Hua-Yi Lin

Resilient Cluster-Organizing Key Management and Secure Routing Protocol for Mobile Ad Hoc Networks

Unlike traditional networks, the characteristics of mobile wireless devices that can dynamically form a network without any infrastructure and wired line mean that mobile ad hoc networks frequently display partition owing to node mobility or link failures. Consequently, an ad hoc network is difficult to provide on-line access to trusted authorities or centralized servers. Despite the existence of well-known security mechanisms, the absence of a stationary central authorization facility in an open and distributed communication environment is a major challenge. Consequently, applying traditional Public Key Infrastructure (PKI) security architecture to mobile ad hoc networks will create secure blind sides. Based on this perspective, this study proposes a novel scalable and robust cluster-organized key management scheme. Distribution of trust to an aggregation of cluster heads using a threshold scheme faculty provides mobile ad hoc networks with robust key management. Furthermore, the proposed approach provides Certificate Authority (CA) with a fault tolerance mechanism to prevent a single point of compromise or failure, and saves CA large repositories from maintaining member certificates, making the proposed approach more suitable for numerous mobile devices. Additionally, this study proposes a Cluster Secure Based Routing Protocol (CSBRP) to integrate into the key management to enhance non-repudiation of routing information and routing performances. Finally, this study introduces a mathematical model to demonstrate that the proposed cluster-based communication outperforms the node-based approach.

Efficient key agreements in dynamic multicast height balanced tree for secure multicast communications in ad hoc networks

Alterations and unpredictability of the network topology in mobile ad hoc networks (MANETs) are less capable of ensuring the security of multicast data transmissions than in conventional networks. Despite the recent development of many key agreement protocols for MANETs, to our knowledge, only a few secure multicast data transmissions have been integrated into the key agreement. This study proposes a dynamic multicast height balanced group key agreement (DMHBGKA) that allows a user in a multicast group to efficiently and dynamically compose the group key and securely deliver multicast data from a multicast source to the other multicast group users in wireless ad hoc networks. The hierarchical structure of the proposed key agreement partitions the group members into location-based clusters capable of reducing the cost of communication and key management when member joins or leave networks. Moreover, based on elliptic curve Diffie-Hellman (ECDH) cryptography key management, the proposed scheme not only provides effective and efficient dynamic group key reconstructions and secures multicast data transmissions but also fits the robustness of the wireless networks and lowers overhead costs of security management.

A web-based travel system using mashup in the RESTful design

According to the progress of web applications, websites are always designed toward facilitating interactive information sharing, establishing user-oriented service, and providing interoperability, and collaboration mechanisms. Colloquially, web applications in a service-oriented architecture are implemented as web services with XML-based protocols to provide plentiful information to users by object-oriented techniques. However, the above approach usually builds the complex and completed service combining and reusing separated function units instead of rapid development and URI-based service. This study establishes a travel website as a mashup-based web application based on an alternative approach as the architectural style of the website itself, representational state transfer. Using the mashup scheme, the proposed website is developed with the announced APIs of the third party to include rich service or resource from other web applications. The proposed case study also presented the efficient development with low cost and the effective finished features conforming users requirement. The advantages for the adopted schemes are described by implementing the proposed travel website.

Secured map reduce computing based on virtual machine using threshold secret sharing and group signature mechanisms in cloud computing environments

Nowadays, cloud computing becomes a popular technology which combines resources of numerous physical computers and servers to perform distributed computing. The main benefit of cloud computing is that this technology decreases computing costs and infrastructures, allowing much more efficient computing. Through a portal, users submit working tasks and receive the results without assigning to specific servers. Nevertheless, the computers of users and enterprises are located in cloud, and arbitrary clients can randomly log on and take private data away. Thus, the cloud security becomes a significant subject. In this paper, we exploit the threshold crypto sharing (Desmedt and Frankel in Advances in cryptology—CRYPTO’89, 1990) with group signature mechanism to secure transmitted data. During map and reduce phases, this mechanism can protect the divided and merged messages from being tampered with. Additionally, this study exploits a virtual machine platform to simulate cloud computing environments and then perform security operations. Experimental results show that the mechanism presented has lower cost comparing to other existing ones and very promising its application in cloud environments.

Inter-cluster routing authentication for ad hoc networks by a hierarchical key scheme

Dissimilar to traditional networks, the features of mobile wireless devices that can actively form a network without any infrastructure mean that mobile ad hoc networks frequently display partition due to node mobility or link failures. These indicate that an ad hoc network is difficult to provide on-line access to a trusted authority server. Therefore, applying traditional Public Key Infrastructure (PKI) security framework to mobile ad hoc networks will cause insecurities. This study proposes a scalable and elastic key management scheme integrated into Cluster Based Secure Routing Protocol (CBSRP) to enhance security and non-repudiation of routing authentication, and introduces an ID-Based internal routing authentication scheme to enhance the routing performance in an internal cluster. Additionally, a method of performing routing authentication between internal and external clusters, as well as inter-cluster routing authentication, is developed. The proposed cluster-based key management scheme distributes trust to an aggregation of cluster heads using a threshold scheme faculty, provides Certificate Authority (CA) with a fault tolerance mechanism to prevent a single point of compromise or failure, and saves CA large repositories from maintaining member certificates, making ad hoc networks robust to malicious behaviors and suitable for numerous mobile devices.

