Earticle

With the growing popularity of cloud computing, more and more data owners are willing to outsource their data to the cloud. However, private data should be encrypted before outsourcing for security requirements, which obsoletes data utilization like content-based image retrieval. In this paper, we propose a secure similarity image search scheme, which allows data owners to outsource their encrypted image database to the cloud server without revealing the real content of images. The proposed scheme supports both global and local feature based image retrieval under various distance metrics, such as earth mover's distance. Firstly, the data owner extracts either global features or local features from images to represent the images. Then, these features are used to generate a searchable index. Finally, both image database and searchable index are encrypted before outsourcing to the cloud server. When a query image coming, the data user extracts feature from the query image and generates the search trapdoor. The trapdoor is then sent to the cloud server and used to compare the similarity with the searchable index. Extensive experiments are conducted to show the efficiency and applicability of our proposed similarity image search system.

Graphical passwords are an authentication user model that consists of the recall of pictures or graphics signs to gain access to a system. They have been proved to be a se-cure and reliable alternative to textual passwords; by giving a more robust schema against brute force and shoulder-surfing attacks. In this research paper we present an alternative to a graphical password based on a modification of the Tangram game. We believe our proposal accomplishes the features of being an easy recognition-based system password giving the user enough security against common threats such as brute force attacks by dictionary means or OCR types, as well as shoulder-surfing attacks.

Bertino et al. propose a temporal Role-based Access Control (TRBAC) model, and Joshi et al. propose a Generalized TRBAC (GTRBAC) model based on TRBAC. Some periodic constraints and duration constraints are introduced to express the corresponding time-based access control policy semantics and enhance the expressiveness of the temporal RBAC model. We have analyzed the TRBAC and GTRBAC models and pointed out that the sufficient conditions for guaranteeing the safeness of the GTRBAC model was not comprehensive, so we have analyzed the reasons and designed a process rule to solve the safety problem. In this paper, an improved process rule is designed to solve the safety problem. In addition, a fault about translating a dependent trigger of TRBAC into an Oracle trigger is analyzed. In order to ensure the temporal RBAC model better, an Improved Generalized Temporal Role-based Access Control (IGTRBAC) based on the TRBAC and GTRBAC models is put forward. The two proposed restrictions in the IGTRBAC model are used to resolve the security problems caused by the dependent trigger and the cardinality constraint on role activation. At last, case study shows that the IGTRBAC model is safe.

With the increasing number of Web services, the goal of consumers becomes to discover and use services that lead to their experiencing the highest quality. Quality of Service (QoS) is important to evaluate the QoS performance of services to differentiate the qualities of service candidates. QoS is highly related to context information since service consumers are typically distributed in different geographical locations. Their experience is usually different. Invoking a huge number of Web services for consumers to predict the quality is time-consuming, resource- consuming, and sometimes even impractical. To address the challenge, this paper proposes a personalized context-aware recommendation approach for predicting the QoS of Web services and designs a prediction framework. This algorithm is a hybrid of the model-based and memory-based collaborative filtering algorithms. In our experiment, we collect QoS information from geographically distributed service consumers through the framework. Based on the QoS and context information, we predict the quality of services. As a result, we can obtain a list of recommended services for selection. Finally, the experiment shows that the algorithm using context information achieves better prediction.

Recently, digital door locks have been widely used as part of the IoT (Internet of Things). However, the media has reported digital door locks being opened by invalid users to invade homes and offices. In this study, a digital door lock system that can work with the IoT environment is proposed. It is designed and implemented to enhance security and convenience. The proposed system provides strengthened security functions that can transfer recorded images to a user’s mobile device when an invalid user attempts an illegal operation; it can also deliver alarm information to the mobile device when the door lock is physically damaged. The proposed system enables a user to check the access information and remotely operate the door lock to enhance convenience.

Various unpredictable faults often occur when the rocket is on mission. It is very important that the safety control decision is made in time and effectively according to judging and analyzing the fly parameters. The expert system for rocket safety control based on uncertain reasoning is proposed according to the characteristics of parameters. At first the reasoning control strategy is studied on, which provides the method for resolving the conflicts and the search. Then a novel uncertain reasoning model is put forward, and the knowledge’s uncertain representation and processing, the uncertain match algorithm and the certainty factor deliver method are expressed. Simulation experiments show that this system can acquire the craft launching information quickly and accurately, and can determine its sphere of influence, which effectively makes decision for the safety control officer.

The Steganography is an art and technique of hiding secret data in some carrier i.e. image, audio or video file. For hiding data in an image file various steganography techniques are available with their respective pros and cons. Broadly these techniques are classified as Spatial domain techniques, Transform domain techniques, Distortion techniques and Visual cryptography. Each technique is further classified into different types depending on their actual implementation. This paper is an effort to provide comprehensive comparison of these steganography techniques based on different Performance Metrics such as PSNR, MSE, MAE, Intersection coefficient, Bhattacharyya coefficient, UIQI, NCD, Time Complexity and Qualitative analysis. For this purpose a simulator is designed in MATLAB to implement above said techniques. The techniques are compared based on performance metrics..

