George Yee

AnonDSR: efficient anonymous dynamic source routing for mobile ad-hoc networks

Security, anonymity, and scalability are still important issues for mobile ad hoc network routing protocols. We first expose the limitations of several existing mobile ad hoc network routing protocols with security and anonymity constraints and analyze their scalabilities. Based on the analysis, we propose a new anonymous dynamic source routing protocol (AnonDSR) to provide three levels of security protection. We compare their scalabilities with security constraints, and analyze the new protocol to show it has strong security and anonymity protection, and very good scalability.

Privacy and Security in E-Learning

For a variety of advantages, universities and other organizations are resorting to e-learning to provide instruction on-line. While many advances have been made in the mechanics of providing online instruction, the needs for privacy and security have to-date been largely ignored. This paper examines privacy and security issues associated with e-learning. It presents the basic principles behind privacy practices and legislation. It investigates the more popular e-learning standards to determine their provisions and limitations for privacy and security. Privacy requirements for e-learning systems are explored with respect to the “Privacy Principles”. The capabilities of a number of existing privacy enhancing technologies, including methods for network privacy, policy-based privacy/security management, and trust systems, are reviewed and assessed.

Secure dynamic distributed routing algorithm for ad hoc wireless networks

An ad hoc wireless network permits wireless mobile nodes to communicate without prior infrastructure. Due to the limited range of each wireless node, communication sessions between two nodes are usually established through a number of intermediate nodes. Unfortunately, some of these intermediate nodes might be malicious, forming a threat to the security or confidentiality of exchanged data. While data encryption can protect the content exchanged between nodes, analysis of communication patterns may reveal valuable information about end users and their relationships. Using anonymous paths for communication provides security and privacy against traffic analysis. To establish these anonymous paths, all nodes build a global view of the network by exchanging routing information. In dynamic ad hoc networks, building this global view is not an option. In this paper, we propose and analyze a distributed route construction algorithm for use in the establishment of anonymous routing paths in ad hoc wireless networks.

An analysis of online gaming crime characteristics

Purpose – To arouse the public awareness of online gaming‐related crimes and other societal influences so that these problems can be solved through education, laws and appropriate technologies.Design/methodology/approach – A total of 613 criminal cases of online gaming crimes that happened in Taiwan during 2002 were gathered and analyzed. They were analyzed for special features then focusing on the tendency for online gaming crime. Related prosecutions, offenders, victims, criminal methods, and so on, were analyzed.Findings – According to our analysis of online gaming characteristics in Taiwan, the majority of online gaming crime is theft (73.7 percent) and fraud (20.2 percent). The crime scene is mainly in internet cafes (54.8 percent). Most crimes are committed within the 12:00 to 14:00 time period (11.9 percent). Identity theft (43.4 percent) and social engineering (43.9 percent) are the major criminal means. The offenders (95.8 percent) and victims (87.8 percent) are mainly male and offenders always p...

Bilateral e-services negotiation under uncertainty

This paper presents an approach for bilateral negotiation between an e-service provider and an e-service consumer in the presence of uncertainty. The approach can be applied to any type of negotiation, including buyer/seller negotiation. The type of uncertainty discussed is uncertainty of what offers and counteroffers to make, at a particular point in the negotiation. The approach makes use of reputation to arrive at a list of candidates who have negotiated the same or similar issues in the past, from whom the negotiator can learn the possible offers and counteroffers that could be made.

Privacy policy compliance for Web services

The growth of the Internet has been accompanied by the growth of Web services (e.g. e-commerce, e-health). This proliferation of Web services and the increasing regulatory and legal requirements for personal privacy have fueled the need to protect the personal privacy of Web service users. We advocate a privacy policy negotiation approach to protecting personal privacy (Yee and Korba, 2003; ). We provided semiautomated approaches for deriving personal privacy policies (Yee and Korba, 2004). However, it is evident that approaches are also needed to ensure that providers of Web services comply with the privacy policies of service users. In this paper, we examine privacy legislation to derive requirements for privacy policy compliance systems. We then propose an architecture for a privacy policy compliance system that satisfies the requirements and discuss the strengths and weaknesses of our proposed architecture.

Trust in E-services: Technologies, Practices and Challenges

The tremendous growth of the Internet is successfully making a variety of e-services a part of citizens everyday life. E-services such as: Web-banking, Web shopping, e-learning, e-healthcare, and e-government, are available in most countries around the world. Trust in E-Services: Technologies, Practices and Challenges provides an overview of e-service trust issues, including: definitions, constructs, and relationships with other research topics such as security, privacy, reputation, and risk. Trust in E-Services: Technologies, Practices and Challenges introduces and discusses the existing trust platforms and management tools such as trust evaluation, reasoning approaches, and mechanisms for e-services. This book also offers contributions from researchers and practitioners with real-life experience and practice on how to build a trust environment for e-government services.

Applying word sense disambiguation to question answering system for e-learning

Interaction between the student and the instructor is important for the student to gain knowledge. Also, one of the major tasks on the instructor in e-learning is to reply student e-mails and posted messages. Students usually raise their questions by these two methods in an e-learning environment. In this paper, we introduce a semantic-based automated question answering system that can act like a virtual teacher to respond to student questions online. With the system, not only the instructor can be relieved from the load of answering lots of questions, but also the student can mostly get answers promptly without waiting for the instructor to get online and provide an answer. This would be a big help for both the instructor and the student in e-learning environment. Through the process of raising questions and getting answers, the knowledge base will be enriched for future questions answering. Further, not only the students can get answers for their questions, but also the instructors could know what problems students encounter in learning. These would be big aids to both the teaching and the learning.

Privacy and Security for Cloud Computing

This book analyzes the latest advances in privacy, security and risk technologies within cloud environments. With contributions from leading experts, the text presents both a solid overview of the field and novel, cutting-edge research. A Glossary is also included at the end of the book. Topics and features: considers the various forensic challenges for legal access to data in a cloud computing environment; discusses privacy impact assessments for the cloud, and examines the use of cloud audits to attenuate cloud security problems; reviews conceptual issues, basic requirements and practical suggestions for provisioning dynamically configured access control services in the cloud; proposes scoped invariants as a primitive for analyzing a cloud server for its integrity properties; investigates the applicability of existing controls for mitigating information security risks to cloud computing environments; describes risk management for cloud computing from an enterprise perspective.

Anonymous Communications for Mobile Agents

Anonymous communication techniques are vital for some types of e-commerce applications. There have been several different approaches developed for providing anonymous communication over the Internet. In this paper, we review key techniques for anonymous communication and describe an alternate anonymous networking approach based on agile agents intended to provide anonymous communication protection for mobile agent systems.