Earticle

Energy consumption is a critical problem affecting the lifetime of wireless sensor networks (WSNs) in structural health monitoring (SHM). A huge original acquisition data was transmitted between nodes which occupy a large amount of communication bandwidth, and even lead to paralysis of WSNs. Thus, data compression to reduce network traffic and energy loss before transmission is necessary. A number of traditional techniques have proposed to solve this issue by sampling the full signal and then taking compression process. But it spends a lot of processing time. In this paper, we establish suitability compressive sensing (CS) to address some challenges using WSN. Through the improvement of reconstruction algorithm and the experimental demonstration, the application of this method could ensure the accuracy of the data as well as balance the network energy consumption. Moreover, it can also reduce the cost of data storage and transmission which makes a certain contribution to the quality for SHM.

This research project investigates human resource management practices related to in-formation privacy policy compliance by individuals in banks industry. The results of this survey of 257 bank employees in Korea indicate that certain human resource manage-ment practices within organizations (referred to as developmental-oriented appraisal, externally or internally equitable reward, selective staffing and training for career devel-opment) contribute to a social exchange process. This process is distinct from the formal compliance training procedures and is shown to influence employee perceptions of social exchange to engage in compliance activities, which contributes to behavioral intention to comply with information privacy policies. Implications for managers and researchers are discussed.

Interoperable Role-Based Access Control (IRBAC) 2000 model can be used to accomplish security interoperation between two or more administrative domains via role association and dynamic role translation. However, Static Separation of Duties (SSoD) is not considered in the IRBAC 2000 model, so the problem of inter-domain static mutual exclusive roles constraints violation can arise. This paper proposes a novel method based on colored Petri nets to model and analyze IRBAC 2000 model so as to detect static mutual exclusive roles (SMER) constraints violation. The necessary and sufficient conditions for SMER constraints violation in the IRBAC 2000 model are demonstrated. A graphical detection model based on Colored Petri net of SMER constraints violation is presented and then a more complicated case study is used to illustrate the efficiency of the proposed model. Moreover, some prerequisites for avoiding SMER constraints violation and guaranteeing the model security while adding new role association or user-role assignment are also discussed, analyzed and detailed based on colored petri net model in this paper.

There are various services using mobile devices due to development of communication technology and mobile equipment, regardless of time and place. To secure usage of convenience and smart services, authentication between users’ devices and network is necessary. To achieve this, many researches have been studied about 3rd Generation Partnership Project Authentication and Key Agreement (3GPP-AKA). Therefore, during authentication between MS and network in radio environments, it is very important to reduce the amount of processing and stored data in MS as much as possible in order that overload of authentication does not occur. So, in this paper, we propose an advanced authentication protocol to solve the problems of 3GPP-AKA discussed other papers and to minimalize data memory usage, keeping the security. As a result, the proposed protocol decreases data memory usage by maximum 37%.

As a further development of the simulation grid, the cloud simulation platform is a new kind of network modeling as well as simulation platforms, and one of the hottest research directions in the cloud computing. While brings about the users with a lot of convenience, the cloud simulation shows also many severe security issues with its own characteristics, which can’t be solved effectively by the traditional access control strategies. According to the traditional role based access control(RBAC) model, this paper proposed a tree proxy-based and service-oriented access control(TPSAC) model. In the TPSAC model, a multilevel inherited meta permission and a multi-tree child-sibling linked list were adopted to separate the permission loading function and the permission distribution function to achieve a multi-granularity and quantized access control with the cloud simulation. A verification experiment on the CloudSim simulation platform was conducted then to demonstrate that the TPSAC model achieved the desired result.

Among the biometric characteristic, signature forgery is the easiest way to do. Possibility of signature forgery similarity might be reached perfectly. This paper introduced a new technique to improve dominant point feature system based on its location for online signature verification. Dynamic Time Warping is used to match two signature features vector. The performance of system is tested by using 50 participants. Based on simulation result, system accuracy without presence of the simple and trained impostors is 99.65% with rejection error is 0% and acceptance error is 0.35%. While the current systems are faced with the simple and trained impostors, system accuracy became 91.04% with rejection error is 1.6% and an average of acceptance error is 7.36% with details as follows; acceptance error is 0.08%, acceptance error of simple impostors is 4.4%, and acceptance error of trained impostors is 17.6%.The improved feature within fusion is produce better accuracy significantly than dominant point feature. Accuracy of the improved feature within fusion is 91.04%, whereas system accuracy with just use the dominant point feature is 70.96%.

