Network Accountability 2015

 

 
SoS Logo

Network Accountability

2015

 

The term “accountability” suggests that an entity should be held responsible for its own specific actions. Once an event has transpired, the events that took place need to be traceable so that the causes can be determined afterwards. The goal of network accountability research is to provide accountability within networks and computers by building trace files of events. For the Science of Security community, it is relevant to composability, resilience, and metrics.  The research cited here was presented in 2015.


 

C. Gao and N. Iwane, “A Social Network Model for Big Data Privacy Preserving and Accountability Assurance,” Consumer Communications and Networking Conference (CCNC), 2015 12th Annual IEEE, Las Vegas, NV, 2015, pp. 19-22. doi:10.1109/CCNC.2015.7157940

Abstract: Social networks have become valuable resources of big data exploration for individual users as well as for researchers and commercial organizations. However, how to protect user privacy while assure data credibility at the same time is still a big challenge both in practice and in academic research. This study presents a social network model for the purpose of big data privacy preserving and credibility assurance. In this paper, we discuss the mechanism of the model and present practical implementation designs on achieving the goals. Applications of the model in healthcare social network are also discussed.

Keywords: Big Data; data privacy; health care; social networking (online); Big Data privacy preserving; credibility assurance; healthcare social network model; Big data; Conferences; Data models; Data privacy; Medical services; Privacy; Social network services; big data; credibility; network model; privacy; social network (ID#: 16-10487)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7157940&isnumber=7157933

 

M. Gambhir, M. N. Doja, and Moinuddin, “Novel Trust Computation Architecture for Users Accountability in Online Social Networks,” Computational Intelligence & Communication Technology (CICT), 2015 IEEE International Conference on, Ghaziabad, 2015, pp. 725-731. doi:10.1109/CICT.2015.104

Abstract: The Online Social Network (OSN) is a growing platform which enables people to get hold of news, communicate with family and old friends with whom they have lost contact, to promote a business, to invite to an event of friends and to get people to collaborate to create something magical. With the increasing popularity in OSNs, Researchers have been finding out ways to stop the negative activities over the social media by imposing the privacy settings in the leading OSNs. The privacy settings let the user to control who can access what information in his/her profile. None of these have given the entity of trust enough thought. Very less number of trust management models has been implemented in the OSNs for use by the common users. This paper proposes a new 3 Layer secured architecture with a novel mechanism for ensuring more safer online world. It provides a unique global id for each user, evaluates and computes the Trust Factor for a user, thereby measuring the credibility of a user in the OSN space.

Keywords: authorisation; data privacy; social networking (online); trusted computing; OSN; access control; layer secured architecture; online social networks; privacy settings; social media; trust computation architecture; trust factor; trust management models; users accountability; Authentication; Business; Computer architecture; Databases; Servers; Social network services; Global id; Online Social Networks; OpenID; Trust Factor; Trust management (ID#: 16-10488)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7078798&isnumber=7078645

 

R. Sathya and R. Thangarajan, “Efficient Anomaly Detection and Mitigation in Software Defined Networking Environment,” Electronics and Communication Systems (ICECS), 2015 2nd International Conference on, Coimbatore, 2015, pp. 479-484. doi:10.1109/ECS.2015.7124952

Abstract: A Computer network or data communication network is a telecommunication network that allows computers to exchange data. Computer networks are typically built from a large number of network devices such as routers, switches and numerous types of middle boxes with many complex protocols implemented on them. They need to accomplish very complex tasks with access to very limited tools. As a result, network management and performance tuning is quite challenging. Software-Defined Networking (SDN) is an emerging architecture purporting to be adaptable, cost-effective, dynamic and manageable pursuing to be suitable for the high-bandwidth, changing nature of today’s applications. SDN architectures decouples network control and forwarding functions, making network control to become directly programmable and the underlying infrastructure to be abstracted from applications and network services. The network security is a prominent feature of the network ensuring accountability, confidentiality, integrity, and protection against many external and internal threats. An Intrusion Detection System (IDS) is a type of security software designed to automatically alert administrators when someone or something is trying to compromise information system through malicious activities or through security policy violations. Security violation in SDN environment needs to be identified to prevent the system from an attack. The proposed work aims to detect the attacks on SDN environment. Detecting anomalies on SDN environment will be more manageable and efficient.

Keywords: computer network management; computer network security; software defined networking; IDS; SDN architectures; anomaly detection; anomaly mitigation; complex protocols; computer networks; data communication network; external threats; forwarding functions; internal threats; intrusion detection system; malicious activities; network accountability; network confidentiality; network control; network control functions; network devices; network integrity; network management; network performance tuning; network protection; network security; network services; security policy violations; security software; software defined networking environment; telecommunication network; Classification algorithms; Computer architecture; Computer networks; Control systems; Entropy; Feature extraction; Protocols; Entropy based detection; Feature Selection; Flow Table; Intrusion Detection System; Software Defined Networking (ID#: 16-10489)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7124952&isnumber=7124722

 

R. John, J. P. Cherian, and J. J. Kizhakkethottam, “A Survey of Techniques to Prevent Sybil Attacks,” Soft-Computing and Networks Security (ICSNS), 2015 International Conference on, Coimbatore, 2015, pp. 1-6. doi:10.1109/ICSNS.2015.7292385

Abstract: Any decentralized, distributed network is vulnerable to the Sybil attack wherein a malicious node masquerade as several different nodes, called Sybil nodes disrupting the proper functioning of the network. A Sybil attacker can create more than one identity on a single physical device in order to launch a coordinated attack on the network or can switch identities in order to weaken the detection process, thus promoting lack of accountability in the network. In this paper, different types of Sybil attacks, including those occurring in peer-to-peer reputation systems, self-organizing networks and social network systems are discussed. Also, various methods that have been suggested over time to decrease or eliminate their risk completely are also analysed.

