2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications最新文献

{"title":"Platform Zero: A Context-Based Computing Platform for Collaboration","authors":"A. Muhlbauer, Timothy Zelinsky, S. Kanhere","doi":"10.1109/TrustCom.2013.172","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.172","url":null,"abstract":"We present a real-time, context aware platform that promotes information-centric, natural interactions between many different personal computing devices. Our system allows devices to intelligently interpret the context they operate in to better serve the user. Moreover, our platform supports a rapidly emerging trend in computing, wherein, a single user simultaneously uses multiple devices in unison (computer, smartphone, tablet) to complete a particular task. Our platform can use current device context to sense collaboration between devices and users, automatically annotating information to improve future retrieval. Through removing the perceived borders between devices, our system aims to create a seamless information sharing experience in a multi-device, multi-user environment. Our reference implementation supports Apple iOS devices and OSX computers. Moreover, we present extensive evaluations to demonstrate its efficacy.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134068457","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Securing Mobile Mashups with SCCM","authors":"Florent Batard, K. Boudaoud, M. Riveill","doi":"10.1109/TrustCom.2013.27","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.27","url":null,"abstract":"Today, creation of basic mobile widget mashups is a straightforward task. However, designing mobile mashups that are actually secure to use remains very challenging. In this paper, we discuss the security risks introduced by mobile mashups and then propose a platform independent architecture called SCCM for securing this type of mashups. SCCM has been implemented on an Android platform, and the results of our security evaluations are encouraging.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115080563","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Trust Inference Computation for Online Social Networks","authors":"Sana Hamdi, A. Bouzeghoub, Alda Lopes Gançarski, S. Yahia","doi":"10.1109/TrustCom.2013.240","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.240","url":null,"abstract":"Trust has become one of the most important issues in online social Networks. In fact, the basic idea of trust systems is to help users and allow them to rate each other even without being direct neighbors. In this case, the idea is to derive a trust value for a given user, which can assist other users in deciding whether a given user is trustful or not. We investigate the properties of trust propagation on networks, based on the notion of transitivity, and we introduce the TISoN model to generate and evaluate Trust Inference within online Social Networks. This paper highlights on these two main contributions: (i) a novel Trust Paths' Searching algorithm where we define neighbors priority based on their direct trust degrees and then select trusted paths while controlling the path length, (ii) a Trust Inference Measuring algorithm TIM to build a trust network. Experimental results with data from the Advogato.com show that our work generates high quality results.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114662694","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Probabilistic Analysis of Parallel Program with Partially Eliminated Barriers","authors":"N. Yonezawa, Ken'ichi Katou, I. Kino, K. Wada","doi":"10.1109/TrustCom.2013.228","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.228","url":null,"abstract":"Since barrier synchronization is a simple means to guarantee the order of data producing and data consuming, it is often used in parallel programs. However, barrier synchronization causes the processors' idle time to increase. To reduce the overhead of barrier synchronization, we have proposed an algorithm which eliminates barrier synchronizations and evaluated its validity experimentally in our previous study. In this paper, we model the behavior of parallel programs and proposed a dependency matrix to represent dependencies among processors. Using the behavioral model, we evaluated the execution time of parallel programs which have three typical dependency patterns. Based on results, we found that 1) if a processors depends on less other processors, the obtained effect of eliminating barriers is higher, 2) even if the number of directly-depended processors is the same between two dependency patterns, less indirectly-depended processors in all previous phases provide more effect of eliminating barriers.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"9 14","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114085570","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Energy-Performance Modeling and Optimization of Parallel Computing in On-Chip Networks","authors":"Shuai Zhang, Zhiyong Liu, Dongrui Fan, Fenglong Song, Mingzhe Zhang","doi":"10.1109/TrustCom.2013.107","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.107","url":null,"abstract":"This paper discusses energy-performance trade-off of networks-on-chip with real parallel applications. First, we propose an accurate energy-performance analytical model that conduct and analyze the impacts of both frequency-independent and frequency-dependent power. Second, we put together the communication overhead, memory access overhead, frequency scaling, and core count scaling to quantify the performance and energy consumed by NoCs. Third, we propose a new energy-performance optimization method, by choosing a pair of frequency and core count to get optimal energy or performance. Finally, we implement eight PARSEC parallel applications to evaluate our model and the optimization method. The experiment result confirms that our model predicts NoCs energy and performance well, and selects correct frequency level and core count for most parallel applications.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114471604","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Enhanced Method for the Signature Adaptability to the Application Behavior","authors":"Alvaro Wong, Dolores Rexachs, E. Luque","doi":"10.1109/TRUSTCOM.2013.152","DOIUrl":"https://doi.org/10.1109/TRUSTCOM.2013.152","url":null,"abstract":"Predicting performance of parallel applications using benchmarks is becoming more complex. Each parallel application has different behavior and it is difficult to know which is the benchmark that most closely resembles the application, therefore the benchmarks have a low representativeness of real programs. We are proposing the users to predict the performance of their applications by generating a signature using a method called Parallel Application Signature for Performance Prediction (PAS2P), which represents the core of their applications. We are presenting an enhanced method for the signature adaptability to the application behavior. Until now, phases were considered independently, each one had a checkpoint, but now we analyze whether they are contiguous and can form a group. This is done by decreasing the storage needed for the signature, slightly increasing the signature execution time in order to predict the performance of the applications thus compensating the execution time of the signature and its size (MB). We show results from building different signatures for the same applications to allow the user to select between different options in order to create the signature.