In order to develop such web-based application systems efficiently, object-oriented analysis and design methodology is used, and Java EE(Java Platform, Enterprise Edition) technologies are used for its implementation. In addition, security issues have become increasingly important. Consequently, since the security method by Java EE mechanism is implemented at the last step only, it is difficult to apply constant security during the whole process of system development from the requirement analysis to implementation. ……………. Therefore, this paper suggests an object-oriented analysis and design methodology emphasized in the security for secure web application systems from the requirement analysis to implementation. The object -oriented analysis and design methodology adopts UMLsec, the modeling language with an emphasis on security for the requirement analysis and system analysis and design with regard to security. And for its implementation, RBAC(Role Based Access Control) of servlet from Java EE technologies is used. Also, the object-oriented analysis and design methodology for the secure web application is applied on an online banking system in order to prove its effectiveness.

Wireless sensor networks (WSNs) are often deployed in potentially adverse or even hostile environment so that there are concerns on security issues in these WSNs. Sensor nodes with resource-constrained make security applications a challenging problem. Key agreement is a fundamental security service in WSNs, which enables sensor nodes to communicate securely with each other using cryptographic techniques. However, due to the resource constraints on sensor nodes, it is infeasible to use traditional key management techniques such as public key cryptography and key distribution center. Recently, Kim proposed two efficient and non-interactive hierarchical key agreements in WSNs, which have good properties including non-interactive, hierarchical, resilient, etc. However, Kim’s protocols do not support freshness of the established session key that key agreement protocol should supports. Thereby, we propose two freshness preserving hierarchical key agreement protocols over the hierarchical WSNs, named as HKAP_FP. Our two HKAP_FPs inherit advantages from Kim’s protocols and well suited to the hierarchical WSNs.

The pedestrian detection is a hot research topic in computer recognition. It involves not only the pedestrian location information but also the intrusion detection function, which has wide prospects in the application of vehicle traffic, campus monitoring, and building guard. However, the identification accuracy and recognition speed play an important role in the pedestrian detection, which calls for a fast pedestrian detection approach. The general pedestrian detection implementation, based on the integral channel features method and soft cascade classifier, is the popular technique in the current business application since its better speed and accuracy. Thus, this method uses the feature approximation technique and multiple classifiers to achieve the feature computing, which speeds up the detection without resizing image. To this end, this paper is motived to propose a multi-scale handling method for the fast pedestrian detection, using the tactics detection from sparse to dense. Our pedestrian detection method consists of four parts functions, mainly pedestrian statistics and intrusion detection, pedestrian tracking and pedestrian flow statistics. All these modules are introduced with its details about design and implementation. In Addition, the proposed multi-scale handling method can be applied into most of object detectors to improve their recognition speed. In conclusion, our proposed approach has a good potential application prospect in the video surveillance system.

E-governance is the application of information & communication technologies to transform the efficiency, effectiveness, transparency and accountability of informational & transactional exchanges with in government, between government & government agencies of National, State, Municipal & Local levels, citizen & businesses, and to empower citizens through access & use of information. Pervasive services of virtual communities and digital governments are achievable only if trust, privacy and security can be secured and strengthened. To meet these requirements, mechanisms, which provide secure management of information and facilities without compromising privacy and civil rights, have to be devised. The success of such mechanisms relies on effective identity authentication. While traditional security measure such as PINs and passwords may be forgotten, stolen, or cracked, biometrics provides authentication mechanisms based on unique human physiological and behavioural characteristics that can be used to identify an individual or authenticate the claimed identity of an individual, but cannot be easily duplicated or forged. This paper discusses the role of biometric authentication in e-governance environment to provide services efficiently and securely over the internet.