Keywords: computer network security; Sybil attack prevention; Sybil nodes; coordinated attack; decentralized-distributed network; malicious node; peer-to-peer reputation systems; physical device; self-organizing networks; social network systems; Access control; Ad hoc networks; Computers; Peer-to-peer computing; Social network services; Wireless sensor networks; Identity-based attacks; MANET; Sybil attack (ID#: 16-10490)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7292385&isnumber=7292366

 

Z. Jafarov, “The Use of Cryptography in Network Security,” Application of Information and Communication Technologies (AICT), 2015 9th International Conference on, Rostov on Don, 2015, pp. 229-232. doi:10.1109/ICAICT.2015.7338552

Abstract: Network Security is the most vital component in information security because it is responsible for securing all information passed through networked computers. Network Security refers to all hardware and software functions, characteristics, features, operational procedures, accountability, measures, access control, and administrative and management policy required to provide an acceptable level of protection for Hardware and Software, and information in a network. Only one particular element underlies many of the security mechanisms in use: Cryptographic techniques; hence our focus is on this area Cryptography. Cryptography is an emerging technology, which is important for network security. Research on cryptography is still in its developing stages and a considerable research effort is still required for secured communication.

Keywords: authorisation; cryptography; access control; cryptographic techniques; cryptography; information security; management policy; network security; networked computers; secured communication; security mechanisms; software functions; Algorithm design and analysis; Ciphers; Communication networks; Encryption; Internet; Network Security; access control; accountability (ID#: 16-10491)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7338552&isnumber=7338496

 

J. E. Mtingwi, “Mobile Government in African Least Developed Countries (LDCs): Proposed Implementing Framework,” IST-Africa Conference, 2015, Lilongwe, 2015, pp. 1-14. doi:10.1109/ISTAFRICA.2015.7190566

Abstract: Mobile government (M-government) is being used in some developed and developing countries. It facilitates the main stakeholders and government officials to perform their responsibilities with speed and accuracy to enhance the desired transparency and accountability. The major goals of mobile E-government are to enhance accountability and to deliver essential services to general public by government officials at a reduced cost. Many Least Developed Countries (LDCs) are struggling to implement E-government but have access to mobile technologies especially cellular phones in their respective residential areas (rural and urban). The Case study for M-government Proposed Implementing framework is Malawi. Mobile network coverage in most LDCs is above 85% which means M-government is the likely alternative in areas where E-government is failing. It is important for LDCs to leapfrog E-government to M-government using the modern technologies such as mobile/wireless network and mobile devices. The research has proposed M-government Implementing Framework due to absence of a specific LDCs’ M-government implementing framework. It is important that LDCs’ leadership should ensure to shift to M-government because it does not require massive investments since private sector has already deployed the enabling infrastructures. Many government’s operations will simple and accurate. Mobile government enables stakeholders to interact with governments directly. Stakeholders will be comfortable to have their contributions to the management of governments using mobile technologies (applications and devices). LDCs governments should increase their national Information Communication Technology (ICT) budget lines and improve national ICT literacy levels. There are also relevant instruments to regulate use of mobile technologies. Culture is not a hindrance to the acquisition mobile technologies

Keywords: cellular radio; government data processing; mobile computing; African least developed countries; LDC governments; LDC leadership; Malawi; accountability; cellular phones; developing countries; general public; government officials; governments management; m-government; mobile devices; mobile e-government; mobile network coverage; mobile technologies; national ICT budget lines; national ICT literacy levels; national information communication technology budget lines; private sector; rural residential areas; stakeholders; transparency; urban residential areas; wireless network; Electronic government; Mobile communication; Mobile computing; Mobile handsets; Stakeholders; Culture; E-government; Mobile government; Mobile government framework; Mobile government interactions; Mobile government services (ID#: 16-10492)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7190566&isnumber=7190513

 

D. Shehada, Chan Yeob Yeun, M. J. Zemerly, M. Al-Qutayri, and Y. Al Hammadi, “A Secure Mobile Agent Protocol for Vehicular Communication Systems,” Innovations in Information Technology (IIT), 2015 11th International Conference on, Dubai, 2015,

pp. 92-97. doi:10.1109/INNOVATIONS.2015.7381521

Abstract: A Mobile agent (MA) is an intelligent software that performs tasks on behalf of its owner. MAs collect results migrating from one node to another. MAs have a small size and a low requirement of network bandwidth, they also reduce the load of the network making a Mobile Agent System (MAS) a preferred solution in distributed applications. Intelligent Vehicular Communication Systems are an excellent exemplary candidate for such applications. Although MAs flexibility is a great add on to application however, ensuring their security is considered a challenging task due to its network openness. In this paper, a novel Secure Mobile Agent Protocol (SMAP) dedicated for Vehicular Communication Systems is proposed. SMAP provides the essential security requirements e.g. mutual authentication, confidentiality, integrity, accountability, non repudiation and authorization. Using SMAP owner vehicles receive results as soon as they are requested and therefore, providing fast information retrieval process. Moreover, another important feature of SMAP is that unlike other protocols the loss of the MA does not necessary mean the loss of all the collected data. Furthermore, SMAP guarantees protection from many security attacks such as, Man in the Middle (MITM), replay, masquerade, modification and unauthorized access attacks. Verified using the well known formal verification tool Scyther, SMAP is proven to be a suitable protocol for securing vehicular communication links from malicious actions.

