James A. Malcolm

Anonymous authentication

The contribution of this paper is a mechanism which links authentication to audit using weak identities and takes identity out of the trust management envelope. Although our protocol supports weaker versions of anonymity it is still useful even if anonymity is not required, due to the ability to reduce trust assumptions which it provides. We illustrate the protocol with an example of authorization in a role based access mechanism.

A Performance Comparison of Wireless Ad Hoc Network Routing Protocols under Security Attack

The unique characteristics of a mobile ad hoc network (MANET), such as dynamic topology, shared wireless medium and open peer-to-peer network architecture, pose various security challenges. This paper compares three routing protocols, DSDV, DSR, and AODV under security attack where two types of node misbehaviour have been investigated. Network performance is evaluated in terms of normalized throughput, routing overhead, normalized routing load, and average packet delay, when a percentage of nodes misbehave. Simulation results show that although the performance of all three routing protocols degrades, DSDV is the most robust routing protocol under security attacks. This reveals that a proactive routing protocol has the potential of excluding misbehaving nodes in advance and reducing the impact of security attack.

Genetic local search for multicast routing with pre-processing by logarithmic simulated annealing

Over the past few years, several local search algorithms have been proposed for various problems related to multicast routing in the off-line mode. We describe a population-based search algorithm for cost minimisation of multicast routing. The algorithm utilises the partially mixed crossover operation (PMX) under the elitist model: for each element of the current population, the local search is based upon the results of a landscape analysis that is executed only once in a pre-processing step; the best solution found so far is always part of the population. The aim of the landscape analysis is to estimate the depth of the deepest local minima in the landscape generated by the routing tasks and the objective function. The analysis employs simulated annealing with a logarithmic cooling schedule (logarithmic simulated annealing-LSA). The local search then performs alternating sequences of descending and ascending steps for each individual of the population, where the length of a sequence with uniform direction is controlled by the estimated value of the maximum depth of local minima. We present results from computational experiments on three different routing tasks, and we provide experimental evidence that our genetic local search procedure that combines LSA and PMX performs better than algorithms using either LSA or PMX only.

A Survey of Access Control Models in Wireless Sensor Networks

Wireless sensor networks (WSNs) have attracted considerable interest in the research community, because of their wide range of applications. However, due to the distributed nature of WSNs and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. Resource constraints in sensor nodes mean that security mechanisms with a large overhead of computation and communication are impractical to use in WSNs; security in sensor networks is, therefore, a challenge. Access control is a critical security service that offers the appropriate access privileges to legitimate users and prevents illegitimate users from unauthorized access. However, access control has not received much attention in the context of WSNs. This paper provides an overview of security threats and attacks, outlines the security requirements and presents a state-of-the-art survey on access control models, including a comparison and evaluation based on their characteristics in WSNs. Potential challenging issues for access control schemes in WSNs are also discussed.

Binding Bit Patterns to Real World Entities

Public key cryptography is often used to verify the integrity of a piece of data, or more generally to ensure that operations which modify the data have been requested and carried out by principals who are authorized to do so. This requires keys to be bound to principals in an unforgetably verifiable manner.

BTG-AC: Break-the-Glass Access Control Model for Medical Data in Wireless Sensor Networks

Wireless sensor networks (WSNs) have recently attracted much interest in the research community because of their wide range of applications. An emerging application for WSNs involves their use in healthcare where they are generally termed wireless medical sensor networks. In a hospital, outfitting every patient with tiny, wearable, wireless vital sign sensors would allow doctors, nurses, and other caregivers to continuously monitor the state of their patients. In such a scenario, patients are expected to be treated in reasonable time, so an access control model is needed, which will provide both real-time access to comprehensive medical records and detect unauthorized access to sensitive data. In emergency situations, a doctor or nurse needs to access data immediately. The loss in data availability can result in further decline in the patients condition or can even lead to death. Therefore, the availability of data is more important than any security concern in emergency situations. To address that research issue for medical data in WSNs, we propose the break-the-glass access control (BTG-AC) model that is a modified and redesigned version of the break-the-glass role-based access control (BTG-RBAC) model to address data availability issue and to detect the security policy violations from both authorized and unauthorized users. Several changes within the access control engine are made in BTG-RBAC in order to make the new BTG-AC to apply and fit in WSNs. This paper presents the detailed design and development of the BTG-AC model based on a healthcare scenario. The evaluation results show that the concepts of BTG, prevention and detection mechanism, and obligation provide more flexible access than other current access control models in WSNs. Additionally, we compare the BTG-AC model with an adaptive access control (A2C) model, which has similar properties, for further evaluation. Alongside with the comparison, the advantages and disadvantages of BTG-AC over current WSN access control models are presented.

