2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications最新文献

{"title":"Unwanted Content Control via Trust Management in Pervasive Social Networking","authors":"Zheng Yan, R. Kantola, Gaowa Shi, Peng Zhang","doi":"10.1109/TrustCom.2013.29","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.29","url":null,"abstract":"MANET has a good prospect of becoming a practical platform of social networking and computing to support instant social activities and communications, now named pervasive social networking (PSN). However, at the same time as mobile users expect useful and valuable contents via PSN, they may also receive unwanted or unexpected or even malicious contents. This paper proposes an unwanted content control solution through distributed trust management. It can control unwanted contents based on trust evaluation and through traffic and behavior analysis at each MANET node. Simulation based evaluation shows that the solution is effective with regard to a number of unwanted content intrusions and system attacks raised from malicious nodes.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116464321","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Quantitative Risk Analysis for Mobile Cloud Computing: A Preliminary Approach and a Health Application Case Study","authors":"Javeria Samad, S. Loke, Karl Reed","doi":"10.1109/TrustCom.2013.166","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.166","url":null,"abstract":"Mobile cloud computing is presented as the next logical step in the adoption of cloud based systems. However, there are number of issues inherent in it that may limit its uptake. These issues are best understood as \"risks\" which span the whole structure and the life cycle of mobile clouds and could be as varied as security, operations, performance, and end-users behaviours. This paper is a first step in developing a quantitative risk model suitable for a dynamic mobile cloud environment. We also use this model to analyse a mobile cloud based health application and report our findings, which have implications for cloud computing as a whole.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123209485","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Low-Cost Load Balancing for Parallel Particle-in-Cell Simulations with Thick Overlapping Layers","authors":"Y. Miyake, H. Nakashima","doi":"10.1109/TrustCom.2013.134","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.134","url":null,"abstract":"This paper describes a parallel implementation of our practical particle-in-cell (PIC) simulator with the OhHelp dynamic load-balancing algorithm. Although the code parallelization is based on simple block domain decomposition, OhHelp accomplishes load balancing and thus the scalability in terms of the number of particles by making each computation node help another heavily loaded node. In addition to the OhHelp application, a number of additional layers overlapping with adjacent domains are newly introduced outside the boundaries of each subdomain for the purpose of minimizing overhead costs of OhHelp. The optimization can drastically reduce overhead costs for particle transfer among nodes, whereas it leads to increase in domain size which each node is responsible for. Despite this trade-off feature, the overlapping layer attachment and a further lower-level optimization exert 1.8-fold improvement of the PIC simulator performance. Consequently, the optimized simulator exhibits a good scalability and a stable efficiency in parallel executions using up to 4096 cores, showing small parallel efficiency degradation of 3% from 16- to 4096-core parallel executions.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123559453","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Privacy-Leakage-Tolerance Based Noise Enhancing Strategy for Privacy Protection in Cloud Computing","authors":"Gaofeng Zhang, Yun Yang, Jinjun Chen","doi":"10.1109/TrustCom.2013.64","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.64","url":null,"abstract":"Cloud computing promises a service-oriented environment where customers can utilise IT services in a pay-as-you-go fashion while saving huge capital investments on their own IT infrastructures. Due to the openness, malicious service providers may exist in these environments. Some of these service providers could record service data in cloud service processes about a customer and then collectively deduce the customer's private information without authorisation. Noise obfuscation is an effective approach in this regard by utilising noise data. For example, it can generate and inject noise service requests into real customer service requests so that service providers are not able to distinguish which ones are real ones. However, existing typical noise obfuscations do not consider the customer-defined privacy-leakage-tolerance in noise obfuscation processes. Specifically, cloud customers could define a boundary of privacy leakage possibility to require noise obfuscation on privacy protection in cloud computing. In other words, under this boundary -- privacy-leakage-tolerance, noise obfuscation could be enhanced by the efficiency improvement on privacy protection, such as reducing noise service requests injected into real ones. So, the customer can obtain a lower cost on noise data in the pay-as-you-go fashion for cloud environments, with a reasonable effectiveness of privacy protection. Therefore, to address this privacy concern, a novel noise enhancing strategy can be presented. We firstly analyse the privacy-leakage-tolerance for cloud customers in terms of noise generation. Then, the creation of a noise generation set can be presented based on the privacy-leakage-tolerance, and the set can guide and enhance existing noise generation strategies by this boundary. Lastly, we present our novel privacy-leakage-tolerance based noise enhancing strategy for privacy protection in cloud computing. The simulation evaluation demonstrates that our strategy can significantly improve the efficiency of privacy protection on existing noise obfuscations in cloud environments.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122042039","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SeaRum: A Cloud-Based Service for Association Rule Mining","authors":"D. Apiletti, Elena Baralis, T. Cerquitelli, S. Chiusano, L. Grimaudo","doi":"10.1109/TrustCom.2013.153","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.153","url":null,"abstract":"Large volumes of data are being produced by various modern applications at an ever increasing rate. These applications range from wireless sensors networks to social networks. The automatic analysis of such huge data volume is a challenging task since a large amount of interesting knowledge can be extracted. Association rule mining is an exploratory data analysis method able to discover interesting and hidden correlations among data. Since this data mining process is characterized by computationally intensive tasks, efficient distributed approaches are needed to increase its scalability. This paper proposes a novel cloud-based service, named SEARUM, to efficiently mine association rules on a distributed computing model. SEARUM consists of a series of distributed MapReduce jobs run in the cloud. Each job performs a different step in the association rule mining process. As a case study, the proposed approach has been applied to the network data scenario. The experimental validation, performed on two real network datasets, shows the effectiveness and the efficiency of SEARUM in mining association rules on a distributed computing model.