With the volume of Internet communication continuing to increase, there are more cases of worm and virus intrusion through the network. The security system against external attacks that use various security vulnerabilities consists of firewall and intrusion detection and prevention subsystem, and its functionality is becoming more advanced. As indicated by the recent security issues and intrusion cases, however, APT attacks and worm and hacking must be dealt with continuously. As such, enterprises are investing in various measures for an integrated security system to identify the threats of network security-based security vulnerabilities and cope with theme effectively. This paper proposes a network packet in-depth test-based, integrated security system that analyzes the threat factors through a total study of network packets circulated in realtime and applies various security functions to cope with intelligent security threats in the future.

As data leakage moves to ever more challenging areas, improving the security level of anti-data leakage and lowering overhead to the operating system becomes increasingly important. Therefore, the paper presents a novel double cache file filter driver based on transparent encryption, called as DBFD. In order to boost security of data, that is controlled by the file filter driver. The DBFD overcomes the limitation of double cache in the file system kernel in windows operating system and used the transparent encryption method to protect the data security. To evaluate DBFD, we used Iometer as the measurement tools to measure performance. The simulation results indicate that proposed DBFD has higher security, less overhead to the windows operating system.

Recently, several cloaking methods based on K-anonymity and L-diversity has been proposed to protect the user’s location privacy for Location-based Services (LBS). Considering that a cloaking region could contain some semantic places, which can easily endanger the user’s privacy, it is not safe to cloak the user’s location only consider K-anonymity and L-diversity. This paper presents a novel personality privacy-preserving cloaking framework for the protection of sensitive positions on road-network environment. In our scheme, a Voronoi-partition graph is first learned from an urban network, and a Dominance Date Center (DDC) is introduced to take charge of the vertex’s Voronoi-partition (dominance space) data. Then, the θ-security semantics is introduced to measure the degree of sensitive semantics leakage. Thus, a lightweight agent running in the client can contract with DDC and process the sensitive semantics-aware cloaking algorithm to generate a cloaking region to meet K-anonymity and θ-security semantics. Final, not the anonymizer, but the client agent access direct into the LSP.

E-Passports are issued to the citizens by many countries with biometric data like face, fingerprint and iris for foolproof identification. A first generation standard for E-Passport was proposed by International Civil Aviation Organisation. Due to security flaws in the proposed one, second generation standards with Extended Access Control mechanism was developed. To improve the security of E-Passport many proposals are being discussed. This paper suggests a new authentication protocol using Customized Elliptic Curve Cryptography to improve the reliability of E-Passport.

Streaming media is widely adopted by thousands of applications in cloud computing, how to effectively protect streaming media contents is a new challenge. In this paper, we propose an efficient online digital rights management (DRM) scheme supporting dynamic license in cloud computing. The content provider encrypts media content and outsources the encrypted content to cloud storage, while the user acquires dynamic license from the license server and consumes the streaming media content from the cloud storage. Further, we present a secure key distribution protocol based on proxy re-encryption, which protects the confidentiality of content encryption key, and reduces the work of key management in the cloud, and also supports domain key to realize user domain management. In addition, we develop a prototype system with Google cloud storage APIs based on the proposed scheme, and the implementation and comparison results show that the proposed scheme satisfies the requirements of online media content protection in cloud computing.

A mobile ad hoc network (MANET) is a kind of wireless communication system that doesn't have base stations or routers. The wireless connections can be a standard Wi-Fi connection or satellite, or another medium such as a cellular transmission. Specific applications like military or public emergency require secure group communication in ad hoc environments. Good Key management is very important to get protection in any communication system. This paper presents most problems of securing key management in ad hoc networks. It presents a survey of different types of key management protocols in wired networks and in ad hoc networks. It presents the most common kinds of attacks in ad hoc networks. A new efficient approach is proposed. It is based on dividing the members into clusters. This scheme assumes a maximum allowed number of members in each cluster. This reduces the required number of encryption and decryption operations for each join operation in the cluster. This is most suitable for Mobile Ad hoc Networks.

Anti-debugging technology refers to various ways of preventing binary files from being analyzed in debuggers or other virtual machine environments. If binary files conceal or modify themself using anti-debugging techniques, analyzing these binary files becomes harder. There are some anti-anti-debugging techniques proposed so far, but malware developers make dynamic analysis difficult using various ways, such as execution time delay, debugger detection techniques and so on. In this paper, we propose a Evading Anti-debugging techniques method that can avoid anti-debugging techniques in binary files, and showed several samples of anti-debugging applications and how to detect and patch anti-debugging techniques in common utilities or malicious code effectively.