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116738568","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Profiling Phishing Email Based on Clustering Approach","authors":"I. R. A. Hamid, J. Abawajy","doi":"10.1109/TrustCom.2013.76","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.76","url":null,"abstract":"In this paper, an approach for profiling email-born phishing activities is proposed. Profiling phishing activities are useful in determining the activity of an individual or a particular group of phishers. By generating profiles, phishing activities can be well understood and observed. Typically, work in the area of phishing is intended at detection of phishing emails, whereas we concentrate on profiling the phishing email. We formulate the profiling problem as a clustering problem using the various features in the phishing emails as feature vectors. Further, we generate profiles based on clustering predictions. These predictions are further utilized to generate complete profiles of these emails. The performance of the clustering algorithms at the earlier stage is crucial for the effectiveness of this model. We carried out an experimental evaluation to determine the performance of many classification algorithms by incorporating clustering approach in our model. Our proposed profiling email-born phishing algorithm (ProEP) demonstrates promising results with the RatioSize rules for selecting the optimal number of clusters.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123308106","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Private Multiparty Set Intersection Protocol in Rational Model","authors":"K. Emura, A. Miyaji, Mohammad Shahriar Rahman","doi":"10.1109/TrustCom.2013.54","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.54","url":null,"abstract":"Privacy-preserving set intersection protocol is desirable for many practical applications. Malicious and semi-honest adversarial models in cryptographic settings have been considered mostly to design such protocols for privacy-preserving set intersection. In a semi-honest or malicious model an adversary is assumed to follow or arbitrarily deviate from the protocol, respectively. Protocols in semi-honest model can utilize cheaper cryptographic primitives, but that comes with a cost of weaker security. On the other hand, strong security is guaranteed by the malicious model whereby expensive cyptographic primitives are required. However, achieving a desired level of privacy with efficient computation is what we need for practical implementations. In this paper, we address the multiparty private set intersection problem using simple cryptographic primitives, in which each of the N parties learns no elements other than the intersection of their N private datasets. The private set intersection is constructed in game-theoretic model, where instead of being semi-honest or malicious the parties are viewed as rational and are assumed (only) to act in their own self-interest. We consider both single player deviation and coalitions, and show that our protocol satisfies computational strict Nash equilibrium.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123317556","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Integrating Trust with Cryptographic Role-Based Access Control for Secure Cloud Data Storage","authors":"Lan Zhou, V. Varadharajan, M. Hitchens","doi":"10.1109/TrustCom.2013.69","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.69","url":null,"abstract":"There has been a recent trend in storing data in cloud due to the increasing amount of users' data and associated benefits such as on-demand access and scalability. Role-based access control (RBAC) provides a flexible way for data owners to manage and share their data in cloud. To enforce the access control policies in the cloud, cryptographic RBAC schemes have been developed, which combine cryptographic techniques and access control to protect the privacy of the data in an outsourced environment. Using these cryptographic schemes, the owner of data can encrypt the data in such a way that only the users with appropriate roles as specified by a role-based access control policy can decrypt and view the data. However these cryptographic approaches do not address the issues of trust when enforcing the access policies. The issue of trust is critical in cloud storage systems, the stored data in the cloud is secure under the assumptions that roles are properly administered by trusted authorities, roles manage the user membership in a trusted manner and qualified users also behave in a trusted manner. In this paper, we propose a trust model to reason about and improve the security for stored data in cloud storage systems that use cryptographic RBAC schemes. The trust model provides an approach for the owners to determine the trustworthiness of individual roles in the RBAC system. The data owners can use the trust models to decide whether to store their encrypted data in the cloud for a particular role. The proposed trust model takes into account role inheritance and hierarchy in the evaluation of trustworthiness of roles. In addition, we present a design of a trust-based cloud storage system which shows how the trust model can be integrated into a system that uses cryptographic RBAC schemes. We have also described the relevance of the proposed trust model by considering practical application scenarios and illustrated how the trust evaluations can be used to reduce the risks and enhance the quality of decision making by data owners of cloud storage service.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124696185","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Privacy-Enhanced Keyword Search in Clouds","authors":"Miao Zhou, Y. Mu, W. Susilo, M. Au","doi":"10.1109/TrustCom.2013.56","DOIUrl":"https://doi.org/10.1109/TrustCom.2013.56","url":null,"abstract":"The advent of cloud computing has dramatically changed the IT scene, as it offers cost savings and improvements to major operations. Nevertheless, the major obstacle relies on the effort on how to secure sensitive data files that are outsourced to the cloud environment. To ensure confidentiality, the sensitive data are usually encrypted prior to being outsourced. Nevertheless, effective data utilization remains a challenging task and there is a clear need for a secure and efficient searching mechanism over the encrypted data in the cloud, to increase the us-ability of the secure cloud environment. Unfortunately, existing work in the area of secure searching in the outsourcing scenario usually incur high computational complexity, which makes the approach impractical. In this paper, we take one step ahead by proposing an efficient keyword search scheme for cloud computing. Our solution is very lightweight, and it enables efficient multi-user keyword search over outsourced data files in the cloud environment, without leaking any private information about both the data owner and users in the search query. We formally define the security requirements and prove that our scheme is secure under a simple assumption in the standard model.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123556951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}