2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications最新文献

{"title":"The Value of Automation: A Study of MPI Application Migration Methods","authors":"Karolina Sarnowska-Upton, A. Grimshaw","doi":"10.1109/TrustCom.2013.149","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.149","url":null,"abstract":"This paper presents a user study of the process of migrating MPI applications manually. The gathered data quantifies the scale of the challenge that researchers face when attempting to use shared computing resources. Migrating to one site took on average 2.5 hours where the majority of the time was spent on learning, compiling, and debugging. Less experienced researchers took almost 50% more time and overall spread their effort across more days. Consequently, they took on average three weeks to migrate to four sites. The study data is used to investigate the speedup that can be gained by automating the migration process. How much more efficient application migration can be when utilizing FEAM, the Framework for Efficient Application Migration, instead of just manual methods is modeled in terms of time. While an ideal solution for general automation of application migration would enable computations to run on any available compute resource with minimal user interaction and in a tuned manner, FEAM focuses on what can be automated without recompiling applications. The calculations predict that using FEAM results in a 1.6x speedup on average or just under an hour of effort saved per site. This equates to more than two day of saved effort per site. The results presented in this paper underline the value of automation in the context of application migration.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129355901","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Portable Personal Identity Provider in Mobile Phones","authors":"M. Ferdous, R. Poet","doi":"10.1109/TrustCom.2013.89","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.89","url":null,"abstract":"This paper analyses the prospect of having a Portable Personal Identity Provider (PPIdP, in short) in the mobile phone. The ubiquitous presence of powerful mobile phones equipped with high speed networks can be utilised to make the mobile phone act as a portable and personal Identity Provider (IdP, in short) on behalf of their users. Such an IdP would be helpful for the user in the sense that it will provide a central location to manage different user attributes which are generally scattered among different service providers in the traditional setting of online services. In addition, the user needs to trust the provider to store those attributes securely which may not be always honoured and crucial user attributes may be abused. Creating a Personal Identity Federation using a personal IdP can tackle many of these stated problems. Moreover, such an IdP may provide additional advantages. We have developed such a Mobile IdP for the Android platform based on the Security Assertion Markup Language (SAML) and OpenID as a proof of concept using the Jetty Web Server. In this paper, we discuss the functionalities of our developed IdP and the technical challenges we have faced. Moreover, we analyse the security, privacy and trust issues involved in having such an IdP and the advantages it offers.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129457054","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards Automation of Privacy and Security Risks Analysis in Identity Management Systems","authors":"Ebenezer Paintsil","doi":"10.1109/TrustCom.2013.87","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.87","url":null,"abstract":"Currently, risk analysis methods for identity management systems (IDMSs) mainly rely on manual inspections. Manual inspection is time consuming and expensive. This article introduces the executable model-based risk analysis method (EM-BRAM) with the aim of automating privacy and security risks analysis in IDMSs. The EM-BRAM identifies risk factors inherent in IDMSs and uses them as inputs to a colored petri nets (CPNs) model of a targeted IDMS. It then verifies the system's risk using CPNs' state space analysis and queries. We apply the method to analyze privacy and security risk in the OpenID IDMS.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129926302","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"On the Application of Supervised Machine Learning to Trustworthiness Assessment","authors":"S. Hauke, Sebastian Biedermann, M. Mühlhäuser, D. Heider","doi":"10.1109/TRUSTCOM.2013.5","DOIUrl":"https://doi.org/10.1109/TRUSTCOM.2013.5","url":null,"abstract":"State-of-the art trust and reputation systems seek to apply machine learning methods to overcome generalizability issues of experience-based Bayesian trust assessment. These approaches are, however, often model-centric instead of focussing on data and the complex adaptive system that is driven by reputation-based service selection. This entails the risk of unrealistic model assumptions. We outline the requirements for robust probabilistic trust assessment using supervised learning and apply a selection of estimators to a real-world dataset, in order to show the effectiveness of supervised methods. Furthermore, we provide a representational mapping of estimator output to a belief logic representation for the modular integration of supervised methods with other trust assessment methodologies.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126432862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"P3MCF: Practical Privacy-Preserving Multi-domain Collaborative Filtering","authors":"Toru Nakamura, S. Kiyomoto, R. Watanabe, Yutaka Miyake","doi":"10.1109/TrustCom.2013.271","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.271","url":null,"abstract":"This paper proposes P3MCF, an efficient privacy-preserving, multi-domain collaborative filtering scheme for user oriented recommendations. P3MCF achieves a lightweight, high accuracy recommendation for a multi-domain recommendation system. In P3MCF, a data supplier transfers only statistical values on user ratings to recommenders in order to improve the accuracy of recommendations. P3MCF only requires transmission of O(m) statistical values for each data supplier, where m is the number of items in each user record. We implemented a prototype system and evaluated transaction time and accuracy of recommendations. Experiments confirmed that accuracy could be improved when using statistical values. The results also confirmed that the computation time for predicting a missing value was about 21 milliseconds if we use a public dataset where the number of ratings is 100,000. The experimental results demonstrated that P3MCF was sufficiently practical from the viewpoint of accuracy and transaction time. We also confirmed that P3MCF was applicable to several service models, such as a horizontally partitioned model and a vertically partitioned model.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128006131","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Evaluating the Impact of Broadcast Rates and Collisions on Fake Source Protocols for Source Location Privacy","authors":"Alasdair Thomason, Matthew Leeke, M. Bradbury, A. Jhumka","doi":"10.1109/TrustCom.2013.81","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.81","url":null,"abstract":"Providing source location privacy has become a relevant issue for protocols used in the context of wireless sensor networks. In particular, where an asset is monitored using a wireless sensor network it is often the case that the location of the asset being monitored should be concealed from those eavesdropping on the network. The use of fake sources represents an approach to addressing the source location privacy problem. This paper explores practical factors for the configuration and application of fake source protocols, with a focus on the interplay between the broadcast rates of sensor nodes, message collisions and achieved privacy. Combined with existing work in energy efficient fake source protocols, these contributions evidence the existence of an effective range of broadcast rates for fake source protocols.