Pervasive computing infrastructure is highly distributed and it is essential to develop security mechanisms that enhance the security of the system by distributing trust among the various infrastructure components. We present a novel access control architecture explicitly designed to distribute trust that combines threshold cryptography, multi-layer encryption, and mediated access to contextual data to support dynamically changing access control permissions. We present several models of our access control infrastructure and evaluate how well each design distributes trust and limits the behavior of misbehaving components. We also simulate the behavior of our threshold based access control scheme and evaluate the overhead of each infrastructure model.
{"title":"An Access Control Architecture for Distributing Trust in Pervasive Computing Environments","authors":"Raquel L. Hill, J. Al-Muhtadi, William E. Byrd","doi":"10.1109/EUC.2010.110","DOIUrl":"https://doi.org/10.1109/EUC.2010.110","url":null,"abstract":"Pervasive computing infrastructure is highly distributed and it is essential to develop security mechanisms that enhance the security of the system by distributing trust among the various infrastructure components. We present a novel access control architecture explicitly designed to distribute trust that combines threshold cryptography, multi-layer encryption, and mediated access to contextual data to support dynamically changing access control permissions. We present several models of our access control infrastructure and evaluate how well each design distributes trust and limits the behavior of misbehaving components. We also simulate the behavior of our threshold based access control scheme and evaluate the overhead of each infrastructure model.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133179813","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Partially reconfigurable hardware accelerators enable the offloading of computative intensive tasks from software to hardware at runtime. Beside handling the technical aspects, finding a proper reconfiguration point in time is of great importance for the overall system performance. Determination of a suitable point of reconfiguration demands the evaluation of performance degradation during runtime reconfiguration and expected performance benefit after reconfiguration. Three different approaches to determine a proper point of reconfiguration are discussed. Delays and weighted transitions are used to reduce the number of reconfigurations while keeping system performance at a maximum. Evaluation is done with a simulation model of a runtime reconfigurable network coprocessor. Results show that the number of reconfigurations can be reduced by about 35% for a given application scenario. By optimizing runtime reconfiguration decisions, the overall system performance is even higher than compared to pure threshold based reconfiguration decision schemes.
{"title":"Optimizing Runtime Reconfiguration Decisions","authors":"Thilo Pionteck, Steffen Sammann, C. Albrecht","doi":"10.1109/EUC.2010.16","DOIUrl":"https://doi.org/10.1109/EUC.2010.16","url":null,"abstract":"Partially reconfigurable hardware accelerators enable the offloading of computative intensive tasks from software to hardware at runtime. Beside handling the technical aspects, finding a proper reconfiguration point in time is of great importance for the overall system performance. Determination of a suitable point of reconfiguration demands the evaluation of performance degradation during runtime reconfiguration and expected performance benefit after reconfiguration. Three different approaches to determine a proper point of reconfiguration are discussed. Delays and weighted transitions are used to reduce the number of reconfigurations while keeping system performance at a maximum. Evaluation is done with a simulation model of a runtime reconfigurable network coprocessor. Results show that the number of reconfigurations can be reduced by about 35% for a given application scenario. By optimizing runtime reconfiguration decisions, the overall system performance is even higher than compared to pure threshold based reconfiguration decision schemes.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133189734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
While the nascent Cloud Computing paradigm supported by virtualization has the upward new notion of edges, it lacks proper security and trust mechanisms. Edges are like on demand scalability and infinite resource provisioning as per the ‘pay-as-you-go’ manner in favour of a single information owner (abbreviated as INO from now onwards) to multiple corporate INOs. While outsourcing information to a cloud storage controlled by a cloud service provider (abbreviated as CSP from now onwards) relives an information owner of tackling instantaneous oversight and management needs, a significant issue of retaining the control of that information to the information owner still needs to be solved. This paper perspicaciously delves into the facts of the Cloud Computing security issues and aims to explore and establish a secure channel for the INO to communicate with the CSP while maintaining trust and confidentiality. The objective of the paper is served by analyzing different protocols and proposing the one in commensurate with the requirement of the security property like information or data confidentiality along the line of security in Cloud Computing Environment (CCE). To the best of our knowledge, we are the first to derive a secure protocol by successively eliminating the dangling pitfalls that remain dormant and thereby hamper confidentiality and integrity of information that is worth exchanging between the INO and the CSP. Besides, conceptually, our derived protocol is compared with the SSL from the perspectives of work flow related activities along the line of secure trusted path for information confidentiality.