A Mobile Application Framework for Rapid Integration of Ubiquitous Web Services

This paper describes a mobile application framework with multimodal dialogues to integrate ubiquitous web services. We implement a tourism widget based on Android platform with dynamic HTTP-based REST service on Internet by following the proposed framework. Generally, to obtain linked data or resource from external HTTP-based service could be as simple as the establishment of remote services with an internal data repository supervised by producers. We discuss the complexity and usability of integration between the widget and internal or external web services in the framework. The widget provides not only the tour-based inquiry services by web services but also the maintenance of individual tour schemes with a number of dialogue interfaces. Three categories of components are constructed to process user inquiry, then to obtain responses through the usability of web services or from local backup dataset. As experience results, data exchange with different formats between the widget and server-side web services are emulated.

Secure Map Reduce Data Transmission Mechanism in Cloud Computing Using Threshold Secret Sharing Scheme

With the fast development of the internet network, combining the structure of distributing operation is paid attention to gradually. Especially on Internet, numerous personal computers share their resources such as CPU, memory, disk and network with each other. Cloud computing exploits this advantage of integrating with many operational resources over Internet to reach borderless services. Additionally, cloud computing owns strong arithmetic capacity. Through login, users perform any program [1, 2] and carry out the expected operation result. However, personal computers are exposed to open environments, and arbitrarily accept anonymous users to sign in and take personal information away. Therefore, the security issue of cloud computing becomes an important challenge. At present, most of cloud computing exploit Map and Reduce functions to perform divide and merge message respectively that lack information protection mechanisms. This study proposes a secure Map Reduce mechanism using a threshold secret sharing scheme to enhance the security of transmitted data.

Secure protocols for data propagation and group communication in vehicular networks

Vehicular networks are organized with high-mobility vehicles, which are a challenge to key agreement and secured communication among vehicles; hence, efficient cryptography schemes for lightweight ciphers are essential. Many security schemes for vehicular networks particularly take the secure propagation of traffic-related information into account. Group communication is desirable in vehicular networks, while groups of friends drive the vehicles to travel together. In this study, it is applied an asymmetric key mechanism and a group-based Elliptic Curve cryptograph to authenticate data propagation as also to individually secure group communication. The data propagation includes a flooding delay mechanism, where each vehicle participant in the propagation calculates an individual delay for propagation. As groups of vehicles move on the roadway toward same destinations, two alternative schemes of group key agreement in vehicle-to-vehicle and vehicle-to-infrastructure modes are proposed to secure group communication among the vehicles. Security analysis results present that the proposed schemes can effectively prevent malicious vehicle from participating in vehicular communications. Evaluation results show that the propagation delay mechanism can effectively reduce broadcast collision, and the delay results of the group key agreement schemes are acceptable.

Cooperative secure data aggregation in sensor networks using elliptic curve based cryptosystems

Remote sensing infrastructures are now in widespread use to acquire detected information. Since the deployed nodes are separated, they need to cooperatively communicate sensed data to the base station, as shown in Fig.1. Additionally, the carried information probably contains confidential data. However, the properties of wireless communications are vulnerable to an exposed environment. Hence, secure data transmissions for cooperative information integration in sensor networks are essential. In general, wireless sensor nodes have limited resources, and they cannot provide sufficient CPU, memory and bandwidth to address complex operations. The proposed scheme depends on Discrete Logarithm Problem (DLP) of Elliptic Curve Cryptography (ECC), and exploits a smaller key size to achieve comparable security levels than Rivest Shamir Adleman (RSA) and Diffie-Hellman (DH) cryptosystems. Consequently, this paper exploits Elliptic Curve Diffie-Hellman (ECDH) based security methods to achieve cooperative secure information integration.

Information service on scalable ad-hoc mobile wireless networks

Mobile ad-hoc networks (MANETs) is one of the new services with a dynamic configuration. It is hard to manage since the topology is frequently changing and growing up. So far, there are no many sound studies focusing on a large scale ad-hoc service model due to its complexity. Therefore, it is an important feature for a MANET with a complete ad-hoc topology information service. In this paper, we present an information services model based on AHDT (ad-hoc domain tree). With AHDT, the information about every mobile terminals characteristic can be rapidly investigated of the wireless environment within an ad-hoc domain. This model supports mobile hosts to make a services decision correctly.