The process of transferring data within any physical environment is highly vulnerable and liable to face many security issues leading to sniffing of highly confidential data by any of the prevalent cyber attacks. Presently, there are various classic data retrieving methodologies such as CASE, PIVOT and SJP within a physical environment. However, these methods are not completely fail proof against unauthorized data retrieval. This paper aims to implement the concept of Knowledge Cube generation for securely transfer data with the help of Horizontal Aggregation method in virtual environment. The concept of ‘Knowledge Cube’ is referred as a multidimensional model composing of cubes and dimensions, which can be further interpreted so as to execute complex queries during any data retrieval process in both physical and virtual environment.

Countries across the world are showing interest on the investment of convergence industry amalgamated with IT according to the global economic crisis. For such convergence industry to become stable, it should be preceded by the establishment of environment for safely protecting cutting-edge technologies produced through IT convergence. However, cutting-edge technologies are being easily leaked outside as they become digitalized through IT convergence. However, existing studies have been mostly limited to information security centering on IT information asset. This paper conducted a study on the security requirement demand research for establishing response strategy on technology leakage possibility and leakage route by analyzing the business process of automobile industry. In conclusion, the biggest difficulty in sharing information of automobile industry was inability to inspect the status of technology protection of outside organization. Accordingly, the area of DB security is the security area that is thought to be most urgent as of now, and it was found in a research on the intention to introduce security system within 2 years that 66.7% of respondents are willing to introduce security system.

The effectiveness of a submarine casing cutting robot is mainly influenced not only by its operational but also by its reliability and safety. In this paper, fault diagnosis research of this cutting robot is evaluated using the Bayesian network. A methodology of transforming the fault tree model into Bayesian network model is used. The fault tree model is established simply and conveniently. Bayesian network can address interesting questions allowing both forward and backward analysis. Combining the merits of two methods, the causes of failures, the occurrence probabilities and the importance of various components are analyzed based on the Netica software. The results show that the robot has high reliability and should be paid attentions to the research of feeding mechanism and the discharge gap detection circuits.

Starting with the discovery of Stuxnet SCADA systems have been the target of cyber threats. Original SCADA system is operating in closed-independent structure is safe from outside attacks, but by the development of IT industry With the advent of the Internet as a connection point is always exposed to hacking threats. As a result, if cyber attacks occur in the SCADA system as a national major economic and social problems will occur. So in this study, Accurate and concise risk calculation propose. And this formula is can be that indicator of new system's efficiency

Due to the openness of the Android-based open market, the distribution of malicious applications developed by attackers is increasing rapidly. In order to reduce the damage caused by the malicious applications, the mechanism that allows more accurate way to determine normal apps and malicious apps for common mobile devices should be developed. In this paper, the normal system call event patterns were analyzed from the most highly used game app in the Android open market, and the malicious system call event patterns were also analyzed from the malicious game apps extracted from 1260 malware samples distributed by Android MalGenome Project. Using the Strace tool, system call events are aggregated from normal and malicious apps. And analysis of relevance to each event set was performed. Through this process of analyzing the system call events, we can extract a similarity to determine whether any given app is malicious or not.

Homeland security field deals with diverse subjects, audio processing, video surveillance, image detection, geolocation determination, and cyber attack detection. Audio processing and video surveillance area are significant for public places safety and land border area. However the big threat for homeland security is cyber attacks. Cyber terror attacks and cyber crime attacks may move over virtual networks and can get every home. Nowadays, we consider the homeland security field however we set the cyber attack detection area the highest priority in our research. This paper introduces the overview of the state of the art in cyber attack detection strategies.