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128038645","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Parallel Runtime Framework for Communication Intensive Stream Applications","authors":"S. Muralidharan, Kevin Casey, David Gregg","doi":"10.1109/TrustCom.2013.142","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.142","url":null,"abstract":"Stream applications are often limited in their performance by their underlying communication system. A typical implementation relies on the operating system to handle the majority of network operations. In such cases, the communication stack, which was not designed to handle tremendous amounts of data, acts as a bottleneck and restricts the performance of the application. In this paper, we propose a parallel runtime framework that integrates the communication operations with stream applications, and provides a common parallel processing engine that can execute both the communication and computation operations in parallel on multicore processors. We place an emphasis on the low-level details required to implement such a framework, but also provide some guidelines on how an application programmer can employ the framework. Our runtime system uses a set of operations represented as filters to perform the relevant computations on the data stream. Filters that handle the application specific operations are categorized as computation filters and those that transform data to and from network devices are classified as communication filters. Computation filters are designed by the user and are specific to the application. Communication filters are provided by the runtime system and are built using system software that allows direct access to network hardware. Such system software allows the network operations to be performed by the runtime system in parallel, leading to better communication performance. Applications that are designed for this framework are built by constructing application specific computation filters and then connecting them to the communication filters provided by the runtime system. This abstracts the low-level programming of network adapters and protocols by the application developer, making it easier to build stream applications that take advantage of the improved communication performance. Moreover, by dynamically replicating and statically scheduling such filters on the given multicore architecture, it is possible for the runtime system to process multiple data streams in parallel. We are able to parallelize stream applications and achieve speedups of more than a factor of eight in all the applications we tested. The results show that our system scales to as many parallel processes as there are cores on our computer, and achieves speedups of more than a factor of ten in some cases compared to sequential implementations.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132046364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Framework for Improving the Accuracy of Unsupervised Intrusion Detection for SCADA Systems","authors":"Abdulmohsen Almalawi, Z. Tari, A. Fahad, I. Khalil","doi":"10.1109/TrustCom.2013.40","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.40","url":null,"abstract":"Supervisory Control and Data Acquisition (SCADA) systems are a salient part of the control and monitoring of critical infrastructures such as electricity generation, distribution, water treatment and distribution, and gas and oil production. Recently, such systems have increased their connectivity by using public networks and standard protocols (e.g. TCP/IP). However, while enhancing productivity, this will expose these systems to cyber threat. This is because many widely-used protocols in these systems such as MODBUS, DNP3 and EtherNET/IP are lacking authentication, and therefore command injection and data injection are potential threat. An unsupervised intrusion detection technique (with unlabelled data) is an appropriate method to address this issue because labelling the huge amount of data produced by such systems is a costly and time-consuming process. However, unsupervised learning algorithms suffer from low detection accuracy. This paper proposes a framework that can be used as an add-on component for any unsupervised approach to improve its performance. Experimental results confirm that the framework demonstrated a significant improvement in three unsupervised intrusion detection algorithms.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130236553","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Model for Context-Aware Location Identity Preservation Using Differential Privacy","authors":"Roland Assam, T. Seidl","doi":"10.1109/TrustCom.2013.45","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.45","url":null,"abstract":"Geospatial data emanating from GPS-enabled pervasive devices reflects the mobility and interactions between people and places, and poses serious threats to privacy. Most of the existing location privacy works are based on the k-Anonymity privacy paradigm. In this paper, we employ a different and stronger privacy definition called Differential Privacy. We propose a novel context-aware and non context-aware differential privacy technique. Our technique couples Kalman filter and exponential mechanism to ensure differential privacy for spatio-temporal data. We demonstrate that our approach protects outliers and provides stronger privacy than state-of-the-art works.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128952035","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Application Security Framework for Near Field Communication","authors":"Dirar Abu-Saymeh, D. E. D. I. Abou-Tair, Ahmad Zmily","doi":"10.1109/TrustCom.2013.50","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.50","url":null,"abstract":"Smart phones equipped with Near Field Communication (NFC) provide a simple way to initiate contactless transactions and data exchange without having the need to carry additional items such as credit cards, personal IDs, and access keys. To prevent unauthorized NFC transactions in the case of lost or stolen devices, the user needs to be authenticated before each transaction, which adds extra burden on users. In this paper we propose an NFC security framework that simplifies the initiation of secure NFC transactions. The framework calculates a current measure of device security based on user activities and behavior. NFC transactions are authorized if the current device security measure meets the minimum requirement of the application. The framework uses a combination of authentication methods such as password, pin, pattern, finger print, voice and face recognition. In addition, we propose adjusting the device security level dynamically based on user activities, behavior, and background face and voice authentication. As a case study, the framework has been implemented on the Google Android platform. The NFC security framework minimizes the need to intrusively authenticate the user for every NFC transaction thus maintaining the simplicity of using NFC while enhancing its security.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131785116","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}