Hany F. Atlam

Comparative Study on CBIR based on Color Feature

Content Based Image Retrieval (CBIR) system helps users to retrieve relevant images based on their contents. It finds images in large databases by using a unique image feature such as texture, color, intensity or shape of the object inside an image. This paper presents a comparative study between the feature extraction techniques that based on color feature. These techniques include Color Histogram, HSV Color Histogram and Color Histogram Equalization. In this study, the retrieval process is first done by measuring the similarities between the query image and the images within the WANG database using two approaches: Euclidean distance and correlation coefficients. Then, the comparison is carried out by measuring the accuracy, error rate and elapsed time of each technique.

XACML for Building Access Control Policies in Internet of Things.

Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an efficient access control model for the IoT require selecting an appropriate access policy language to implement access policies. Therefore, this paper presents an overview of most common access policy languages. It starts with discussing different access control models and features of the access policy. After reviewing different access policy languages, we proposed XACML as the most efficient and appropriate policy language for the IoT as it compatible with different platforms, provides a distributed and flexible approach to work with different access control scenarios of the IoT system. In addition, we proposed an XACML model for an Adaptive Risk-Based Access Control (AdRBAC) for the IoT and showed how the access decision will be made using XACML.

An overview of risk estimation techniques in risk-based access control for the internet of things

The Internet of Things (IoT) represents a modern approach where boundaries between real and digital domains are progressively eliminated by changing over consistently every physical device to smart object ready to provide valuable services. These services provide a vital role in different life domains but at the same time create new challenges particularly in security and privacy. Authentication and access control models are considered as the essential elements to address these security and privacy challenges. Risk-based access control model is one of the dynamic access control models that provides more flexibility in accessing system resources. This model performs a risk analysis to estimate the security risk associated with each access request and uses the estimated risk to make the access decision. One of the essential elements in this model is the risk estimation process. Estimating risk is a complex operation that requires the consideration of a variety of factors in the access control environment. Moreover, the interpretation and estimation of the risk might vary depending on the working domain. This paper presents a review of different risk estimation techniques. Existing risk-based access control models are discussed and compared in terms of the risk estimation technique, risk factors, and the evaluation domain. Requirements for choosing the appropriate risk estimation technique for the IoT system are also demonstrated.

The Impact of Cloud Forensic Readiness on Security.

The rapid increase in the use of cloud computing has led it to become a new arena for cybercrime. Since cloud environments are, to some extent, a new field for digital forensics, a number of technical, legal and organisational challenges have been raised. Although security and digital forensics share the same concerns, when an attack occurs, the fields of security and digital forensics are considered different disciplines. This paper argues that cloud security and digital forensics in cloud environments are converging fields. As a result, unifying security and forensics by being forensically ready and including digital forensics aspects in security mechanisms would enhance the security level in cloud computing, increase forensic capabilities and prepare organizations for any potential attack.

Internet of Nano Things: Security Issues and Applications

Nanotechnology provides new solutions for numerous applications that have a significant effect on almost every aspect of our community including health monitoring, smart cities, military, agriculture, and industry. The interconnection of nanoscale devices with existing communication networks over the Internet defines a novel networking paradigm called the Internet of Nano-Things (IoNT). The IoNT involves a large number of nanosensors that used to provide more precise and detailed information about a particular object to enable a better understanding of object behaviour. In this paper, we investigate the challenges and opportunities of the IoNT system in various applications. An overview of the IoNT is first introduced. This is followed by a discussion of the network architecture of the IoNT and various applications that benefit from integrating IoT with nanotechnology. In the end, since security is considered to be one of the main issues of the IoNT system, we provide an in-depth discussion on security goals, attack vectors and security challenges of the IoNT system.