networks. 2007.Alcaraz C, Najera P, Lopez J, Roman R: Wireless Sensor Networks and the Internet of Things: Do We Need a Complete Integration?, 1st International workshop on the security of The internet of Things (SecIoT). tokyo (Japan); 2010. . Accessed January 2012 1er International Workshop on the Security of The Internet of Things (SecIoT 2010) http://www.nics.uma.es/seciot10/files/pdf/alcaraz_seciot10_paper.pdfFerscha A, Davies N, Schmidt A, Streitz N: Pervasive Socio-Technical Fabric. Procedia Computer Science 2011, 7: 88-91.Hubaux JP, Buttyán L, Capkun S: The quest for security in mobile ad-hoc networks, in Proceedings of the ACM Symposium on Mobile Ad-hoc Networking and Computing. 2001, 146-155.Wang Y, Varadharajan V: Interaction trust evaluation in decentralized environments, e-commerce and web technologies. In Proceedings of 5th International Conference on Electronic Commerce and Web Technologies, vol LNCS 3182. Springer; 2004:144-153.Jimin L, Junbao L, Aiguo A, Zhenpeng L: Two-way trust evaluation based on feedback. in Conference on Logistics Systems and Intelligent Management 2010, 3: 1910-1914.Daskapan S, Nurtanti I, Van den Berg J: Trust algorithms in P2P file sharing networks. Int J Internet Technol Secured Trans 2010, 2(1–2):174-200.Maña A, Koshutanski H, Pérez EJ: A trust negotiation based security framework for service provisioning in load-balancing clusters. Comput Secur 2012, 31(1):4-25. 10.1016/j.cose.2011.11.006Stajano F, Anderson R: The resurrecting duckling security issues for ad-hoc wireless networks. Security Protocols, 7th International Workshop Proceedings, Lecture notes in Computer Science, LNCS 1296 1999, 172-194.Balfanz D, Smetters DK, Stewart P, ChiWong H: Talking to strangers: authentication in ad-hoc wireless networks, in Symposium on Network and Distributed Systems Security (NDSS’02). San Diego, CA; 2002.Capkun S, Hubaux JP, Buttyán L: Mobility helps security in ad-hoc networks. In Proceedings of the 4th ACM international symposium on Mobile ad hoc networking & computing. MD, USA: Annapolis; 2003:46-56.Metzger MJ: Privacy, trust, and disclosure: exploring barriers to electronic commerce. J Comput-Mediat Commun 2004, 9(4). http://jcmc.indiana.edu/vol9/issue4/metzger.html 2004, 9(4)

SCOR: A secure international informatics infrastructure to investigate COVID-19

Global pandemics call for large and diverse healthcare data to study various risk factors, treatment options, and disease progression patterns. Despite the enormous efforts of many large data consortium initiatives, scientific community still lacks a secure and privacy-preserving infrastructure to support auditable data sharing and facilitate automated and legally compliant federated analysis on an international scale. Existing health informatics systems do not incorporate the latest progress in modern security and federated machine learning algorithms, which are poised to offer solutions. An international group of passionate researchers came together with a joint mission to solve the problem with our finest models and tools. The SCOR Consortium has developed a ready-to-deploy secure infrastructure using world-class privacy and security technologies to reconcile the privacy/utility conflicts. We hope our effort will make a change and accelerate research in future pandemics with broad and diverse samples on an international scale

HideMyApp : Hiding the Presence of Sensitive Apps on Android

Millions of users rely on mobile health (mHealth) apps to manage their wellness and medical conditions. Although the popularity of such apps continues to grow, several privacy and security challenges can hinder their potential. In particular, the simple fact that an mHealth app is installed on a user's phone can reveal sensitive information about the user's health. Due to Android's open design, any app, even without permissions, can easily check for the presence of a specific app or collect the entire list of installed apps on the phone. Our analysis shows that Android apps expose a significant amount of metadata, which facilitates fingerprinting them. Many third parties are interested in such information: Our survey of 2917 popular apps in the Google Play Store shows that around 57% of these apps explicitly query for the list of installed apps. Therefore, we designed and implemented HideMyApp (HMA), an effective and practical solution for hiding the presence of sensitive apps from other apps. HMA does not require any changes to the Android operating system or to apps yet still supports their key functionalities. By using a diverse dataset of both free and paid mHealth apps, our experimental evaluation shows that HMA supports the main functionalities in most apps and introduces acceptable overheads at runtime (i.e., several milliseconds); these findings were validated by our user-study (N = 30). In short, we show that the practice of collecting information about installed apps is widespread and that our solution, HMA, provides a robust protection against such a threat

British intelligence towards the end of the millenium Issues and opportunities

SIGLEAvailable from British Library Document Supply Centre-DSC:5293.2085(38) / BLDSC - British Library Document Supply CentreGBUnited Kingdo