Reconsidering big data security and privacy in cloud and mobile cloud systems

Large scale distributed systems in particular cloud and mobile cloud deployments provide great services improving people\u27s quality of life and organizational efficiency. In order to match the performance needs, cloud computing engages with the perils of peer-to-peer (P2P) computing and brings up the P2P cloud systems as an extension for federated cloud. Having a decentralized architecture built on independent nodes and resources without any specific central control and monitoring, these cloud deployments are able to handle resource provisioning at a very low cost. Hence, we see a vast amount of mobile applications and services that are ready to scale to billions of mobile devices painlessly. Among these, data driven applications are the most successful ones in terms of popularity or monetization. However, data rich applications expose other problems to consider including storage, big data processing and also the crucial task of protecting private or sensitive information. In this work, first, we go through the existing layered cloud architectures and present a solution addressing the big data storage. Secondly, we explore the use of P2P Cloud System (P2PCS) for big data processing and analytics. Thirdly, we propose an efficient hybrid mobile cloud computing model based on cloudlets concept and we apply this model to health care systems as a case study. Then, the model is simulated using Mobile Cloud Computing Simulator (MCCSIM). According to the experimental power and delay results, the hybrid cloud model performs up to 75% better when compared to the traditional cloud models. Lastly, we enhance our proposals by presenting and analyzing security and privacy countermeasures against possible attacks

A Salient Missing Link in RFID Security Protocols

In side channel analysis, an attacker utilizes some legitimate function queries in order to collect the corresponding responses of a cryptographic system while it is functioning in a normal mode. If those responses reveal some unwanted information about the secrecy or privacy, this leakage is called side channel information and these responses are called side channels. In this respect, careless deployments of "secure" RFID authentication protocols are not exceptions and subject to side channel attacks. Focusing on lightweight RFID security protocols; we examine the server responses for several RFID tags and realize that if the database querying is performed through a static process, the RFID system is subject to timing attacks that could easily jeopardize the system's untraceability criteria. We demonstrate our attack on some well-known protocols and outline a countermeasure by precisely describing the database query mechanism. Furthermore, we analyze the success probability of the attack in terms of the system parameters such as the number of tags, number of cryptographic operations that have to be carried out, and server's computational power.</p

Analyzing and comparing the AES architectures for their power consumption

It has been a decade since the block cipher Rijndael-with some minor changes-takes the name AES (Advanced Encryption Standard) and becomes the new block cipher standard of US government. Over the passed years, through deeper analysis and conducted measurements, AES has gained significant confidence for its security. Meanwhile, the sophistication in its realizations has also evolved considerably; system designers are now able to choose a suitable AES architecture tailored for their area and performance needs. Couple of years ago, the wider technological trend has shifted towards the power aware system design, hence, low power AES architectures gain importance over area and performance oriented designs. In this study, we examine and employ the low power design techniques in reducing the power consumption. These efforts allow us to come up with a slightly different architecture for s-box module. As a result, the power consumptions of AES over the Field Programmable Gate Arrays (FPGAs) are reduced. All described work and respective measurements are carried on Xilinx FPGA families and possible comparisons are made with the existing literature

Never Lose Your ECG: A Novel Key Generation and Authentication Scheme for Implantable Medical Devices

Implantable medical devices, such as pacemakers, cardiac defibrillators, and insulin pumps, play a crucial role in monitoring patients&#x2019; vital signs within healthcare systems. However, these networked devices are susceptible to external attacks and breaches of trust, hindering the potential innovation and social benefits of eHealth services. To address these concerns, we propose a novel ECG-based key generation scheme and blockchain-based authentication protocol to build a trustworthy healthcare service under any situation. The key will be extracted in a single heartbeat using fiducial features. Compared with the existing works, the proposed key generation achieves the most efficient and secure method by introducing newly designed techniques to identify the unique features based on the time differences within a small window of the ECG signals. In our key generation process, we utilized three distinct fiducial features: amplitude peak differences, time differences between peaks, and slope between each pair of peaks. After obtaining the distinct fiducial features, each set of features denoted as ${F}$ undergoes an encoding process, resulting in 16-bit vectors. To ensure randomness, the most significant bits of the encoded vectors are discarded due to their low entropy and least significant bits, which offer a greater degree of variability has been used. To validate our key generation method, we conducted the NIST statistical suite test. Our key generation process successfully passed all the necessary criteria and requirements set by the NIST suite test for ensuring the security and reliability of cryptographic systems. The proposed authentication protocol for the interaction between a patient and a doctor consists of three parts, addressing different scenarios that may arise including a patient visits a new doctor and emergencies which may be necessary for emergency medical services (EMS) personnel to immediately access the IMD. Experimental results demonstrate the efficiency and effectiveness of our key generation, as it produces a key of the same length within a second while maintaining a high level of randomness. Furthermore, the communication overhead for providing authentication services on the Internet is minimal. To evaluate the vulnerability of an authentication protocol, we performed a thorough security analysis, with a specific focus on the adversary model within the IMD (Implantable Medical Device) and DP (Device Programmer) interaction. Additionally, we implemented the proposed methods on a hardware setup by considering several factors, including time, key bit size, and memory usage. Furthermore, the proposed biometric key generation is tested using the NIST standard suite, where it successfully satisfied all the major requirements