{"title":"Above the Trust and Security in Cloud Computing: A Notion Towards Innovation","authors":"Mahbub Ahmed, Yang Xiang, Shawkat Ali","doi":"10.1109/EUC.2010.114","DOIUrl":"https://doi.org/10.1109/EUC.2010.114","url":null,"abstract":"While the nascent Cloud Computing paradigm supported by virtualization has the upward new notion of edges, it lacks proper security and trust mechanisms. Edges are like on demand scalability and infinite resource provisioning as per the ‘pay-as-you-go’ manner in favour of a single information owner (abbreviated as INO from now onwards) to multiple corporate INOs. While outsourcing information to a cloud storage controlled by a cloud service provider (abbreviated as CSP from now onwards) relives an information owner of tackling instantaneous oversight and management needs, a significant issue of retaining the control of that information to the information owner still needs to be solved. This paper perspicaciously delves into the facts of the Cloud Computing security issues and aims to explore and establish a secure channel for the INO to communicate with the CSP while maintaining trust and confidentiality. The objective of the paper is served by analyzing different protocols and proposing the one in commensurate with the requirement of the security property like information or data confidentiality along the line of security in Cloud Computing Environment (CCE). To the best of our knowledge, we are the first to derive a secure protocol by successively eliminating the dangling pitfalls that remain dormant and thereby hamper confidentiality and integrity of information that is worth exchanging between the INO and the CSP. Besides, conceptually, our derived protocol is compared with the SSL from the perspectives of work flow related activities along the line of secure trusted path for information confidentiality.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117134242","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The paper describes how to model and control performance of a trusted web server using Feedback Error Learning and H¡Þ control theory. Web server load may experience enormous variations and unpredictability. Existing web servers are difficult to achieve performance guaranties in such environment. One of challenges in web server research is how to model non-linearity computing systems. We demonstrate that Web server model can be approximated with a two tank system that includes many uncertainly components. In contrast with web server delay control that only control delay, our architecture based on H¡Þ robust control and queuing model predictor enforce server utilization and delay guarantees for different classes on virtual servers. A simulation evaluation demonstrates that H¡Þ robust control can provide robust request utilization and request response time for Internet servers.
{"title":"Modeling and Robust Control for Trusted Web Server","authors":"B. Du, Chun Ruan","doi":"10.1109/EUC.2010.105","DOIUrl":"https://doi.org/10.1109/EUC.2010.105","url":null,"abstract":"The paper describes how to model and control performance of a trusted web server using Feedback Error Learning and H¡Þ control theory. Web server load may experience enormous variations and unpredictability. Existing web servers are difficult to achieve performance guaranties in such environment. One of challenges in web server research is how to model non-linearity computing systems. We demonstrate that Web server model can be approximated with a two tank system that includes many uncertainly components. In contrast with web server delay control that only control delay, our architecture based on H¡Þ robust control and queuing model predictor enforce server utilization and delay guarantees for different classes on virtual servers. A simulation evaluation demonstrates that H¡Þ robust control can provide robust request utilization and request response time for Internet servers.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129458757","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Context data are updated frequently due to the dynamic changes of the various sensor values and the situations of application entities. Without a proper management, the stored contexts will become different from those of the real-world. Those invalid contexts will cause context inconsistency problems and thus should be eliminated at the right time and in an appropriate manner. In this paper, we propose a context inconsistency management scheme based on context elimination rules that describe the semantics of context invalidity to solve context inconsistency problems. The proposed rule-based scheme will enable users to easily specify elimination conditions for inconsistent contexts. Our performance evaluation shows that the rule processing overhead is compensated for by virtue of the well-maintained repository of the stored contexts.