Attribute-Based Encryption (ABE) is a promising cryptographic primitive to implement access control for secure data storage in the cloud. Since the data owner may frequently change the access policies defined in the ciphertext, it is significant to provide the capacity for dynamic policy updating. However the cloud should also authenticate the owner because the adversary may modify the access policies of the files in the cloud to prevent the legal users from accessing them. In this paper, we focus on the owner’s authentication in the ABE systems and propose a novel scheme which enables access control with authenticated dynamic policy updating in the cloud. We adapt the Pedersen commitment and Zero Knowledge Proof of Knowledge (ZKPK) to realize the anonymous authentication of the owner’s policy updating key without increasing any secret information to the owner side. The analysis shows that our scheme is authentic and efficient as well as adaptive to different types of access policies.

Recently, Microsoft unveiled a new operating system called Windows 10. As it is highly expected that Windows 10 will play a significant role in the Internet of Things era, the Portable Executable (PE) format is drawing attention even more widely than before. PE is a standard file format for executables and object code used in MS Windows operating systems. Since a number of various malwares have widely spread by exploiting vulnerabilities of PE structure, the need of automatic tools for PE-malware detection is being magnified. In this paper, we designed and developed a command-line PE file analysis tool using Python language for automatic detection of Windows malware.

Current probabilistic power flow calculation methods mostly consider the uncertainties of loads and the random failures of generators without thinking about the changing of the grids structure. Hence, this paper proposes a new probabilistic power flow calculation method comprehensively considering the influences of the uncertainties of wind farms, loads, generators, and grids structure on power flow calculation. The linear relationships are deduced between the nodes injection power and the branch active power as the circuits being at failures, and the cumulative probability distribution of each branches power flow is calculated by using semi-invariant and Gram-Charlier series expansion, and such that the complicated convolution operation is avoided. Combining compensation method and the conditional probability theory to deal with network structure changes of random factors, the paper establishes a probability flow calculation model comprehensively considering diverse factors such as random outputting power of the wind farms, random changes of the loads, and random failures of the generators, and the random variation of the grid structures and so on, the probability distribution function and probability density function of each branch can be quickly obtained by the model. Through the analysis on IEEE 14-node system, the uncertainty of grid structure has a remarkable effect on the probability distribution of the quantity to be solved. Hence, applying the proposed method can provide planners with more accurate and comprehensive information.

Content for mobile devices, unlike content for PCs, need to be optimized for the features of the mobile device. In recent years, with the progress in mobile telecom technology including Wibro and 3G, various types of mobile devices have become widely available, such as PMP, PDA, or UMPC. This has drawn attention to interactive multimedia services such as IPTV, DMB broadcasting, mobile portals and mobile TVs. However, in order to provide appropriate services for the mobile environment, the process of converting MPEG-4 BIFS to LASeR is required. This paper proposed optimized watermarking scheme for mobile device. Proposed watermarking algorithm uses z-axis location information of MPEG-4 BIFS and original model is not needed in extraction procedure. This proposed watermarking algorithm has good imperceptibility and robustness against the geometrical attacks such as noise addition, simplification and cropping. And it is proved that this proposed algorithm is good for access control capability by the experiment.

Medication Safety is an important issue for patients. Telecare medicine information system using RFID technology is used to reduce the medication errors and improve the patient safety. In this paper, we show the weaknesses of Keerti Srivastava et al.’s authentication scheme. In order to enhance medication safety for patients, we propose a new lightweight RFID authentication scheme based on dynamic ID. This scheme only requires O(1) work to identify and authenticate a tag in the backend server, so it is practical, secure and efficient for health care domain.

Accurate detection performance of spectrum sensing will obviously affect the communication quality of licensed users and secondly users. Robust spectrum sensing algorithm can reduce interfere to primary users. This paper presents a new OFDM cyclic spectrum sensing scheme which based on overlay parts sub-carriers to original OFDM signals. In this paper, the parts sub-carriers come from original OFDM cyclic feature signals. Simulation and numerical results show that new method has a high success rate of sensing and a shorten detection time. Moreover, computational complexity is almost no change. Algorithm improved detection performance obviously and enhanced the effectiveness of anti-noise uncertainty and improved the robustness of detecting weak signal. Algorithm meets the spectrum sensing technology requirements of low SNR environment.