Because of the development of network and computing technology, cloud computing systems, which remotely store data in a third place and retrieves and processes these data with diverse terminals anytime and anywhere, have attracted considerable research attention. If an individual’s sensitive information or information about his/her body is stored as data stored in a cloud with remote storage without encryption, then an attacker or unethical server manager can access these stored data without the permission of the data owner. This is a security problem. Therefore, data stored using remote storage, need to be encrypted. However, in the case of data encrypted using a general encryption algorithm, since the entire set of encrypted data is downloaded to the data owner’s terminal for a safe search and has to be decrypted for the search, the advantages of remote storage are nullified. To solve this problem, searchable encryption systems have been developed. With a searchable encryption system, encrypted data can be searched safely without the process of decryption. This scheme safely stores the index that can search data and enables search with no information spill. However, the existing scheme, which is available for search, produces the same form of trapdoor for multiple searches of a keyword. A number of queries are transferred to the cloud, and the storage manager infers the keyword through these queries. The fact that the information user searches and the searched data content can be figured out through the queries poses a significant problem. Therefore, this research paper suggests a safe scheme for data management by using a one-time trapdoor so that an unethical server manager or attacker cannot infer the content of the search and the data through the queries when the same user searches the same keyword. This is possible because different trapdoors are produced when the same user searches the same keyword.

U.S. Nuclear Regulatory Commission’s Regulatory Guide 5.71 requires CMVP (Cryptographic Module Validation Program)-approved cryptographic modules for Nuclear facilities. And NIST documents also require CMVP-approved modules for smart grid networks. In this paper, a convergence method of CMVP and SSL(Secure Socket Layer) for web services and performance results of the method are presented.

In the practical application of crowdsourcing, some unreliable workers have emerged due to profit driven. Their results seriously reduce the quality and bring about the initiator’s judgment biases. In this paper, we creatively put forward a crowdsourcing fraud detection method based on psychological behavior analysis to find out the spammer according to the psychological difference between deception and reliable behavior by means of Ebbinghaus forgetting curve. Furthermore, we constructed an online crowdsourcing experiment platform to verify the validity of our method. As a result, filtration recall and precision attained 0.93 and 0.79 respectively. Moreover, the overall LAM was decreased by 3.7% and AUC increased by 8% before and after filtration. Experimental results show that our method is effective and feasible.

Malicious-code scanning tools are practically available for identifying suspicious websites. However, such tools only warn users about suspicious sites and do not provide clues as to why the sites were hacked and which vulnerability was responsible for the attack. In addition, the huge number of alarms burdens mangers while executing in-time-response duties. In this paper, a process involving feature modeling and data-mining techniques is proposed to help solve such problems.

In recent years, the effective management of organization’s business processes has become more and more important to support the business workflows. Although some collaboration platforms have been created to support business processes, the user and role authorities in these platforms cannot automatically change in accordance with context information (e.g., time and location, and environment information). Therefore, this study designs and implements the Collaboration Service Integration Platform (CSIP) which combines Business Process Model and Notation (BPMN) and Context-Aware Role-Based Access Control (CA-RBAC) model. The context information is considered to enhance RBAC and adjust the authority of user role dynamically. For implementation, the logic gateways and connectors are added in the tasks and workflows for adjusting the authority dynamically. The right information can be accessed by the right user in CSIP based on CA-RBAC.

The rotation symmetric Boolean functions which are invariant under the action of cyclic group have been used as components of different cryptosystems. In order to resist algebraic attacks, Boolean functions should have high algebraic immunity. This paper studies the construction of even-variable rotation symmetric Boolean functions with optimum algebraic immunity. We construct ( n/4 - 3) different rotation symmetric Boolean functions which achieve both optimum algebraic immunity and high nonlinearity when an even (n ≥ 16) is given.

Nowadays, more and more people are motivated to outsource their local data to public cloud servers for great convenience and reduced costs in data management. But in consideration of privacy issues, sensitive data should be encrypted before outsourcing, which obsoletes traditional data utilization like keyword-based document retrieval. In this paper, we present a secure and efficient multi-keyword ranked search scheme over encrypted data, which additionally supports dynamic update operations like deletion and insertion of documents. Specifically, we construct an index tree based on vector space model to provide multi-keyword search, which meanwhile supports flexible update operations. Besides, cosine similarity measure is utilized to support accurate ranking for search result. To improve search efficiency, we further propose a search algorithm based on “Greedy Depth-first Traverse Strategy”. Moreover, to protect the search privacy, we propose a secure scheme to meet various privacy requirements in the known ciphertext threat model. Experiments on the real-word dataset show the effectiveness and efficiency of proposed scheme.