Habtamu Abie

Game-based adaptive security in the Internet of Things for eHealth

The Internet of Things (IoT) is enabling the deployment of distributed applications based on ubiquitous computing and convergent networks. Due to its heterogeneous structure, it introduces new security challenges and requirements. Particularly, the security mechanisms implemented in the IoT should adapt to the dynamic context. This paper proposes a game-based model for adaptive security in the IoT, with an emphasis on eHealth applications. We use the trade-off between security-effectiveness and energy-efficiency to evaluate adaptive security strategies. We also present the results of simulation experiments to assess the performance of the proposed model. We show that our model allows extending the lifetime of the smart things by 47% compared to existing models.

Identification of Basic Measurable Security Components for a Distributed Messaging System

The lack of appropriate information security solutions in software-intensive systems can have serious consequences for businesses and the stakeholders. Carefully designed security metrics can be used to offer evidence of the security behavior of the system under development or operation. This study investigates holistic development of security metrics for a distributed messaging system based on threat analysis, security requirements, decomposition and use case information. Our approach is thus requirement-centric. The high-level security requirements are expressed in terms of lower-level measurable components applying a decomposition approach.

Adaptive security and trust management for autonomic message-oriented middleware

With the increase in societys dependence on IT communication systems, the need for dependable, trustable, robust and secure adaptive systems becomes ever more acute. Modern autonomic message-oriented middleware platforms have stringent requirements for self-healing, adapting, evolving, fault-tolerance, security and active vulnerability assessment, especially when the internal working model of a system and the environmental influences on the system are uncertain during run-time. In this paper we present an adaptive and evolving security (AES), and an adaptive trust management (ATM) approach to such autonomic messaging middleware systems, an approach that learns, anticipates, evolves and adapts to a changing environment at run-time in the face of changing threats. The methodology used in this research is partly analytical and partly experimental. This involves analysis of how the principles of AES and ATM can be applied to the environment resulting in the development of theoretical models which are then tested in practice by prototyping.

GEMOM - Significant and Measurable Progress beyond the State of the Art

GEMOM (Genetic Message Oriented Secure Middleware) is an EU FP7 ICT project that focuses on the significant and measurable increase in the end-to-end intelligence, security and resilience of complex, distributed information systems. Complex, distributed software systems are virtually impossible to implement without heavy use of messaging infrastructure. While the existing state of the art achieves arbitrary resilience by a brute-force approach, self-healing is either rudimentary or non-existent. GEMOM, with its fluid, resilient, self-healing and adaptive messaging allows for flexible messaging solutions and offers monitoring, management and maintenance incrementally. Its adaptive security solution will learn and adapt to changing environments during run-time in the face of changing threats without sacrificing the efficiency, flexibility, reliability and security of the system. This paper describes the significant and measurable progress beyond state of the art envisioned by the GEMOM project.

Metrics-driven security objective decomposition for an e-health application with adaptive security management

Emerging E-health applications utilizing IoT (Internet of Things) solutions should be sufficiently secure and robust. Adaptive security management techniques enable maintenance of sufficient security level during changing context, threats and usage scenarios. Systematic adaptive security management is based on security metrics. We analyze security objective decomposition strategies for an IoT E-health application. These strategies enable development of meaningful security metrics. Adaptive security solutions need security metrics to be able to adapt the relevant security parameters according to contextual and threat changes, which are typical for patient-centric IoT solutions used in various environments. In order to achieve this we have developed a context-aware Markov game theoretic model for security metrics risk impact assessment to measurably evaluate and validate the run-time adaptivity of IoT security solutions.

On-Line and Off-Line Security Measurement Framework for Mobile Ad Hoc Networks

We propose an integrated security measurement architecture and framework for a dynamic self-organizing monitoring system based on mobile ad hoc networks (MANETs), structured according to currently known security challenges. The aim is to predict, as well as to monitor, the security performance, concentrating on the principal effects contributing to it. We introduce an on-thefly security level estimation mechanism for MANETs. The mechanism can be used to support node-level, network segment-level and network-level decision making. At the node level, it is possible to constantly estimate the security level when choosing applications and communication mechanisms. At the network level, democratic voting among independent estimates originating from different nodes is used to increase the level of security. Furthermore, we introduce a generic security evaluation framework based on definition and decomposition of security requirements, behaviour modelling, evidence collection, and decision making. The goal of the decision making process is to make an assessment of and form conclusions about the information security level or performance of the system under investigation.

