Hasoo Eun

Rethinking Vehicular Communications: Merging VANET with cloud computing

Despite the surge in Vehicular Ad Hoc NETwork (VANET) research, future high-end vehicles are expected to under-utilize the on-board computation, communication, and storage resources. Olariu et al. envisioned the next paradigm shift from conventional VANET to Vehicular Cloud Computing (VCC) by merging VANET with cloud computing. But to date, in the literature, there is no solid architecture for cloud computing from VANET standpoint. In this paper, we put forth the taxonomy of VANET based cloud computing. It is, to the best of our knowledge, the first effort to define VANET Cloud architecture. Additionally we divide VANET clouds into three architectural frameworks named Vehicular Clouds (VC), Vehicles using Clouds (VuC), and Hybrid Vehicular Clouds (HVC). We also outline the unique security and privacy issues and research challenges in VANET clouds.

Conditional privacy preserving security protocol for NFC applications

In recent years, various mobile terminals equipped with NFC (Near Field Communication) have been released. The combination of NFC with smart devices has led to widening the utilization range of NFC. It is expected to replace credit cards in electronic payment, especially. In this regard, security issues need to be addressed to vitalize NFC electronic payment. The NFC security standards currently being applied require the use of users public key at a fixed value in the process of key agreement. The relevance of the message occurs in the fixed elements such as the public key of NFC. An attacker can create a profile based on users public key by collecting the associated messages. Through the created profile, users can be exposed and their privacy can be compromised. In this paper, we propose conditional privacy protection methods based on pseudonyms to solve these problems. In addition, PDU (Protocol Data Unit) for conditional privacy is defined. Users can inform the other party that they will communicate according to the protocol proposed in this paper by sending the conditional privacy preserved PDU through NFC terminals. The proposed method succeeds in minimizing the update cost and computation overhead by taking advantage of the physical characteristics of NFC1.

Privacy-aware route tracing and revocation games in VANET-based clouds

The foreseen dream of reliable, safe, and comfortable driving experience is yet to become reality since automobile industries are testing their waters for VANET (Vehicular Ad Hoc NETwork) deployment. But nevertheless, security and privacy issues have been the root cause of hindrance in VANET deployment. Recently, VANET evolved to VANET-based clouds as a result of resources-rich high-end cars. Soon after, Hussain et al. defined different architectural frameworks for VANET-based clouds. In this paper, we aim at a specific framework namely VuC (VANET using Clouds) where VANET and CC (Cloud Computing) cooperate with each other in order to provide VANET users (more precisely subscribers) with services. We propose a lightweight privacy-aware revocation and route tracing mechanism for VuC. Beacons broadcasted by vehicles are stored in cloud infrastructure as cooperation from VANET and after processing, cloud provides VANET subscribers with services. Revocation authorities can revoke and trace the path taken by the target node for a specified timespan by exploiting the beacons stored in the cloud. Our proposed scheme is secure, preserves conditional privacy, and is computationally less expensive than the previously proposed schemes.

A two level privacy preserving pseudonymous authentication protocol for VANET

Vehicular ad hoc network (VANET) is gaining significant popularity due to their role in improving traffic efficiency and safety. However, communication in VANET needs to be secure as well as authenticated. The vehicles in the VANET not only broadcast traffic messages known as beacons but also broadcast safety critical messages such as electronic emergency brake light (EEBL). Due to the openness of the network, a malicious vehicles can join the network and broadcast bogus messages that could result in accident. On one hand, a vehicle needs to be authenticated while on the other hand, its private data such as location and identity information must be prevented from misuse. In this paper, we propose an efficient pseudonymous authentication protocol with conditional privacy preservation to enhance the security of VANET. Most of the current protocols either utilize pseudonym based approaches with certificate revocation list (CRL) that causes significant communicational and storage overhead or group signature based approaches that are computationally expensive. Another inherent disadvantage is to have full trust on certification authorities, as these entities have complete user profiles. We present a new protocol that only requires honest-but-curious behavior from certification authority. We utilize a mechanism for providing a user with two levels of pseudonyms named as base pseudonym and short time pseudonyms to achieve conditional privacy. However, in case of revocation, there is no need to maintain the revocation list of pseudonyms. The inherent mechanism assures the receiver of the message about the authenticity of the pseudonym. In the end of the paper, we analyze our protocol by giving the communication cost as well as various attack scenarios to show that our approach is efficient and robust.

A Trustless Broker Based Protocol to Discover Friends in Proximity-Based Mobile Social Networks

Due to the rapid growth of online social networking and mobile devices, proximity based mobile social networks (PMSN) are gaining increasing popularity. PMSN refers to the social interaction among physically proximate mobile users where they directly communicate through Bluetooth/Wi-Fi. In PMSN, while making friends, users match their profiles in accordance with their interests. In this regard, preserving a user’s privacy is crucial during profile matching. Users use their profiles for matching. An attacker in user’s near proximity can learn these profiles’ values. This poses significant threat to a user’s privacy. In this regard, we propose a protocol to preserve user’s sensitive information. During discovery of friends in our protocol we use a broker that is an intermediate entity between interacting mobile users. Our protocol does not require trustworthy broker and hence no valuable information is given to broker that can cause a privacy threat. For secure computations paillier encryption has been used in our protocol. Furthermore, we implement and analyze our protocol to show its acceptable computational and communication cost.