Keywords: authorisation; automobiles; cryptographic protocols; data integrity; data protection; formal verification; information retrieval; mobile agents; traffic engineering computing; vehicular ad hoc networks; MAS; MITM attack; SMAP; Scyther formal verification tool; data accountability; data authorization; data confidentiality; data nonrepudiation; distributed applications; information retrieval process; intelligent software; intelligent vehicular communication systems; man-in-the-middle attack; masquerade attack; mobile agent system; modification attack; mutual authentication; network bandwidth; network load reduction; replay attack; secure mobile agent protocol; unauthorized access attack; Authentication; Authorization; Mobile agents; Protocols; Vehicles (ID#: 16-10493)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7381521&isnumber=7381480

 

J. Wei, G. Yang, and Y. Mu, “Comments on ‘Accountable and Privacy-Enhanced Access Control in Wireless Sensor Networks,’” in IEEE Transactions on Wireless Communications , vol. 15, no. 4, pp. 3097-3099, 2015. doi:10.1109/TWC.2015.2507124

Abstract: In a recent paper (IEEE Trans. Wireless Communications, vol. 14, no. 1, 2015), He et al. proposed an accountable and privacy-enhanced access control (APAC) protocol which aimed to provide privacy for honest users against network owners and accountability against misbehaving users without the involvement of any trusted third party. However, the level of trust on the network owner has not been clearly defined in He et al.’s paper, and we demonstrate in this letter that in the case where the network owners cannot be trusted to correctly generate the system parameters, then the APAC protocol cannot ensure user privacy.

Keywords: Access control; Privacy; Protocols; Wireless communication; Wireless sensor networks; Zirconium; accountability; user privacy; wireless sensor network (ID#: 16-10494)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7350163&isnumber=4656680

 

R. Bhumkar and D. J. Pete, “Reduction of Error Rate in Sybil Attack Detection for MANET,” Intelligent Systems and Control (ISCO), 2015 IEEE 9th International Conference on, Coimbatore, 2015, pp. 1-6. doi:10.1109/ISCO.2015.7282328

Abstract: Mobile ad hoc networks (MANETs) require a unique, distinct, and persistent identity per node in order for their security protocols to be viable, Sybil attacks pose a serious threat to such networks. Fully self-organized MANETs represent complex distributed systems that may also be part of a huge complex system, such as a complex system-of-systems used for crisis management operations. Due to the complex nature of MANETs and its resource constraint nodes, there has always been a need to develop security solutions. A Sybil attacker can either create more than one identity on a single physical device in order to launch a coordinated attack on the network or can switch identities in order to weaken the detection process, thereby promoting lack of accountability in the network. In this research, we propose a scheme to detect the new identities of Sybil attackers without using centralized trusted third party or any extra hardware, such as directional antennae or a geographical positioning system. Through the help of extensive simulations, we are able to demonstrate that our proposed scheme detects Sybil identities with 95% accuracy (true positive) and about 5% error rate (false positive) even in the presence of mobility.

Keywords: emergency management; mobile ad hoc networks; protocols; telecommunication security; MANET; Sybil attack detection; complex distributed system; crisis management operation; error rate reduction; identity-based attack; mobile ad hoc network; resource constraint node; security protocol; Handheld computers; IEEE 802.11 Standard; Mobile ad hoc networks; Mobile computing; Identity-based attacks; Sybil attacks; intrusion detection; mobile ad hoc networks (ID#: 16-10495)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7282328&isnumber=7282219

 

N. Mora, S. Caballé, and T. Daradoumis, “Improving e-Assessment in Collaborative and Social Learning Settings,” Intelligent Networking and Collaborative Systems (INCOS), 2015 International Conference on, Taipei, 2015, pp. 288-293. doi:10.1109/INCoS.2015.76

Abstract: Cognitive assessment in collaborative and social learning requires assessment processes that achieve significant effect on collaborative learning and engage learners through accountability and constructive feedback. In order to design a coherent and efficient assessment system for collaborative and social learning it is necessary to design an enriched learning experience that predisposes the feedback and awareness in the group. This research focuses on e-assessment of collaborative learning and extends it with Social Network Analysis (SNA) techniques that are able to analyze and represent social network interaction during the live collaborative sessions. The interaction data extracted from social and collaborative networking must be integrated into a general assessment system to produce an efficient and personalized awareness and feedback about the collaborative activity and the social behavior of the participants. In previous work we provided a conceptual and methodological research approach of e-assessment applications and tools that meet the mentioned requirements and goals. In this paper we provide empirical data and interpretation to validate the approach.