A testbed for adaptive security for IoT in eHealth

Wireless Body Area Sensor Networks (WBASNs) are networks of low-power sensing objects that collect and send vital signs of a patient using low-rate communication media. They have been originally created to improve the efficiency of e-health applications and they constitute now an important part of the Internet of Things (IoT) by bringing humans into the IoTs. The ASSET (Adaptive Security for Smart Internet of Things in eHealth) project [1] develops risk-based adaptive security methods and mechanisms for IoT in eHealth. The project requires a real-life testbed to evaluate accurately the adaptive security solutions in realistic simulation and use case scenarios. This paper describes the setup of a testbed for adaptive security for the IoT using current commercial off-the-shelf products and open source software. The particular features of the proposed testbed with regard to those published in the literature are underlined. The paper also discusses the validation of the setup through the study of the impact of antenna orientation on energy consumption. To this purpose, an estimation strategy of the energy consumption using the Holt-Winters prediction method has been developed. This will particularly be useful when studying the feasibility of the adaptive lightweight security solutions that will be part of the ASSET project.

Advanced Framework for Digital Forensic Technologies and Procedures

Abstract:  Recent trends in global networks are leading toward service‐oriented architectures and sensor networks. On one hand of the spectrum, this means deployment of services from numerous providers to form new service composites, and on the other hand this means emergence of Internet of things. Both these kinds belong to a plethora of realms and can be deployed in many ways, which will pose serious problems in cases of abuse. Consequently, both trends increase the need for new approaches to digital forensics that would furnish admissible evidence for litigation. Because technology alone is clearly not sufficient, it has to be adequately supported by appropriate investigative procedures, which have yet become a subject of an international consensus. This paper therefore provides appropriate a holistic framework to foster an internationally agreed upon approach in digital forensics along with necessary improvements. It is based on a top‐down approach, starting with legal, continuing with organizational, and ending with technical issues. More precisely, the paper presents a new architectural technological solution that addresses the core forensic principles at its roots. It deploys so‐called leveled message authentication codes and digital signatures to provide data integrity in a way that significantly eases forensic investigations into attacked systems in their operational state. Further, using a top‐down approach a conceptual framework for forensics readiness is given, which provides levels of abstraction and procedural guides embellished with a process model that allow investigators perform routine investigations, without becoming overwhelmed by low‐level details. As low‐level details should not be left out, the framework is further evaluated to include these details to allow organizations to configure their systems for proactive collection and preservation of potential digital evidence in a structured manner. The main reason behind this approach is to stimulate efforts on an internationally agreed “template legislation,” similarly to model law in the area of electronic commerce, which would enable harmonized national implementations in the area of digital forensics.

Threat Assessment of Wireless Patient Monitoring Systems

We address issues related to threat assessment of mobile patient monitoring systems using a wireless infrastructure including body area biomedical sensor networks. Several user scenarios are presented. Patient sensitive data, mobile and wireless infrastructure, and resource-constraint sensor nodes provide a challenging task of fulfilling some minimum requirements for security, privacy, reliability of the data and availability of the system. We have therefore studied threats associated to both short range and long range mobile wireless communication infrastructures, where requirements for security recommendations for such systems are presented. Emphasis is given on applications that employ a wireless infrastructure, such as biomedical sensor networks. In this work we present an informal threat assessment of mobile patient monitoring systems used with several scenarios.

A distributed digital rights management model for secure information-distribution systems

There is a need to protect digital information content and the associated usage rights from unauthorized access, use, and dissemination. The protection mechanisms should meet the requirements for the correct management of fine-grained access and usage controls and the protection of user privacy. Digital rights management (DRM) solutions have significant relevance in this context. This paper describes a distributed DRM model for a secure information-distribution system consisting of six trust-building blocks. These are (i) the user application, (ii) the authentication and authorization module, (iii) Rights-Carrying and Self-Enforcing Objects (SEOs), (iv) the privacy enforcement module, (v) theUsage Tracking and Monitoring Proxy (UTMP), and (vi) thesecurity infrastructure. SEOs are information objects that carry access and usage rights and are responsible for the fine-grained enforcement of these rights. The security infrastructure plays a pivotal role in the creation, distribution, storage, manipulation, and communication of information objects across organizational boundaries with the required level of security. Our model was originally developed for an Internet-based learning project in Norwegian schools and meets most of the aforementioned requirements.