Security Protocols XX

Overseas military members are known to be disenfranchised at a far higher rate than traditional voters. This fact stems from problems associated with the traditional vote-by-mail absentee process, which does not mesh well to the military member’s frequent address changes, mail delivery in combat environments, and the simple delay in the two way mail system. Initiatives by the Federal Voting Assistance Program aim to improve voting capabilities for U.S. military members. Among these initiatives are the efforts to provide a complete system allowing the military voter the ability to receive and cast voted ballots directly over the Internet. This paper proposes a communication protocol to securely provide this voting option to our military voters while maintaining integrity in the U.S. election process.

Modelling and Analysis of TCP Performance in Wireless Multihop Networks

Researchers have used extensive simulation and experimental studies to understand TCP performance in wireless multihop networks. In contrast, the objective of this paper is to theoretically analyze TCP performance in this environment. By examining the case of running one TCP session over a string topology, a system model for analyzing TCP performance in multihop wireless networks is proposed, which considers packet buffering, contention of nodes for access to the wireless channel, and spatial reuse of the wireless channel. Markov chain modelling is applied to analyze this system model. Analytical results show that when the number of hops that the TCP session crosses is ?xed, the TCP throughput is independent of the TCP congestion window size. When the number of hops increases from one, the TCP throughput decreases ?rst, and then stabilizes when the number of hops becomes large. The analysis is validated by comparing the numerical and simulation results.

Using n-grams to rapidly characterise the evolution of software code

Text-based approaches to the analysis of software evolution are attractive because of the fine-grained, token-level comparisons they can generate. The use of such approaches has, however, been constrained by the lack of an efficient implementation. In this paper we demonstrate the ability of Ferret, which uses n-grams of 3 tokens, to characterise the evolution of software code. Ferretpsilas implementation operates in almost linear time and is at least an order of magnitude faster than the diff tool. Ferretpsilas output can be analysed to reveal several characteristics of software evolution, such as: the lifecycle of a single file, the degree of change between two files, and possible regression. In addition, the similarity scores produced by Ferret can be aggregated to measure larger parts of the system being analysed.

An evaluation of break-the-glass access control model for medical data in wireless sensor networks

Wireless Sensor Networks (WSNs) have recently attracted a lot of attention in the research community because it is easy to deploy them in the physical environment and collect and disseminate environmental data from them. The collected data from sensor nodes can vary based on what kind of application is used for WSNs. Data confidentiality and access control to that collected data are the most challenging issues in WSNs because the users are able to access data from the different location via ad-hoc manner. Access control is one of the critical requirements to prevent unauthorised access from users. The current access control models in information systems cannot be applied straightforwardly because of some limitations namely limited energy, resource and memory, and low computation capability. Based on the requirements of WSNs, we proposed the Break-The-Glass Access Control (BTG-AC) model which is the modified and redesigned version of Break-The-Glass Role-Based Access Control (BTG-RBAC) model. The several changes within the access control engine are made in BTG-RBAC to apply and fit in WSNs. We developed the BTG-AC model in Ponder2 package. Also a medical scenario was developed to evaluate the BTG-AC model for medical data in WSNs. In this paper, detail design, implementation phase, evaluation result and policies evaluation for the BTG-AC model are presented. Based on the evaluation result, the BTG-AC model can be used in WSNs after several modifications have been made under Ponder2 Package.