Keywords: educational administrative data processing; groupware; social networking (online); SNA techniques; assessment processes; assessment system design; cognitive assessment; collaborative activity; collaborative learning settings; collaborative networking; e-assessment; interaction data; learners accountability; learners constructive feedback; learning experience; live collaborative sessions; personalized awareness; personalized feedback; social behavior; social learning settings; social network analysis; social network interaction; social networking; Atmospheric measurements; Collaboration; Collaborative work; Computers; Context; Peer-to-peer computing; Social network services; collaborative learning; software infrastructure; software reuse; virtualized collaborative sessions (ID#: 16-10496)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7312086&isnumber=7312007

 

N. Mora, S. Caballé, and T. Daradoumis, “A Methodology to Evaluate Complex Learning Resources to Improve e-Assessment from Collaborative and Networking Settings,” Complex, Intelligent, and Software Intensive Systems (CISIS), 2015 Ninth International Conference on, Blumenau, 2015, pp. 164-171. doi:10.1109/CISIS.2015.22

Abstract: Cognitive assessment in collaborative and social learning requires a broad perspective about learning and the involved processes. Assessment processes have a significant effect on collaborative learning because they engage learners through accountability and constructive feedback. However, in order to design a coherent and efficient assessment system for collaborative and social learning it is necessary to design an enriched learning experience that predisposes the feedback and awareness in the group. This paper focuses on e-assessment of collaborative learning and extends it with Social Network Analysis (SNA) techniques that are able to analyze and represent social network interaction during the live sessions of collaboration by using collaborative complex learning resources (CC-LR). The knowledge extracted from analyzing the large amounts of interaction data related to social and collaborative networking is then integrated into a general assessment system to produce an efficient and personalized awareness and feedback about the collaborative activity and the social behavior of the participants to ultimately enhance and improve the collaborative learning experience with CC-LRs. The conceptual and methodological research approach is provided along with the evaluation design of e-assessment applications and tools that meet the mentioned requirements and goals.

Keywords: Internet; cognition; computer aided instruction; social sciences computing; CC-LR; SNA techniques; cognitive assessment; collaborative complex learning resources; collaborative settings; complex learning resource evaluation; constructive feedback; e-assessment process; general assessment system; networking settings; social learning; social network analysis; social network interaction; Atmospheric measurements; Collaboration; Collaborative work; Context; Particle measurements; Peer-to-peer computing; Social network services; collaborative learning; software infrastructure; software reuse; virtualized collaborative sessions (ID#: 16-10497)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7185181&isnumber=7185122

 

F. Garay, E. Rosas, and N. Hidalgo, “Reliable Routing Protocol for Delay Tolerant Networks,” Parallel and Distributed Systems (ICPADS), 2015 IEEE 21st International Conference on, Melbourne, VIC, 2015, pp. 320-327. doi:10.1109/ICPADS.2015.48

Abstract: On post disaster scenarios, communication infrastructure can be seriously compromised, generating intermittent or null Internet access. Delay Tolerant Networks (DTNs) are a promising communication mechanism able to deal with connection disruptions enabling communication for affected people. DTNs forward messages through untrusted devices, which have better probability to reach destination. However, they are susceptible to attacks where participants forge their metrics in order for them to appear as a better alternative to route messages, thus most traffic is attracted to them. This problem is known as the blackhole attack. In this work we propose a routing protocol that verifies participants’ interactions using the Guy Fawkes protocol for an encounter-based routing protocol which routes messages based on the interactions of nodes. We propose a transmission ticket in order to achieve accountability in the actions of nodes. Routing decisions are based on the past tickets collected by the nodes. Our protocol creates a more reliable routing path by preventing the creation of fake interactions, and therefore blackhole attacks. Results show that our protocol reduces the number of messages attracted by malicious peers performing a blackhole attack, maintaining good delivery rates and low overhead for different network scenarios.

Keywords: Internet; delay tolerant networks; disasters; reliability; routing protocols; DTN; Guy Fawkes protocol; Internet access; blackhole attack; communication infrastructure; communication mechanism; disaster scenarios; encounter-based routing protocol; malicious peers; reliable routing protocol; route messages; routing path; traffic; Context; Measurement; Peer-to-peer computing; Routing; Routing protocols; Security; blackhole attacks; security (ID#: 16-10498)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7384311&isnumber=7384203

 

L. Bahri, B. Carminati, and E. Ferrari, “CARDS - Collaborative Audit and Report Data Sharing for A-Posteriori Access Control in DOSNs,” 2015 IEEE Conference on Collaboration and Internet Computing (CIC), Hangzhou, China, 2015, pp. 36-45. doi:10.1109/CIC.2015.18

Abstract: Accountability and transparency have been commonly accepted to deter bad acts and to encourage compliance to rules. For this, auditing has been largely, and since ancient times, adopted to ensure the well running of systems and businesses within which duties are governed by set rules. Recently, an a-posteriori approach to data access control has been investigated for information systems as well across number of critical domains (e.g., Healthcare systems). Besides, privacy advocates started calling for the necessity of accountability and transparency in managing users’ privacy in nowadays connected and proliferated web data. Following this line of thought, we suggest a system for collaborative a-posteriori access control to data dissemination in decentralized online social networks based on reporting and auditing. We demonstrate the usability of our suggested model using a real OSN graph.

Keywords: Access control; Collaboration; Data privacy; Monitoring; Peer-to-peer computing; Registers; Social network services; A-posteriori access control; Collaborative audit; Collaborative data sharing; DOSNs; Data accountability (ID#: 16-10499)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7423063&isnumber=7423045

 

T. C. Piliouras et al., “The Rise of Mobile Technology in Healthcare: The Challenge of Securing Teleradiology,” Emerging Technologies for a Smarter World (CEWIT), 2015 12th International Conference & Expo on, Melville, NY, 2015, pp. 1-6. doi:10.1109/CEWIT.2015.7338167