The purpose of this paper is to study on the development of efficient system recovery from various hacking attacks or computer virus incidents. When computer system was damaged by hacking attacks or cyber incidents, and needed to be recovered efficiently, the best way is to roll back to the original system status. If the situation were unable to return to its original status, one of the best ways in system recovery would be going back to prior day status using security technology effectively. By applying filter driver, one of the key points of this development, which resides between MBR (Master Boot Records) driver and BIOS (Basic Input Output System), can enable to go back to the prior day system status for the efficient recovery. The main objective of this paper is to study about the development of emergent system recovery solution concerned with security incidents to react rapidly and correctly from the viewpoints of system reliability and stability.

The existing social network privacy protection method mostly aims at the individuals of the social network, which cannot protect effectively the sensitive relations in the social network. Therefore, this paper proposes a new personalized K_L model. This model requires each sensitive relation with the sensitive relational point have l at least, and also the point with the same requirement has k at least. Thus, the attack has been resisted during the protection of the sensitive relations. Through seeking the most figure of merit sequence and considering individual sensitive attribute, the L-diversity method is applied so as to guarantee the least side and reduce the anonymous cost. Through the data set experiment, this paper proposes new personalized model K_L, which has the high anonymous quality and can effectively protect user's privacy in the social network.

Today major issue in IT Sector is security, now a day in every field software products are using at the same time users are struggles for their information and data security. Normally software engineers developed good software and test the all aspects and deliver to the user but they cannot bother about minuet problems because they think that those problems cannot impact the product output. But in the run time environment those problems create major problems and display the wrong outputs. Software hackers also using these minuet problems hacked the system and spoil the data. There are so many methods are available for information security and risk management but those are not universally accepted methods. In this paper I proposed a novel method for information security and risk management. Using this method to develop application very well and if any hidden mistakes are there in development stage those risks are identified in run time environment and reduce risk and provide security to the data.

RFID is a key technology that can be used to create the pervasive society. The EPCglobal Class-1 Gen-2 specification is an important standard for RFID. The tags conforming to this standard have limited computing and storing resources, and no more attentions are paid to their security and privacy. So the application of these tags is not secure. HB+ protocol is one of the typical lightweight authentication protocols suitable to these low-cost RFID tags. But it is vulnerable to active attacks. For some scenarios with frequent active attacks the efficiency of HB+ protocol will be degraded seriously. In order to improve the security and efficiency of HB+ protocol for some scenarios with frequent active attacks, a novel detection-exit-restart mechanism is proposed to monitor the integrity of the exchanged messages between the reader and the tag. The improved HB+ protocol can resist active attacks and it is more efficient and secure than HB+ protocol. This protocol only uses the computing resources embedded in tags and it is very suitable to low-cost RFID systems.

The number of mobile applications on Android platform has largely increased in recent years. The security problems, as one of the outcomes induced by the popularity of Android, become more and more critical. Malicious repackaged applications (MRAs) perform malicious behaviors through malware developers embedding malicious codes into the benign origin applications (BOAs), which threat the security of users’ finance and privacy. In this paper, a method based on API calls monitoring is proposed to effectively detect MRAs. We discuss the characteristics of behaviors and analyze the differences in API calls between MRAs and their BOAs. A MRA detection model is established, which builds up the super-sphere for each BOA via a SVDD algorithm. The model can detect the abnormal behaviors of MRAs which deviate the normal behaviors of corresponding BOAs. Experiments are carried out on imitated and real MRAs, where the results demonstrate the effectiveness of our method for detecting the singly and multiply contaminated BOAs.

In the recent work environment, any firm or organization can’t guarantee the achievement of its strategic goals, that is, its success without utilizing IT well, so the IT became the object of main attention, and the reliance on the IT gets more intensified in all business fields. Therefore, each firm and public institute take enormous efforts for setting their internal audit systems appropriate for the recent business environment. Especially as the Public Audit Act began to take in effect from 2010, its raised the necessity to develop a new internal audit administration meeting a more advanced internal audit body’s role and its status as well as the changes in the administration different from the past administration. Reflecting the past, the existing internal audit activities have done around the post-exposure approaching to the known risks or a kind of fragmentary checkup around samples. Besides, the existing internal audits have focused on pointing out the organization’s problems and controlling them. So the organization being audited did not fully accept the internal audit results and there were also some aspects not meeting the internal customer’s needs. Therefore this study aimed to propose an improved model of audit information system supporting the recent audit trends (enhancing the efficiency of work process and consulting) in order to draw out a more strategic improvement plan after analyzing the status quo of public firms’ internal audits and their problems through the review of existing studies and literature about the theme.

With the fast development of Open Access (OA) in recent years, it helps stimulate free scientific achievements propagation via Internet and promote academic exchange and fast publishing in an efficient and cheap way. In this paper, we propose a construction scheme of our Natural Science Foundation of China (NSFC) open access library which is under development recently. We first propose our overall architecture for OA library. Then, we present detailed design from upper layer OA webpage with 3-level display hierarchy to the middle layer some key function modules. Next, bottom layer raw data acquisition module and other important system function modules like interface module, people management and security modules are explained with illustrative figures and table.

As there’s increase in services with mobile devices, authentication technology by mobile devices has diversified. Nowadays to cope with security threat of e-commerce high rick transactions need multi-factor authentication technology conjoined in one or more factors. This paper proposes 2-factor authentication technology for security enhancement in electrical micro-payment system.

In this paper, we propose a camera-model detection method based on a hybrid approach. Varying camera inside imaging processing will lead to varying artifacts. A few of artifacts can reflect camera model-specific. To comprehensive track camera model-specific footprint, we build a hybrid approach by combining two-step Markov feature based model and CFA feature based model. A 132-D feature set is designed to perform camera-model classification. Images from seven camera models in the Dresden Image Database are chosen as our experiment database. Experiment results show that in seven models detection, the average detection accuracy of our method is 99.83%. Even the feature dimension is decreased to 40 by feature selection; its detection accuracy can still reach to 99.58%, which is higher than that of previous Markov method [12].

In the real world, especially for wearable context with the education information communicating, the diversified contexts need to be considered to apply the Attribute-Based Encryption. However, it is hard to design the optimized dynamic access structures because it is static access structures and properties of Attribute-Based Encryption. In this paper, we propose the attribute-based encryption using the algorithm of context-based service inference model to collect the attributes by data and to provide appropriate services by recognizing the situation. Especially it is analyzed that the students' answering process is sectionalized to several scenarios according to teachers' educational objective and plan in educational environment. And through the process it is described that the application of security policy and technology must be distinguished by tables.

Quantum key distribution (QKD) protocol techniques are used in the distribution of keys using the laws of physics. Quantum secret sharing (QSS), quantum secure direct communication, and quantum teleportation, which are all included under QKD, are used to share or distribute a secure key in a quantum environment. In QSS, we share a key based on the quantum properties of light. We emphasize cooperation between communicating parties to eliminate untrustworthy members and to improve the strength of the key. The results obtained showed that using the proposed method, it is difficult for eavesdroppers to obtain the key.

Distributed Denial of Service (DDoS) attacks has been a prominent threat to the Internet community. The attack effect is recognized by large number of client base due to the dependency of majority users on World Wide Web. In such an attack, the attacker targets a machine or a server to thwart its services to the intended users. These attacks are majorly motivated by the presence of multiple groups of hackers present on the Internet. As the research has progressed in this field, researchers have encountered a lot many ways through which attacks have been successful launched. In early years of its birth, the Internet was not designed keeping in mind various possible security aspects thus it lacked this immunity in present day. This paper covers the advent of the DDoS attacks along-with their types. We have also designed certain simulation scenarios based on flooding based DDoS attacks to measure its impact on legitimate users. A discussion on the present solutions to combat such attack situations concludes our work.

In this paper, we analyzed the essential meaning of the catastrophe risk on the basis of many results that is the bottleneck of the catastrophe risk analysis is complex. One way to resolve or alleviate this problem is to analyze the risk from the viewpoint of fuzzy logic-fuzzy catastrophic risk (FCR) analysis. We propose the concept of synthetic effect, present its axiomatic foundation, and further establish a FCR model based on synthetic effect as well as the general solution model. Finally, we specify the model by considering catastrophe risk in Shanghai. The results indicate that the method is not only accommodates the existing fuzzy decision-making methods, but also successfully incorporates the decision preference into the optimization process. Therefore, the FCR model can be widely used in many fields such as complex systems optimization and decision-making.

In recent years, with the high-speed development of cloud computing and its universal application, the cloud security technology is more and more important. In cloud computing, it is mainly through the resource sharing and collaborative action to meet the demand for an unlimited access speed, unlimited storage space and a reliable resource protection for users. For the secure access resources among different domains in cloud network, today most Cloud Computing Systems provide data security and mutual authentication with asymmetric and traditional public key cryptography. For these researches, the authentication process is cumbersome, and the certificate management is complex, which would bring some inconvenience for mutual authentication among servers or users in a Hybrid Cloud. This paper provides a security authentication protocol among multiple domains. It adopts the direct product decomposition and linear mapping technology of cyclic group to achieve mutual authentication between members in multi-domain systems or heterogeneous networks. Extensive security and performance analysis show that the proposed schemes have the advantages of in security, computation consumption and Communication consumption. It is suitable for safety authentication in large-scale Cloud computing environment.

Intelligent home network has to notify the context data instantly to the profiler when home device user's main context such as user and access right are changed and renew the profiling with the updated context [1]. To make it sense, we propose the profile based intelligent home network device access control. It includes; (1) Intelligence profiling generation study (2) an intelligent home network configuration and management study, and (3) an intelligent profiling multiple signature study. So, in this study, it suggests a secure profile structure.