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122091384","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Communication and Collaboration Service Components for Ubiquitous Communication Applications","authors":"Ki-Sook Chung, Young-Mee Shin","doi":"10.1109/TrustCom.2013.242","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.242","url":null,"abstract":"Over the past decades we have undergone a series of significant evolution in the computing and communication technologies and have experienced better quality of life. Among these evolutions, the mobile device technology has changed the life-style of people significantly and made new business opportunities. Especially, the widespread use of smartphones accelerates to make ubiquitous communication world. It is needed to apply new technology to the legacy system rapidly and to introduce new applications to the market based on the new functions quickly. This paper describes the Converged Service Platform which provides a playground of applications for application providers, and introduces service components for a ubiquitous communication and collaboration working environment. The Converged Service Platform is designed to support the process of service delivery mechanism which consists of service creation, service execution, and service management based on the Service-Oriented Architecture. The platform focused on supporting communication and collaboration functionalities in the form of service components to make ubiquitous working environment. The service components utilize various communication means such as e-mail, short message, messengers, wired or wireless telephone call and even social network services, and give knowledge sharing functionalities such as file cloud, wiki and etc.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127178807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Conflict and Interference Resolution for Physical Annotation Systems","authors":"Ahmad A. Alzahrani, S. Loke, Hongen Lu","doi":"10.1109/TrustCom.2013.159","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.159","url":null,"abstract":"Physical Annotation (PA) systems have been widely used in recent years. They help users to annotate the physical entities around them with digital data for different purposes such as education, tourism or personal memories. One of the main problems with the widespread use of PAs is conflict and interference between different annotations for the same entity. Therefore, this paper studies conflict and interference issues in PA systems. The paper first provides a formal definition of PA conflict and interference, and then explains the causes and sources. Based on this, we propose detection techniques and provide policies to resolve conflict and interference in PAs. Finally, we present an implementation of the techniques.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"98 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132470906","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Novel Evidential Evaluation for Internal Attacks with Dempster-Shafer Theory in WSN","authors":"Muhammad R. Ahmed, Xu Huang, Hongyan Cui","doi":"10.1109/TrustCom.2013.276","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.276","url":null,"abstract":"Wireless Sensor Network (WSN) consists of low-cost and multifunctional resources constrain nodes that communicate at short distances through wireless links. It is open media and underpinned by an application driven technology for information gathering and processing. It can be used for many different applications range from military implementation in the battlefield, environmental monitoring, health sector as well as emergency response of surveillance. With its nature and application scenario, security of WSN had drawn a great attention. It is known to be valuable to variety of attacks for the construction of nodes and distributed network infrastructure. In order to ensure its functionality especially in malicious environments, security mechanisms are essential. Malicious or internal attacker has gained prominence and poses the most challenging attacks to WSN. Many works have been done to secure WSN from internal attacks but most of it relay on either training data set or predefined threshold. Without a fixed security infrastructure a WSN needs to find the internal attacks is a challenge. Normally, internal attack's node behavioral pattern is different from the other neighbors, called \"good nodes,\" in a system even neighbor nodes can be attacked. In this paper, we use Dempster-Shafer theory (DST) of combined multiple evidences to identify the malicious or internal attacks in a WSN. Moreover, it gives a numerical procedure for fusing together multiple pieces of evidences from unreliable neighbor with higher degree of conflict reliability.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132211950","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Online Query Authentication System for Outsourced Databases","authors":"Ying Zhou, Chen Wang","doi":"10.1109/TrustCom.2013.70","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.70","url":null,"abstract":"The cloud computing paradigm moves increasing amount of data across administrative domains to be managed by various outsourced database (ODB) service providers. There needs a means for a data owner to verify the correctness and completeness of query results returned from these ODB services. The process is called query authentication. This paper proposes to use independent observers for query authentication. This approach enables the data owner to maintain the data state using these observers and the query results can be verified by these observers without any additional information from the ODB. To preserve privacy to a certain degree, the data state is partitioned vertically among observers, therefore no observer has full knowledge about the data. We implement the method on top of a NoSQL database. Our evaluation results in Amazon EC2 show the effectiveness of the method in such kind of databases.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132264701","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Semantic Policy Framework for Context-Aware Access Control Applications","authors":"A.S.M. Kayes, Jun Han, A. Colman","doi":"10.1109/TrustCom.2013.91","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.91","url":null,"abstract":"Due to the rapid advancement of communication technologies, the ability to support access control to resources in open and dynamic environments is crucial. On the one hand, users demand access to resources and services in an anywhere, anytime fashion. On the other hand, additional challenges arise when ensuring privacy and security requirements of the stakeholders in dynamically changing environments. Conventional Role-based Access Control (RBAC) systems evaluate access permissions depending on the identity/role of the users who are requesting access to resources. However, this approach does not incorporate dynamically changing context information which could have an impact on access decisions in open and dynamic environments. In such environments, an access control model with both dynamic associations of user-role and role-permission capabilities is needed. In order to achieve the above goal, this paper proposes a novel policy framework for context-aware access control (CAAC) applications that extends the RBAC model with dynamic attributes defined in an ontology. We introduce a formal language for specifying our framework including its basic elements, syntax and semantics. Our policy framework uses the relevant context information in order to enable user-role assignment, while using purpose-oriented situation information to enable role-permission assignment. We have developed a prototype to realize the framework and demonstrated the framework through a healthcare case study.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130490800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}