Abstract: There are many potential security risks associated with viewing, accessing, and storage of DICOM files on mobile devices. Digital Imaging and Communications in Medicine (DICOM) is the industry standard for the communication and management of medical imaging. DICOM files contain multidimensional image data and associated meta-data (e.g., patient name, date of birth, etc.) designated as electronic protected health information (e-PHI). The HIPAA (Health Insurance Portability and Accountability Act) Privacy Rule, the HIPAA Security Rule, the ARRA (American Recovery and Reinvestment Act), the Health Information Technology for Economic and Clinical Health Act (HITECH), and applicable state law mandate comprehensive administrative, physical, and technical security safeguards to protect e-PHI, which includes (DICOM) medical images. Implementation of HIPAA security safeguards is difficult and often falls short. Mobile device use is proliferating among healthcare providers, along with associated risks to data confidentiality, integrity, and availability (CIA). Mobile devices and laptops are implicated in wide-spread data breaches of millions of patients’ data. These risks arise in many ways, including: i) inherent vulnerabilities of popular mobile operating systems (e.g., iOS, Android, Windows Phone); ii) sharing of mobile devices by multiple users; iii) lost or stolen devices; iv) transmission of clinical images over public (unsecured) wireless networks; v) lack of adequate password protection; vi) failure to use recommended safety precautions to protect data on a lost device (e.g., data wiping); and vi) use of personal mobile devices while accessing or sharing e-PHI. Analysis of commonly used methods for DICOM image sharing on mobile devices elucidates areas of vulnerability and points to the need for holistic security approaches to ensure HIPAA compliance within and across clinical settings. Innovative information governance strategies and new security approaches are nee- ed to protect against data breaches, and to aid in the collection and analysis of compliance data. Generally, it is difficult to share DICOM images across different HIPAA-compliant Picture Archive and Communication Systems (PACS) and certified electronic health record (EHR) systems - while it is easy to share images using non-FDA approved, personal devices on unsecured networks. End-users in clinical settings must understand and strictly adhere to recommended mobile security precautions, and should be held to greater standards of personal accountability when they fail to do so.

Keywords: data integrity; data protection; electronic health records; health care; medical image processing; mobile computing; radiology; risk management; smart phones; telemedicine; CIA; DICOM image; EHR; HIPAA; HITECH; Health Information Technology for Economic and Clinical Health Act; Health Insurance Portability and Accountability Act; PACS; data confidentiality integrity and availability; digital imaging and communications in medicine; e-PHI; electronic health record; electronic protected health information; medical imaging; mobile device; mobile operating system; mobile technology; password protection; picture archive and communication systems; teleradiology; DICOM; Medical services; Mobile communication; Mobile handsets; Picture archiving and communication systems; Security; DICOM file sharing; DICOM mobile and cloud solutions; EHRs; HIPAA violation avoidance; PACS; information governance; mobile applications management; mobile device management (ID#: 16-10500)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7338167&isnumber=7338153

 

Q. H. Cao, G. Madhusudan, R. Farahbakhsh, and N. Crespi, “Usage Control for Data Handling in Smart Cities,” 2015 IEEE Global Communications Conference (GLOBECOM), San Diego, CA, USA, 2015, pp. 1-6. doi:10.1109/GLOCOM.2015.7417270

Abstract: Data in smart cities is commonly generated by a large variety of participants including institutional actors, equipment manufacturers, network operators, infrastructure providers, service providers, and end users. This data potentially undergoes several transformations such as aggregation and/or composition before finally being consumed. In this context of sharing data between diverse consumers, it is essential to provide the data producers the means by which they can exercise control over how and by whom the data is used. To date, usage control has received attention in the domains of the web and social networks, in terms of confidentiality, privacy and access control aspects. However, it has not yet been fully applied in a rigorous manner in the context of smart cites. In this paper we study usage control with the goal to address the problem of providing stakeholders more control over their data and enforcing accountable management of such data. We first propose a new data usage policy, called DUPO, which captures the diversity of obligations and constraints resulting from the usage control requirements for smart cities. Next, we apply a defeasible logic based approach on DUPO to formally define rule language, solve rule conflicts, and elaborate reasoning. We then introduce the data handling mechanism, which provides useful functionality to process consumer’s request, ensuring the accountability of the policy enforcement, and traceability of the data usage. To this end we benefit from SPINdle reasoner to implement the proposed usage control module covered main functionalities of the mechanism.

Keywords: Context; Data handling; Data models; Smart cities; Waste management; XML (ID#: 16-10501)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7417270&isnumber=7416057

 

P. Madhubala R, “Survey on Security Concerns in Cloud Computing,” Green Computing and Internet of Things (ICGCIoT), 2015 International Conference on, Noida, 2015, pp. 1458-1462. doi:10.1109/ICGCIoT.2015.7380697

Abstract: Cloud consists of vast number of servers. Cloud contains tremendous amount of information. There are various problems in cloud computing such as storage, bandwidth, environment problems like availability, Heterogeneity, scalability and security problems like reliability and privacy. Though so many efforts are taken to solve these problems there are still some security problems[1]. Ensuring security to this data is important issue in cloud Storage. Cloud computing security can be defined as broad set of technologies, policies and controls deployed to protect applications, data and corresponding infrastructure of cloud computing. Due to tremendous progress in technology providing security to customers data becomes more and more important. This paper will tell the need of third party auditor in security of cloud. This paper will give brief idea about what are the security threats in cloud computing. This paper will analyze the various security objectives such as confidentiality, integrity, authentication, auditing, accountability, availability, authorization. This paper also studies the various data security concerns such as various reconnaissance techniques, denial of service, account cracking, hostile and self-replicating codes, system or network penetration, Buffer overflow, SQL injection attack.

Keywords: cloud computing; security of data; storage allocation; cloud computing security; cloud storage; Cloud computing; Computer crime; Data privacy; Reconnaissance; Servers; Data security concerns; Security objectives; Third party audit (ID#: 16-10502)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7380697&isnumber=7380415

 

C. I. Setiawati and P. M. Pratiwi, “Conceptual Model of Citizen’s Intention Associated to E-Government and Internet Behavior: Why do Bandung Citizens Follow the Mayor’s Social Media?,” Information and Communication Technology (ICoICT ), 2015 3rd International Conference on, Nusa Dua, 2015, pp. 336-341. doi:10.1109/ICoICT.2015.7231447

Abstract: Electronic government (e-government) has begun to supplement, replace and restructure conventional system for public services delivering process. Basically, the success of the e-government implementation is depending on the government support and high willingness of citizens to accept then adopt it. User of e-government can obtain benefits such as better access to information, efficiency, citizen participation, reducing cost, accountability and transparency value in delivering public services. In actualizing citizen participation, government can create social media technologies that facilitate two direction dialogue and conversation timeless. For instance, mayor of Bandung city, Ridwan Kamil, who active in social networking sites (SNS) such as Facebook, Twitter, Youtube and Instagram to report and capture what he and his government adjust based on determined programs. Large Bandung citizens follow and enjoy his status, report and photos on social media then become an important factor that influence their intent to use the social media as the main resource to get the government’s report. Their intentions then create a behavior to participate on e-government. This way became a breakthrough initiative in attempting an open government as the form of services process in public. Research discuss regarding on citizen participation related to member government social media based on user perspective is rarely. Therefore, this research is conceptual model which aims to present what the factors of Bandung citizen’s intention to follow the Mayor’s social media. In crafting model, this research adopted Theory of Planned Behavior (TPB) approach as nearest theory regards on intention and behavior on technology using (include social media using behavior). This research used descriptive method by analyzing secondary data then proposes factors to present a complete model. This research is expected the basis for future research confirms the model by doing empirical study directly of Bandung citizens in term of the social media using behavior.

Keywords: Internet; cost reduction; public administration; social networking (online); Bandung citizens; Bandung city mayor; Facebook; Instagram; Internet behavior; SNS; TPB; Twitter; Youtube; citizen intention; citizen participation; e-government; electronic government; public service delivery; public services delivering process; secondary data; social media technologies; social media using behavior; social networking sites; theory of planned behavior approach; two direction dialogue; Cities and towns; Electronic government; Hardware; Media; Bandung; E-government; Mayor’s social media; citizen’s intention (ID#: 16-10503)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7231447&isnumber=7231384

 

S. Elena, G. Stalker, C. E. Jimenez, F. V. Schalkwyk, and M. Canares, “Open Government and Open Data a Global Perspective,” eDemocracy & eGovernment (ICEDEG), 2015 Second International Conference on, Quito, 2015, pp. 9-13. doi:10.1109/ICEDEG.2015.7114477

Abstract: Civil society organizations (CSOs) are investing in new technologies and are increasingly working in networks and coalitions (such as Open Parliament, Open Contracting and Open Government) to develop standards for effective accountability through transparency and disclosure. These initiatives hold the promise of transforming the way government and societies work together to improve governance. There is therefore an opportunity to better support those governments seeking to commit to transparency through international eGovernment initiatives. Similarly, there is an opportunity to leverage the increased understanding of the role of technology including the public release of government data in enhancing disclosure and public access to information, and to build the capacity of the CSOs to connect best practice with transparency reforms. However, in line with the vision of open government, the benefits to citizens should always take precedence over other returns when designing and developing software systems, and this involves new and innovative software architectures.

Keywords: government data processing; software architecture; CSO; civil society organization; global perspective; international egovernment initiatives; open data; open government; transparency reform; Africa; Government; Law; Monitoring; Tutorials (ID#: 16-10504)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7114477&isnumber=7114453

 

C. Techapanupreeda, R. Chokngamwong, C. Thammarat, and S. Kungpisdan, “An Accountability Model for Internet Transactions,” Information Networking (ICOIN), 2015 International Conference on, Cambodia, 2015, pp. 127-132. doi:10.1109/ICOIN.2015.7057869

Abstract: Internet transaction is increasing significantly due to very fast grown of mobile devices, electronic commerce, and electronic records. Many researchers proposed several protocols to analyze the accountability in Internet transaction. In this paper we propose accountability model and protocol in Internet transaction that have advantages over existing protocols and satisfies essential security properties: Confidentiality, Integrity, Authorization, Authentication, Non-repudiation, Liability and Responsiveness. The protocol is designed using asymmetric cryptography and hash function to ensure that it meets all above accountability properties. The proposed protocol is also analyzed and compared with existing accountability protocols.

Keywords: Internet; cryptographic protocols; electronic commerce; mobile computing; mobile handsets; Internet transactions; accountability model; accountability properties; accountability protocols; asymmetric cryptography; electronic commerce; electronic records; hash function; mobile devices; security properties; Authentication; Authorization; Electronic commerce; Protocols; Public key; Accountability; Liability; Network Security; Payment Protocol; Responsiveness; Security Protocols (ID#: 16-10505)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057869&isnumber=7057846

 

H. Ulusoy, M. Kantarcioglu, E. Pattuk, and L. Kagal, “AccountableMR: Toward Accountable MapReduce Systems,” Big Data (Big Data), 2015 IEEE International Conference on, Santa Clara, CA, 2015, pp. 451-460. doi:10.1109/BigData.2015.7363786

Abstract: Traditional security techniques (e.g., authorization and encryption) have been extensively used in data management systems to provide security and privacy for many years. However, recent security breaches (e.g., WikiLeaks) showed that even if perfect access control is achieved, malicious insiders can still infer sensitive information and can misuse this sensitive information. To address this issue, accountability is introduced to deter inappropriate use of data through provision of usage control, privacy-aware interfaces, and careful monitoring and auditing. In this paper, we propose an accountable MapReduce architecture, where specific data usage is allowed after fine-grained transparent authorizations (i.e., individual record level), and such data usage are subject to effective accountability assessments by those who seek to assure privacy and security policy compliance. Our architecture enhances the MapReduce systems with the purpose concept (i.e., usage restrictions), authorize the users in fine-grained manner, and verifies the output of previously run jobs at post authorization time for detecting authorization and purpose breaches. Our empirical results show that in combination with traditional security features, AccountableMR can efficiently enhance the security and accountability of MapReduce model.

Keywords: authorisation; cryptography; data handling; parallel processing; software architecture; AccountableMR; MapReduce architecture; access control; authorization; data management system; encryption; Authorization; Data privacy; IP networks; Organizations; Privacy (ID#: 16-10506)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7363786&isnumber=7363706

 

J. Lebrón, K. Escalante, J. Coppola, and C. Gaur, “Activity Tracker Technologies for Older Adults: Successful Adoption via Intergenerational Telehealth,” Systems, Applications and Technology Conference (LISAT), 2015 IEEE Long Island, Farmingdale, NY, 2015, pp. 1-6. doi:10.1109/LISAT.2015.7160200

Abstract: Over the last few decades, telehealth has emerged as another segment of the healthcare continuum. People are now able to gain more control over the care that is provided to them because telehealth technologies allow people to monitor and report the data that is collected to their healthcare providers. It is the providers of healthcare who then interpret the results and take necessary action. This study will observe how the provision of a wireless activity tracker influences the conscious health attitudes and behaviors in a sample of elderly participants who reside in an assisted living facility. This study will focus on the attitudes of the participants as determined by a self-report before the launch of an eight-week telehealth program, as well as at the conclusion of the program. To measure health behaviors, data was collected in regards to weight and blood pressure, as well as daily steps taken, calories burned, and distance travelled. This study is unique, thus any findings should be further studied and developed to better understand the efficacy, as well as outcomes of introducing a wireless activity tracker to any telehealth program. All information that was collected was with the consent of each individual resident, in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The information collected by the wireless activity tracker was synchronized to the Fitbit® website (fitbit.com). The health vitals were taken by using a Bluetooth scale and an automated blood pressure cuff. The information was then recorded by the college students and entered into MyHealthPoint charts (myhealthpoint.com). This paper is to present the information gathered regarding the resident’s weight and blood pressure; steps taken, calories burned, and distance travelled; demographics; various health conditions, as well as each resident’s opinions regarding the activity tracker and the program in general. The goal of the research is to see how participants respond to the use of the wireless activity trackers and how the use of such a device affects their conscious health decisions and ultimately, the health of the residents.

Keywords: Bluetooth; biomedical telemetry; blood pressure measurement; geriatrics; health care; patient monitoring; telemedicine; wireless sensor networks; Bluetooth scale; Fitbit website; Health Insurance Portability-and-Accountability Act 1996; MyHealthPoint charts; activity tracker technologies; automated blood pressure cuff; conscious health decisions; data collection; demographics; healthcare continuum; intergenerational telehealth technologies; older adults; time 8 week; wireless activity tracker; Aging; Assisted living; Biomedical monitoring; Blood pressure; Monitoring; Wireless communication; elderly; gerontechnology; gerotechnology; remote patient monitoring (RPM); senior citizen; telemedicine (ID#: 16-10507)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7160200&isnumber=7160171

 

M. A. Khan and K. M. Shahriar, “ASTERISK Based Open Source IP-PBX System for Accountable Customer Support Service,” Computational and Business Intelligence (ISCBI), 2015 3rd International Symposium on, Bali, 2015, pp. 85-88. doi:10.1109/ISCBI.2015.22

Abstract: Customer support service has now become an integral part of every large enterprise since customer satisfaction is largely determined by the quality of service he/she receives after purchase of a product/service. Traditionally legacy phone based PBX systems are deployed to provide customer support service where operators are appointed to receive calls and respond to customers’ queries or complaints. Unfortunately such a system severely lacks accountability from the support service personnel. There are often cases such as operator is not in his desk while the phone is ringing or may deliberately leave the phone unattended, misbehaving with customers, not registering complaints and doing the necessary follow-ups etc. There is very little system support for the management to monitor and track such inappropriate conducts from the support service employees. However all these desirable features can be achievable if the legacy PBX system is replaced by an IP-PBX system. In this paper, we propose a solution for accountable customer support service using Asterisk based open source IP-PBX system. Being open source, Asterisk given the flexibility to create rich features set for customer support service at a very low cost.