Traffic information system: A lightweight geocast-based piggybacking strategy for cooperative awareness in VANET

As a cornerstone of VANET (Vehicular Ad Hoc Networks) system, vehicles need to have awareness information about other vehicles in the vicinity for safe driving. In this paper, we propose a lightweight geocast-based piggybacking mechanism for cooperative awareness applications in VANET. We leverage only one-hop beacons to construct both local and extended traffic views for drivers. Since multi-hop communication does not scale well, consequently our proposed scheme only exploits single-hop beacons to provide the same comparable functionality as multi-hop communication would do. The goal is achieved at the expense of a small piece of additional information (traffic classes) in the scheduled beacons. Geocast-based piggybacking has a twofold advantage over traditional flooding-based approaches; it serves as virtual multi-hop communication paradigm and it avoids broadcast storm problem.

Say Hello Again: Privacy Preserving Matchmaking Using Cloud in Encounter Based Mobile Social Networks

Mobile social networks (MSNs) are getting increasingly popular day by day. With the help of MSNs people can connect with each other online as well as offline. One of the famous applications of MSNs is profile matchmaking in which users share their interests in order to find mutual friends. However, the user of such application can be a victim of various privacy related attacks due to the revelations of users personal interests during profile matchmaking. More recent dimension of MSN is encounter-based social networks. In this scenario, the users make social contacts while sharing a common location and time. Mobile devices record the encounter information when two users are within physical proximity and at a later time, their encounter history should be matched when they try to find each other again. In this paper, we propose a privacy preserving matchmaking protocol in which users share the encounter information and later utilize a cloud server to post encounter information in order to privately match their profiles with unknowns to whom they shared the encounter. In our protocol, neither the users nor the cloud server is able to discover the interests of either participants during matchmaking. To the best of our knowledge, this approach is the first attempt that combines encounter based social networks and fine-grained profile matchmaking. Towards the end of the paper, we present security analysis as well as performance evaluation that shows the effectiveness and feasibility of our protocol.

A Hybrid Approach for Efficient Privacy-Preserving Authentication in VANET

A vehicular ad hoc network (VANET) serves as an application of the intelligent transportation system that improves traffic safety as well as efficiency. Vehicles in a VANET broadcast traffic and safety-related information used by road safety applications, such as an emergency electronic brake light. The broadcast of these messages in an open-access environment makes security and privacy critical and challenging issues in the VANET. A misuse of this information may lead to a traffic accident and loss of human lives atworse and, therefore, vehicle authentication is a necessary requirement. During authentication, a vehicle’s privacy-related data, such as identity and location information, must be kept private. This paper presents an approach for privacy-preserving authentication in a VANET. Our hybrid approach combines the useful features of both the pseudonym-based approaches and the group signature-based approaches to preclude their respective drawbacks. The proposed approach neither requires a vehicle to manage a certificate revocation list, nor indulges vehicles in any group management. The proposed approach utilizes efficient and lightweight pseudonyms that are not only used for message authentication, but also serve as a trapdoor in order to provide conditional anonymity. We present various attack scenarios that show the resilience of the proposed approach against various security and privacy threats. We also provide analysis of computational and communication overhead to show the efficiency of the proposed technique. In addition, we carry out extensive simulations in order to present a detailed network performance analysis. The results show the feasibility of our proposed approach in terms of end-to-end delay and packet delivery ratio.

Combining SVC and CAS modules to support heterogeneous devices

CAS used in IPTV and DTV was designed to transfer a single content through a single stream. But, if CAS is combined with SVC coding technique, it can be improved to support diverse video applications through a single streaming. In this paper, we analyze the issues that can occur if SVC is applied to CAS, and also propose SVC encryption module in the CAS environment. The proposed schemes safety is guaranteed by the safety of the existing CAS and oneway hash function. Also, the proposed scheme has an advantage of relatively small overheads in the existing CAS.

Towards Achieving Anonymity in LBS: A Cloud Based Untrusted Middleware

Technological advancements in mobile technology and cloud computing open the door for another paradigm known as Mobile Cloud Computing (MCC). This integration of cloud computing and mobile technology gives numerous facilities to a mobile user, such as the ubiquitous availability of Location Based Services (LBS). The utilization of these LBS services require the knowledge of a users location, hence threatens the privacy of a user. In this paper we take advantages of ultra-fast processing and reliability of cloud computing and aim to solve the privacy threat issue faced by a mobile user while getting LBS services. We propose a model that utilizes a cloud based server which helps in making of a cloaking region. We highlight that how our model utilizes an untrusted cloud based server and eliminates the use of a trusted anonymizer while providing LBS services to a user securely and anonymously.