Abdullahi Arabo

System-of-systems boundary check in a public event scenario

In any system-of-systems the potential exists for interactions between systems to occur that may affect the security of the overall system. We present a scenario that aims to highlight such problems, in particular that of security at a network boundary. This scenario considers cooperation and interactions between organisations and systems in the context of a major public event, such as a sporting or entertainment event. Based on this we present a modelling tool able to highlight potential access violations that might occur through transfer of data between multiple organisations and suggest ways to mitigate these vulnerabilities. The use of the modelling tool for network boundary checking is demonstrated, using the example scenario. Suggestions are made as to how security and effectiveness can be achieved by applying safeguards to vulnerable areas, while allowing the free flow of data between organisations where this is known to be safe.

Towards a Context-Aware Identity Management in Mobile Ad Hoc Networks (IMMANets)

The issue of digital identity is at the heart of many contemporary strategic innovations, covering crime, internal and external security, business models etc. The area of MANets (Mobile Ad-hoc Networks) is still in its infancy in the research community, but it plays a vital role surrounded by the growing trend of mobile technology for business, private and governmental uses. The emergent notion of ubiquitous computing makes it possible for mobile devices to communicate and provide services via networks connected in an ad-hoc manner. In this paper we present the current research issues within the field of MANets and highlight some challenges for future studies. The main focus is on the area of identity management (IM), context-awareness and user-centricity for MANets together with its security issues and implications. We conclude with the need of a research into the area of IMMANets.

Identity management in System-of-Systems Crisis Management situation

In System-of-Systems coalitions scenarios there are always partners who are heterogeneous in terms of technology, skills, security requirements, sensitivity of information and trustworthiness. At the same time these partners normally come together in Communities of Interest (CoI) perhaps for a short period of time to achieve a common goal. All or some of these partners might have different roles in CoI, but sharing of information is of crucial importance. Hence, the ability to properly identify each partner within CoI and protect their identities while at the same time allowing them to utilise their devices in such situations requires the ability to negotiate interoperation between groups with different security polices and the ability to make security policy decisions in real-time. In this paper, we provide a scenario that involves different parties within CoI and present a proof of concept that will allow each member to join a CoI community while controlling how much of its information is being revealed based on its specified policies and role with CoI. We have also presented an outdoor experiment for the proposed methodology and our developed test bed.

Data Mishandling and Profile Building in Ubiquitous Environments

In any systems or environments within a ubiquitous computing context that promotes the concept of users interaction or inter-organization communication, more specifically data sharing and takes users within such context as relevant contextual information, there is the potential for interactions between systems to occur that may affect the security of the overall system. We present a scenario that aims to highlight such potential problems, in particular the problem of security at sharing information and protecting profile building from such shared information. This scenario considers cooperation and interactions between individuals and systems that might occur in the context of a public event, such as a conference, crisis situation or entertainment event. Based on this we present a modelling tool able to highlight potential information sharing and profile building issues as well as access violations that might occur through the transfer of data between multiple individuals and suggest ways of defining policies dynamically and filtering only relevant contextual information for the user, to mitigate such a problem.

Situation Awareness in Systems of Systems Ad-Hoc Environments

In disaster management environments with systems of systems operating in an ad hoc manner, the utilization of environmental resources, also known as situation awareness, is of curial importance. This is more crucial especially in a situation where various emergency teams are dealing with a complex disaster that is spread over a large geographical area. By situation awareness we are referring to the acknowledgment and usage of available contextual information. Context is information that can be used to characterize situations or an entity that is considered relevant in the interaction process of a user or an application. Thus the effective use of contextual information in ad hoc environments can extensively expand the adaptation of such an application. The main focus of this paper is on utilizing diverse contextual information within such environments to improve the way various systems interact and assist in an effective crisis management. We propose a methodology that makes the sharing of contextual information between systems more efficient as well as giving users full control.