{"title":"Rule-based Approach for Context Inconsistency Management Scheme in Ubiquitous Computing","authors":"Yong-jae Lee, Jaehyoung Lim, S. Hyun, Dongman Lee","doi":"10.1109/EUC.2010.27","DOIUrl":"https://doi.org/10.1109/EUC.2010.27","url":null,"abstract":"Context data are updated frequently due to the dynamic changes of the various sensor values and the situations of application entities. Without a proper management, the stored contexts will become different from those of the real-world. Those invalid contexts will cause context inconsistency problems and thus should be eliminated at the right time and in an appropriate manner. In this paper, we propose a context inconsistency management scheme based on context elimination rules that describe the semantics of context invalidity to solve context inconsistency problems. The proposed rule-based scheme will enable users to easily specify elimination conditions for inconsistent contexts. Our performance evaluation shows that the rule processing overhead is compensated for by virtue of the well-maintained repository of the stored contexts.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130892508","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Rolf Kiefhaber, B. Satzger, J. Schmitt, Michael Roth, T. Ungerer
Trust is an important factor for autonomous distributed systems. Organic Computing features self-organizing techniques to manage complex distributed systems. This paper introduces two methods to measure and calculate trust values with respect to the reliability of other nodes by direct observation introducing minimum overhead. We demonstrate this approach using a simulator and show that both algorithms converge towards the fixed real trust value and stay within close bounds of it. Evaluations also show the amount of measurements needed to calculate a meaningful trust value as well as the importance of the nodes' own reliability value when measuring another node. Additionally, we introduce an enhancement of one method to calculate a meaningful trust even by an unreliable observer.
{"title":"Trust Measurement Methods in Organic Computing Systems by Direct Observation","authors":"Rolf Kiefhaber, B. Satzger, J. Schmitt, Michael Roth, T. Ungerer","doi":"10.1109/EUC.2010.25","DOIUrl":"https://doi.org/10.1109/EUC.2010.25","url":null,"abstract":"Trust is an important factor for autonomous distributed systems. Organic Computing features self-organizing techniques to manage complex distributed systems. This paper introduces two methods to measure and calculate trust values with respect to the reliability of other nodes by direct observation introducing minimum overhead. We demonstrate this approach using a simulator and show that both algorithms converge towards the fixed real trust value and stay within close bounds of it. Evaluations also show the amount of measurements needed to calculate a meaningful trust value as well as the importance of the nodes' own reliability value when measuring another node. Additionally, we introduce an enhancement of one method to calculate a meaningful trust even by an unreliable observer.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126660825","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mobile ad-hoc networks (MANET) has highly dynamic topology, open access of wireless channel and unpredictable behaviors, however, absence of effective security mechanism render MANET more vulnerable to positive attacks. Conventional assessments always require large sample data satisfy specific distribution and establish models through subjective recognition, thus lack common applicability, objectivity and reliability. To solve this problem and make accurate assessment, we propose RAPCA-PP model on basis of Projection Pursuit theory to realize both risk assessment and attributes analysis. Due to Projection Pursuit's theoretical merits, RAPCA-PP is thoroughly data-driven, it can be applied to conditions with small sample quantity, incomplete data and no-prior experience. Using RAGA for solution, RAPCA-PP shows well convergence. Compared with Grey Relations Projection, it demonstrates both better accuracy and higher discrimination. Moreover, our model can analysis attributes by importance and eliminate redundancy. Experiment shows that assessment with eliminated attributes can also correctly reflect each node's performance. RAPCA-PP proved to be suitable for real MANET working scenarios.
{"title":"Trusted Risk Evaluation and Attribute Analysis in Ad-Hoc Networks Security Mechanism based on Projection Pursuit Principal Component Analysis","authors":"Jihang Ye, Mengyao Liu, Cai Fu","doi":"10.1109/EUC.2010.81","DOIUrl":"https://doi.org/10.1109/EUC.2010.81","url":null,"abstract":"Mobile ad-hoc networks (MANET) has highly dynamic topology, open access of wireless channel and unpredictable behaviors, however, absence of effective security mechanism render MANET more vulnerable to positive attacks. Conventional assessments always require large sample data satisfy specific distribution and establish models through subjective recognition, thus lack common applicability, objectivity and reliability. To solve this problem and make accurate assessment, we propose RAPCA-PP model on basis of Projection Pursuit theory to realize both risk assessment and attributes analysis. Due to Projection Pursuit's theoretical merits, RAPCA-PP is thoroughly data-driven, it can be applied to conditions with small sample quantity, incomplete data and no-prior experience. Using RAGA for solution, RAPCA-PP shows well convergence. Compared with Grey Relations Projection, it demonstrates both better accuracy and higher discrimination. Moreover, our model can analysis attributes by importance and eliminate redundancy. Experiment shows that assessment with eliminated attributes can also correctly reflect each node's performance. RAPCA-PP proved to be suitable for real MANET working scenarios.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124923565","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mobility Model has drawn more and more attentions since its important role in Delay/Disruption Tolerant Networks (DTNs) routing protocol performance evaluation. In this paper, we first present a survey of various mobility models, and then analyze the movement characteristics in the disaster rescue scenario in detail. After that, we introduce a novel mobility model, the Random Way Point with Attraction Direction (RWPAD) Model to represent the rescue and transport groups in this special scenario. Then we investigate the impact of the mobility model on the performance evaluation of specific DTN protocols. To this end, we compare our models to the existing ones under five classic DTN routing protocols. The results indicate that different mobility patterns significantly affect the various protocols in different ways. So before a new routing protocol is deployed in a real situation, it should be tested under the scenario based mobility models. The model we proposed in this paper provides a relatively more realistic environment basis for DTN routing protocol research in the disaster rescue scenario than the existing ones.