Keywords: Internet telephony; customer satisfaction; customer services; private telephone exchanges; quality of service; Asterisk based open source IP-PBX system; accountable customer support service; customer complaints; customer queries; customer satisfaction; large enterprise; legacy phone based PBX systems; private branch exchange; quality of service; support service employees; support service personnel; Artificial intelligence; Customer satisfaction; IP networks; Media; Servers; Telephony; Asterisk; Call escalation; Customer support service; IP-PBX system; Open source (ID#: 16-10508)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7383542&isnumber=7383520

 

M. M. Bany Taha, S. Chaisiri, and R. K. L. Ko, “Trusted Tamper-Evident Data Provenance,” Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 646-653. doi:10.1109/Trustcom.2015.430

Abstract: Data provenance, the origin and derivation history of data, is commonly used for security auditing, forensics and data analysis. While provenance loggers provide evidence of data changes, the integrity of the provenance logs is also critical for the integrity of the forensics process. However, to our best knowledge, few solutions are able to fully satisfy this trust requirement. In this paper, we propose a framework to enable tamper-evidence and preserve the confidentiality and integrity of data provenance using the Trusted Platform Module (TPM). Our framework also stores provenance logs in trusted and backup servers to guarantee the availability of data provenance. Tampered provenance logs can be discovered and consequently recovered by retrieving the original logs from the servers. Leveraging on TPM’s technical capability, our framework guarantees data provenance collected to be admissible, complete, and confidential. More importantly, this framework can be applied to capture tampering evidence in large-scale cloud environments at system, network, and application granularities. We applied our framework to provide tamper-evidence for Progger, a cloud-based, kernel-space logger. Our results demonstrate the ability to conduct remote attestation of Progger logs’ integrity, and uphold the completeness, confidential and admissible requirements.

Keywords: cloud computing; data analysis; digital forensics; file servers; trusted computing; Progger log integrity; TPM; backup server; cloud environments; cloud-based logger; data provenance confidentiality; data provenance integrity; forensic process analysis; kernel-space logger; provenance logger integrity; security auditing; trusted platform module; trusted server; trusted tamper-evident data provenance; Cloud computing; Generators; Kernel; Reliability; Runtime; Servers; Virtual machining; Accountability in Cloud Computing; Cloud Computing; Data Provenance; Data Security; Remote Attestation; Tamper Evidence; Trusted Computing; Trusted Platform Module (ID#: 16-10509)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345338&isnumber=7345233

 

S. D. Taru and V. B. Maral, “Object Oriented Accountability Approach in Cloud for Data Sharing with Patchy Image Encryption,” Advances in Computing, Communications and Informatics (ICACCI), 2015 International Conference on, Kochi, 2015, pp. 1688-1693. doi:10.1109/ICACCI.2015.7275856

Abstract: Cloud computing presents a new approach for delivery model and consumption of different IT services based on internet. Highly scalable and virtualized resources are provided as a service on demand basis. Cloud computing provides flexibility for deploying applications at lower cost while increasing business agility. The main feature of using cloud services is that user’s data are more often processed at remote machines which are unknown to user. As user do not own these remote machine used for speed up data processing or operate them in cloud, users can lose control of own confidential data. Despite of all of advantages of cloud this remains a challenge and acts as a barrier to the large scale adoption of cloud. To address above problem in this paper we present object oriented approach that performs automated logging mechanism to ensure any access to user’s data will trigger authentication with use of decentralized information accountability framework called as CIA (Cloud Information Accountability) [1]. We use the JAR (JAVA Archive File) programmable capabilities to create dynamic travelling object containing user’s data. To strengthen the distributed data security we use the chaos image encryption technique specific to image files. Chaos is patchy image encryption technique based on pixel shuffling. Randomness of the chaos is made utilized to scramble the position of the pixel of image.

Keywords: Java; chaos; cloud computing; cryptography; image coding; message authentication; object-oriented programming; CIA; JAR; JAVA archive file; automated logging mechanism; chaos image encryption technique; cloud computing; cloud information accountability; data sharing; distributed data security; object oriented accountability approach; pixel shuffling; user authentication; Authentication; Chaos; Ciphers; Cloud computing; Encryption; Accountability; Chaos encryption; Cloud computing; Data sharing; Logging mechanism (ID#: 16-10510)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7275856&isnumber=7275573

 

S. Rao, S. N. Suma, and M. Sunitha, “Security Solutions for Big Data Analytics in Healthcare,” Advances in Computing and Communication Engineering (ICACCE), 2015 Second International Conference on, Dehradun, 2015, pp. 510-514. doi:10.1109/ICACCE.2015.83

Abstract: Today data is a strategic asset and organizational goal is to maximize the value of their information. A growing number of companies are using technology to store and analyze petabytes of data including web logs, click stream data and social media content to gain better insights about their customers and their business. Big Data analytics provides enormous competitive advantage for corporations, helping the businesses, tailor their products to consumer needs. Big data in healthcare refers to electronic health data sets that are related to patient healthcare and well-being. In healthcare sector the privacy and security issues of big data are a major concern as data is bound by international regulations like the Health Insurance Portability and Accountability Act (HIPAA), The Health Information Technology for Economic and Clinical Health (HITECH), HCSC, FTC (Federal Trade Commission) etc. In Hospital Information System the applications/modules that are impacted by big data are genomics, pharmacovigilance, patient care etc. The aim of this paper is to present various viable security solutions to harness the potential of big data pertaining to healthcare in a highly regulated environment.

Keywords: Big Data; data analysis; health care; medical information systems; security of data; social networking (online); FTC; Federal Trade Commission; HCSC; HIPAA; HITECH; Health Insurance Portability and Accountability Act; The Health Information Technology for Economic and Clinical Health; Web logs; big data analytics; big data privacy issues; big data security issues; consumer needs; electronic health datasets; healthcare sector; hospital information system; organizational goal; patient healthcare; patient well-being; pharmacovigilance; security solutions; social media content; Big data; Business; Data models; Data privacy; Databases; Medical services; Security; Big Databases; De-Identification; Encryption; Healthcare Analytics; Jujutsu Security; Masking (ID#: 16-10511)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7306738&isnumber=7306547   

 


Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.