Context-Aware Identity Management in Pervasive Ad-hoc Environments

Contextual information and Identity Management (IM) is of paramount importance in the growing use of portable mobile devices for sharing information and communication between emergency services in pervasive ad-hoc environments. Mobile Ad-hoc Networks (MANets) play a vital role within such a context. The concept of ubiquitous/pervasive computing is intrinsically tied to wireless communications. Apart from many remote services, proximity services (context-awareness) are also widely available, and people rely on numerous identities to access these services. The inconvenience of these identities creates significant security vulnerability as well as user discomfort, especially from the network and device point of view in MANet environments. In this article, the authors address how contextual information is represented to facilitate IM and present a User-centered and Context-aware Identity Management (UCIM) framework for MANets.

Privacy-aware IoT cloud survivability for future connected home ecosystem

Cloud services can greatly enhance the capabilities of mobile and smart devices, particularly within the ecosystem of connected home futures. A single device now performs multiple functions: organizing contacts and calendars, playing games, storing sensitive personal and corporate information, and even making phone calls. Mobile devices are currently, largely single-user systems. Despite the fact that a device can be used for various purposes, the dividing line between data and applications applied in differing domains is poorly defined. Extending such complexities to the cloud raises a host of issues relating to data ownership, cloud-centric security modules, data/device centric mobile security solutions, and cloud-centric data management. Device survivability, remote device management, and contextual policy enforcement capabilities can be supported and extended by cloud services. In this paper, our contribution is threefold: firstly, we examine the issues related to mobile/smart devices and cloud services, and present a context-based, dynamic cloud security framework appropriate for connected home ecosystem futures. Secondly, we outline the key requirements for a cloud infrastructure. We outline mechanisms to handle device survivability and continuity in terms of remote back-up, remote wipe and dynamic context-aware cloud-centric smart device solutions. Thirdly, the paper also summarised some of the security threats and presents a design for a dynamic secure cloud resilience framework. The framework supports the issues of continuity, resilience and survivability of data on smart devices.

Dynamic Device Configuration in Ubiquitous Environments

The need of devices in crisis management to be configured dynamically by detecting device characteristics i.e. polices defined by the user or organization, contextual information relevant to a given scenario etc is of paramount importance. Where such information can either be already predefined or the user is allowed to define such information via automatically generated input User Interface (UI) associated to one or more extensible markup languages. Hence, the layout of the devices and behavior will be automatically configured based on policy settings and contextual information in a dynamic manner as such information changes. We present a method that allows dynamic configuration of devices that improves information systems flexibility via realizing dynamic configuration of components and enhancing management and functionality of such devices and security issues within the environment. Moreover, as this method will provide an instant configuration of devices at runtime, the components can provide and be used with uninterrupted running ability.

Mobile App Collusions and Its Cyber Security Implications

The key focus in securing mobile software systems is substantiality intended in detecting and mitigating vulnerabilities in a single app or apps developed by the same individual. It fails to identify vulnerabilities that arise as a result of interaction or the colluding of multiple apps either from the same or different vendors. The current state-of-the-art also fails to contextualize this in reference to its impact on security and cyber security issues. This paper proposes a solution that makes use of both static and dynamic analysis, to detect and notify device users of such a vulnerability and equips the user with knowledge on inter-app interaction, the misuse of Personal Identifiable Information (PII) and the sharing of other sensitive information without their consent.

A Secure Gateway Service for Accessing Networked Appliances

Currently there are a range of digital devices and the trend is moving us closer to an increasingly interconnected world. However one of the current limitations is that device usage is location dependent. For example, when you are in your home environment and your PDA, which contains MP3s, resides in your work environment, there is no mechanism to enable you to use the functionality it provides. Mechanisms need to be developed that enable devices to be used irrespective of where you or your device resides. The challenge is to create a gateway that seamlessly integrates devices from different locations. In order to achieve this several issues need to be addressed, which include Quality of Service (QoS), device capability matching, device presence management and secure connectivity in ad hoc and structured networks. We present a scenario to demonstrate our architecture showing how it can help in arranging daily home visit jobs such as engineer visits, receiving postal deliveries and so on, enabling the user to communicate with an engineer or postman while they are away from home.