• Journal of Communications and Networks
• /
• 제13권2호
• /
• pp.175-186
• /
• 2011

The proliferation of advanced technologies has been altering our lifestyle and social interactions-the next frontier is the digital home. Although the future of smart homes is promising, many technical challenges must be addressed to achieve convenience and security. In this paper, we delineate the unique combination of security challenges specifically for access control and consider the challenges of how to simply and securely assign access control policies to visitors for home devices and resources. We present a set of intuitive access control policies and suggest four access control settings based on our in-person interview results. Furthermore, we propose the automated Clairvoyant access right assignment (CARA) mechanism that utilizes home owners' social relationship to automatically deduce to which class a visitor belongs. The combination of CARA and the suggested mapping provides a promising first step for home policy assignment such that nonexpert home owners can let visitors use their home network with confidence. We anticipate that future research can build on our proposed mechanisms to provide confidence to non-expert home owners for letting visitors use their home network.

• Journal of Information Processing Systems
• /
• 제15권4호
• /
• pp.765-784
• /
• 2019

The smart city is one of the most promising, prominent, and challenging applications of the Internet of Things (IoT). Smart cities rely on everything connected to each other. This in turn depends heavily on technology. Technology literacy is essential to transform a city into a smart, connected, sustainable, and resilient city where information is not only available but can also be found. The smart city vision combines emerging technologies such as edge computing, blockchain, artificial intelligence, etc. to create a sustainable ecosystem by dramatically reducing latency, bandwidth usage, and power consumption of smart devices running various applications. In this research, we present a comprehensive survey of emerging technologies for a sustainable smart city network. We discuss the requirements and challenges for a sustainable network and the role of heterogeneous integrated technologies in providing smart city solutions. We also discuss different network architectures from a security perspective to create an ecosystem. Finally, we discuss the open issues and challenges of the smart city network and provide suitable recommendations to resolve them.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제18권6호
• /
• pp.1619-1637
• /
• 2024

In today's highly digitized landscape, securing digital communication is paramount due to threats like hacking, unauthorized data access, and network policy violations. The response to these challenges has been the development of cryptography applications, though many existing techniques face issues of complexity, efficiency, and limitations. Notably, sophisticated intruders can easily discern encrypted data during transmission, casting doubt on overall security. In contrast to encryption, steganography offers the unique advantage of concealing data without easy detection, although it, too, grapples with challenges. The primary hurdles in image steganography revolve around the quality and payload capacity of the cover image, which are persistently compromised. This article introduces a pioneering approach that integrates image steganography and encryption, presenting the BitPatternStego method. This novel technique addresses prevalent issues in image steganography, such as stego-image quality and payload, by concealing secret data within image pixels with identical bit patterns as their characters. Consequently, concerns regarding the quality and payload capacity of steganographic images become obsolete. Moreover, the BitPatternStego method boasts the capability to generate millions of keys for the same secret message, offering a robust and versatile solution to the evolving landscape of digital security challenges.

• International Journal of Computer Science & Network Security
• /
• 제24권7호
• /
• pp.123-127
• /
• 2024

Cloud computing services has gained increasing popularity in recent years for supporting various on demand and scalable services for IT consumers where there is a need of less investment towards infrastructure. While storage architecture of cloud enjoys a more robust and fault-tolerant cloud computing network, such architecture also poses a number of security challenges especially when applied in applications related to social networks, Financial transactions, etc. First, as data are stored and maintained by individual virtual machines so Cloud resources are prone to hijacked. Such attacks allow attackers to create, modify and delete machine images, and change administrative passwords and settings successfully. hence, it is significantly harder to ensure data security. Second, Due to dynamic and shared nature of the Cloud, data may be compromised in many ways. Last but not least, Service hijacking may lead to redirect client to an illegitimate website. User accounts and service instances could in turn make a new base for attackers. To address the above challenges, we propose in this paper a distributed data access control scheme that is able to fulfil fine-grained access control over cloud data and is resilient against strong attacks such as compromise and user colluding. The proposed framework exploits a novel cryptographic primitive called attribute-based encryption (ABE), tailors, and adapts it for cloud computing with respect to security requirements

• International Journal of Computer Science & Network Security
• /
• 제22권6호
• /
• pp.75-82
• /
• 2022

Medical data is one of the data that must be kept in safe containers, far from intrusion, viewing and modification. With the technological developments in hospital systems and the use of cloud computing, it has become necessary to save, encrypt and even hide data from the eyes of attackers. Medical data includes medical images, whether they are x-ray images of patients or others, or even documents that have been saved in the image format. In this review, we review the latest research and the latest tools and algorithms that are used to protect, encrypt and hide these images, and discuss the most important challenges facing these areas.

• International Journal of Computer Science & Network Security
• /
• 제23권8호
• /
• pp.33-39
• /
• 2023

The global surge in depression and anxiety, intensified by challenges such as cost and stigma, emphasizes the pressing need for accessible, evidence-based digital solutions. The research centers on the creation of a mobile application specifically designed to address mental health challenges. By integrating cognitive behavioral therapy techniques and features like appointment bookings and mindfulness feedback tools, the app is positioned to improve user outcomes. Utilizing platforms like React Native and React, combined with NestJS for enhanced backend security, the application adheres to the rigorous standards required for mental health interventions. Collaborative efforts with experts, notably the counseling unit of IIUM, ensure the app's alignment with contemporary best practices and research. Preliminary findings indicate a promising tool with the potential to address the global mental health treatment disparity.

• 융합보안논문지
• /
• 제2권2호
• /
• pp.77-88
• /
• 2002

이동에이전트 시스템은 이동에이전트 영역을 지원하기 위한 내부 구조이다. 본 논문에서는 이러한 내부 구조를 설계하면서 만나는 주요 요구사항을 분석하고 설명하고자 한다. 일반적인 이동에이전트 시스템을 설명한 후, 이동에이전트 시스템 설계의 요구사항을 시스템 수준과 프로그래밍 언어 수준으로 구분하여 설명하고자 한다. 이동에이전트의 실행환경 개발에서 주로 요구되는 에이전트의 이동성과 보안성의 제공 등이 시스템 수준의 요구사항이다. 주로 라이브러리 수준에서의 이동에이전트의 프로그래밍을 위해 제공되는 에이전트 프로그래밍 모델과 특징들과 같은 것이 프로그래밍 언어 수준의 요구사항이다. 본 논문에서는 이와 같은 시스템 및 프로그래밍 언어 수준의 요구사항을 명확히 하고 개발자들이 이러한 요구사항을 만족시키기 위한 방법들을 설명하며, 특히 이동에이전트의 보안을 위한 요구사항들에 대하여 분석하고자 한다.

• 디지털산업정보학회논문지
• /
• 제19권2호
• /
• pp.39-46
• /
• 2023

The rise in popularity of cloud services has brought about a heightened concern for security in the field of cloud computing. As a response, governments have implemented CSAP(Cloud Security Assurance Program) to ensure the security of these services. However, despite such measures, the emergence of various security vulnerabilities persists, resulting in incidents related to cloud security breaches. To address this, the utilization of Common Vulnerabilities and Exposures (CVE) has been proposed as a means to facilitate the sharing of vulnerability information across different domains. Nevertheless, the unique characteristics of cloud services present challenges in assigning CVE IDs to the diverse range of vulnerabilities within the cloud environment. In this study, we analyzed how CVE can be effectively employed to enhance cloud security. The assignment of a CVE ID is contingent upon the fulfillment of three rules in the Counting Decision and five rules in the Inclusion Decision. Notably, the third rule in the Inclusion Decision, INC3, clashes with the nature of cloud services, resulting in obstacles in assigning CVE IDs to various cloud vulnerabilities. To tackle this issue, we suggest the appointment of designated individuals who would be responsible for overseeing specific areas of cloud services, thereby enabling the issuance of CVE IDs. This proposed approach aims to overcome the challenges associated with the unique characteristics of cloud services and ensure the seamless sharing of vulnerability information. Information sharing regarding vulnerabilities is crucial in the field of security, and by incorporating cloud vulnerabilities into the CVE system, this method can contribute to enhancing the security of cloud services.

• Asian-Australasian Journal of Animal Sciences
• /
• 제31권11호
• /
• pp.1840-1841
• /
• 2018

• International Journal of Computer Science & Network Security
• /
• 제22권5호
• /
• pp.103-114
• /
• 2022

The Internet of Things (IoT) is one of the fastest technologies that are used in various applications and fields. The concept of IoT will not only be limited to the fields of scientific and technical life but will also gradually spread to become an essential part of our daily life and routine. Before, IoT was a complex term unknown to many, but soon it will become something common. IoT is a natural and indispensable routine in which smart devices and sensors are connected wirelessly or wired over the Internet to exchange and process data. With all the benefits and advantages offered by the IoT, it does not face many security and privacy challenges because the current traditional security protocols are not suitable for IoT technologies. In this paper, we presented a comprehensive survey of the latest studies from 2018 to 2021 related to the security of the IoT and the use of machine learning (ML) and deep learning and their applications in addressing security and privacy in the IoT. A description was initially presented, followed by a comprehensive overview of the IoT and its applications and the basic important safety requirements of confidentiality, integrity, and availability and its application in the IoT. Then we reviewed the attacks and challenges facing the IoT. We also focused on ML and its applications in addressing the security problem on the IoT.