{"title":"RWPAD: A Mobility Model for DTN Routing Performance Evaluation","authors":"Yong Wang, Wei Peng, Xilong Mao, Z. Gong","doi":"10.1109/EUC.2010.76","DOIUrl":"https://doi.org/10.1109/EUC.2010.76","url":null,"abstract":"Mobility Model has drawn more and more attentions since its important role in Delay/Disruption Tolerant Networks (DTNs) routing protocol performance evaluation. In this paper, we first present a survey of various mobility models, and then analyze the movement characteristics in the disaster rescue scenario in detail. After that, we introduce a novel mobility model, the Random Way Point with Attraction Direction (RWPAD) Model to represent the rescue and transport groups in this special scenario. Then we investigate the impact of the mobility model on the performance evaluation of specific DTN protocols. To this end, we compare our models to the existing ones under five classic DTN routing protocols. The results indicate that different mobility patterns significantly affect the various protocols in different ways. So before a new routing protocol is deployed in a real situation, it should be tested under the scenario based mobility models. The model we proposed in this paper provides a relatively more realistic environment basis for DTN routing protocol research in the disaster rescue scenario than the existing ones.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125322252","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The mechanism of establishing trust in a computing platform is tightly coupled with the characteristics of a specific machine. This limits the portability and mobility of trust as demanded by many emerging applications that go beyond the organizational boundaries. In order to address this problem, we propose a trusted computing platform in a form of a USB device. First, we describe the design and implementation of the hardware and software architectures of the device. We then demonstrate the capabilities of the proposed device by developing a trusted application.
{"title":"Trusted Computing Platform in Your Pocket","authors":"S. Nepal, J. Zic, Dongxi Liu, Julian Jang","doi":"10.1109/EUC.2010.126","DOIUrl":"https://doi.org/10.1109/EUC.2010.126","url":null,"abstract":"The mechanism of establishing trust in a computing platform is tightly coupled with the characteristics of a specific machine. This limits the portability and mobility of trust as demanded by many emerging applications that go beyond the organizational boundaries. In order to address this problem, we propose a trusted computing platform in a form of a USB device. First, we describe the design and implementation of the hardware and software architectures of the device. We then demonstrate the capabilities of the proposed device by developing a trusted application.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131163907","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The proposed scheme maximizes the communication rates of multiple sender sensors to a terminal sensor while assuring a given connection time without connection abortion caused by the depletion of available battery energy. Each wireless sensor chooses one of two radio transmission ranges with disparate energy consumptions when sending a packet. The proposed scheme generates an edge-capacity graph from a sensor network and finds the routing paths by applying an advanced version of the existing maximum-flow algorithm to the graph. Finally the scheme determines the transmission rate of packets from each sender node to the terminal node, which is the number of transmittable packets in the found routing paths divided by the given connection time.
{"title":"A Connection-assured Many-to-one Communication of Wireless Sensors with Two Transmission Ranges","authors":"W. Lee, H. Paek, J. Yeo, K. Kim","doi":"10.1109/EUC.2010.36","DOIUrl":"https://doi.org/10.1109/EUC.2010.36","url":null,"abstract":"The proposed scheme maximizes the communication rates of multiple sender sensors to a terminal sensor while assuring a given connection time without connection abortion caused by the depletion of available battery energy. Each wireless sensor chooses one of two radio transmission ranges with disparate energy consumptions when sending a packet. The proposed scheme generates an edge-capacity graph from a sensor network and finds the routing paths by applying an advanced version of the existing maximum-flow algorithm to the graph. Finally the scheme determines the transmission rate of packets from each sender node to the terminal node, which is the number of transmittable packets in the found routing paths divided by the given connection time.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131614507","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: