2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications最新文献

{"title":"Key Privacy in McEliece Public Key Cryptosystem","authors":"Qiang Wang, X. Qiu, Quan Zhang, Chaojing Tang","doi":"10.1109/TrustCom.2011.109","DOIUrl":"https://doi.org/10.1109/TrustCom.2011.109","url":null,"abstract":"the research on the anonymity of original McEliece PKC points out that the original McEliece PKC fails to hold the property of key privacy. A novel semantically secure variant of McEliece PKC is proposed, and proved its anonymity formally in standard model. As far as we know, this is the first attempt to investigate the property of key privacy in McEliece PKC in literature.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122252973","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Enhancing Flexibility of TCG's TNC through Layered Property Attestation","authors":"Aimin Yu, Shijun Zhao","doi":"10.1109/TrustCom.2011.98","DOIUrl":"https://doi.org/10.1109/TrustCom.2011.98","url":null,"abstract":"TCG's trusted network connect (TNC) architecture improves network security through remote attestation. However, because of the deficiencies of existing binary attestation and property attestation, current TNC is not flexible and privacy-friendly enough to be used in a large scale network environment such as Internet. Aiming at these problems, this paper firstly analyzes the relations among system properties in the context of TCG-based remote attestation and proposes a new property relation model. Then a layered property attestation framework is proposed based on this model. Finally these ideas are used in the design of a real trusted network connect system. It is shown that the verifier need only obtain and verify the specific integrity measurement that he is interested in and the privacy of the attester's configuration is protected reasonably.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"99 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124086168","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards Scalable, Fine-Grained, Intrusion-Tolerant Data Protection Models for Healthcare Cloud","authors":"Lingfeng Chen, D. Hoang","doi":"10.1109/TrustCom.2011.19","DOIUrl":"https://doi.org/10.1109/TrustCom.2011.19","url":null,"abstract":"Despite cloud computing has been widely adopted by most industries, the healthcare industry still reveals a slow development in cloud-based solution due to the raising of user fear that their confidential health data or privacy would leak out in the cloud. To allay users' concern of data control, data ownership, security and privacy, we propose a robust data protection framework which is surrounded by a chain of protection schemes from access control, monitoring, to active auditing. The framework includes three key components which are Cloud-based Privacy-aware Role Based Access Control (CPRBAC) model, Triggerable Data File Structure (TDFS), and Active Auditing Scheme (AAS) respectively. Our schemes address controllability, trace ability of data and authorize access to healthcare system resource. Data violation against access control policies can be proactively triggered to perform corresponding defense mechanisms. Our goal is to bring benefits of cloud computing to healthcare industries to assist them improve quality of service and reduce the cost of overall healthcare.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126010897","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Autonomous Parameter and Schedule Configuration for TDMA-Based Communication Protocols Such as FlexRay","authors":"Patrick Heinrich, D. Eilers, R. Knorr, M. Königer, Bernd Niehoff","doi":"10.1109/TrustCom.2011.168","DOIUrl":"https://doi.org/10.1109/TrustCom.2011.168","url":null,"abstract":"One goal of research activities is finding ways to manage the growing complexity of embedded systems using self-configuration methods. While autonomous configuration could potentially be used in safety-critical and real-time systems, the basic requirements are not yet in place. This paper will outline a concept for the real autonomous configuration of TDMA-based communication processes, which currently does not exist. The paper initially addresses the TDMA-specific framework conditions and a potential solution. The issue of the mandatory a-priori known schedule is resolved using a generic schedule, because a simple method based on \"free-slot-reserved-for-further-nodes\" is not feasible. The most difficult part - the startup - was implemented through the generic schedule and an ID-based collision resolution process. To demonstrate the viability of the concept, the configuration method was implemented using a Flex Ray communication system. This also satisfied the goal of eliminating the need for additional hardware and preserving the fault tolerant multimaster structure of the Flex Ray system. The functionality of the concept was validated under different scenarios. The configuration times were analyzed, the results of which are also detailed here.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"65 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126047223","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Holistic Solution for Confining Insider Attacks in Wireless Sensor Networks Using Reputation Systems Coupled with Clustering Techniques","authors":"Z. Bankovic, Jose M. Moya, J. C. Vallejo, D. Fraga, P. Malagón","doi":"10.1109/TrustCom.2011.12","DOIUrl":"https://doi.org/10.1109/TrustCom.2011.12","url":null,"abstract":"The most serious obstacle in further proliferation of wireless sensor networks is their low level of security, where the insider attacks are the most challenging issue. In this work we propose a holistic solution for detecting and confining insider attacks that couples reputation systems with clustering techniques, namely unsupervised genetic lgorithm and self-organizing maps, trained for detecting outliers in data. The novelty of this work is the redundancy in detecting agents, their evaluation based on the majority voting and the calculation of the reputation as the average value, which makes it more robust to different attack scenarios and their parameter variations. The algorithms use the feature space based on sequences of sensor outputs (both temporal and spatial), as well as the routing paths used to forward the data to the base station, and designed with the idea of introducing the ability to detect a wide range of attacks. The solution performs both attack detection and recovery from attacks, and it offers many benefits: scalable solution, fast response to adversarial activities, ability to detect unknown attacks, high adaptability and high ability in detecting and confining attacks.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"145 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124730009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Quantitative Approach to Triaging in Mobile Forensics","authors":"F. Marturana, G. Me, R. Berte, S. Tacconi","doi":"10.1109/TrustCom.2011.75","DOIUrl":"https://doi.org/10.1109/TrustCom.2011.75","url":null,"abstract":"Forensic study of mobile devices is a relatively new field, dating from the early 2000s. The proliferation of phones (particularly smart phones) on the consumer market has caused a growing demand for forensic examination of the devices, which could not be met by existing Computer Forensics techniques. As a matter of fact, Law enforcement are much more likely to encounter a suspect with a mobile device in his possession than a PC or laptop and so the growth of demand for analysis of mobiles has increased exponentially in the last decade. Early investigations, moreover, consisted of live analysis of mobile devices by examining phone contents directly via the screen and photographing it with the risk of modifying the device content, as well as leaving many parts of the proprietary operating system inaccessible. The recent development of Mobile Forensics, a branch of Digital Forensics, is the answer to the demand of forensically sound examination procedures of gathering, retrieving, identifying, storing and documenting evidence of any digital device that has both internal memory and communication ability [1]. Over time commercial tools appeared which allowed analysts to recover phone content with minimal interference and examine it separately. By means of such toolkits, moreover, it is now possible to think of a new approach to Mobile Forensics which takes also advantage of \"Data Mining\" and \"Machine Learning\" theory. This paper is the result of study concerning cell phones classification in a real case of pedophilia. Based on Mobile Forensics \"Triaging\" concept and the adoption of self-knowledge algorithms for classifying mobile devices, we focused our attention on a viable way to predict phone usage's classifications. Based on a set of real sized phones, the research has been extensively discussed with Italian law enforcement cyber crime specialists in order to find a viable methodology to determine the likelihood that a mobile phone has been used to commit the specific crime of pedophilia, which could be very relevant during a forensic investigation.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128648409","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Migration to Cloud as Real Option: Investment Decision under Uncertainty","authors":"Chew-Yean Yam, A. Baldwin, S. Shiu, C. Ioannidis","doi":"10.1109/TrustCom.2011.130","DOIUrl":"https://doi.org/10.1109/TrustCom.2011.130","url":null,"abstract":"If cloud is so good then why aren't companies using it more? In this paper we look at how companies should make a decision to move some IT services or their IT infrastructure into the cloud. The move may initially look attractive in that it offers cost benefits but there is also considerable uncertainty, not least around security and information stewardship. Within the paper we propose the use of a real option model to help think about when to switch to cloud based on the expected benefits, uncertainties and the value a company puts on money.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127413337","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards Context-Aware Service-Oriented Semantic Reputation Framework","authors":"R. Alnemr, Maxim Schnjakin, C. Meinel","doi":"10.1109/TrustCom.2011.47","DOIUrl":"https://doi.org/10.1109/TrustCom.2011.47","url":null,"abstract":"Reputation has been explored in diverse disciplines such as artificial intelligence, electronic commerce, peer-to-peer network, and multi-agent systems. Recently it has been a vital component for ensuring trust in web services and service oriented architecture domains. In this paper, we show details about our context-aware reputation framework. The framework is based on our semantic representation model for reputation called Reputation Object (RO) model. We discuss the advantages and propositions to construct such framework, its components, and how it is implemented. The importance of developing and using such generic reputation framework is highlighted within the emergence of the Semantic Web and service oriented architecture.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130744111","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Data Simulator for ZigBee-Base Wireless Sensor Network System","authors":"Kim-Yung Lu","doi":"10.1109/TrustCom.2011.236","DOIUrl":"https://doi.org/10.1109/TrustCom.2011.236","url":null,"abstract":"This paper presents a data simulator used to generate the test data of a specified instrument. The aim is focused on helping the user to quickly establish a wireless sensor network system. The proposed system includes a system simulator, an instrument definition module, and a network monitor module. System functions include network parameter setting, real-time system status sensing and data collecting. Applying the proposed model user can easily define the specifications of the corresponding digital instrument and then simulates the instrument in a PC. The proposed system enables user to quickly test the established wireless sensor network (WSN) system without installing the practical instruments.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126370258","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Comparative Analysis of Power Consumption in the Implementation of Arithmetic Algorithms","authors":"A. Faria, Leandro Pfleger de Aguiar, D. S. D. Lara, A. Loureiro","doi":"10.1109/TrustCom.2011.256","DOIUrl":"https://doi.org/10.1109/TrustCom.2011.256","url":null,"abstract":"Historically, energy management in computer science has been predominantly treated as an activity of hardware optimization. A great deal of the effort in this area is concentrated on component activation, deactivation, and resource scheduling in order to provide a reduction of total power consumption. This work focuses on the study of power consumption from the developer's point of view, using a reliable power measurement framework to validate the literature's premise that programming options, such as multiplication operations, are high consumers of power energy. Besides some elementary operations and authors' suggestions about alternatives for power consumption reduction on the programming stage, we also compare and evaluate two well-known and widely applied algorithms for large number multiplication: Karatsuba and Toom-Cook. The obtained results provide guidelines to the developer in the programming phase to choose, in some cases, the best technique to reduce power consumption, speed up the software, and establish a maximum power limit for the completed software.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121446594","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}