Larry Korba

SDAR: a secure distributed anonymous routing protocol for wireless and mobile ad hoc networks

Providing security and privacy in mobile ad hoc networks has been a major issue over the last few years. Most research work has so far focused on providing security for routing and data content, but nothing has been done in regard to providing privacy and anonymity over these networks. We propose a novel distributed routing protocol which guarantees security, anonymity and high reliability of the established route in a hostile environment, such as an ad hoc wireless network, by encrypting the routing packet header and abstaining from using unreliable intermediate nodes. The major objective of our protocol is to allow trustworthy intermediate nodes to participate in the path construction protocol without jeopardizing the anonymity of the communicating nodes. We describe our protocol, SDAR (secure distributed anonymous routing), and provide its proof of correctness.

AnonDSR: efficient anonymous dynamic source routing for mobile ad-hoc networks

Security, anonymity, and scalability are still important issues for mobile ad hoc network routing protocols. We first expose the limitations of several existing mobile ad hoc network routing protocols with security and anonymity constraints and analyze their scalabilities. Based on the analysis, we propose a new anonymous dynamic source routing protocol (AnonDSR) to provide three levels of security protection. We compare their scalabilities with security constraints, and analyze the new protocol to show it has strong security and anonymity protection, and very good scalability.

Trust, Reputation, and Security: Theories and Practice

Discussions at the 5th Workshop on Deception, Fraud and Trust in Agent Societies held at the 1st International Joint Conference on Autonomous Agents and Multi-Agent Systems (AAMAS 2002) centered around many important research issues. This paper attempts to challenge researchers in the community toward future work concerning three issues inspired by the workshop’s roundtable discussion: (1) distinguishing elements of an agent’s behavior that influence its trustworthiness, (2) building reputation-based trust models without relying on interaction, and (3) benchmarking trust modeling algorithms. Arguments justifying the validity of each problem are presented, and benefits from their solutions are enumerated.

Privacy and Security in E-Learning

For a variety of advantages, universities and other organizations are resorting to e-learning to provide instruction on-line. While many advances have been made in the mechanics of providing online instruction, the needs for privacy and security have to-date been largely ignored. This paper examines privacy and security issues associated with e-learning. It presents the basic principles behind privacy practices and legislation. It investigates the more popular e-learning standards to determine their provisions and limitations for privacy and security. Privacy requirements for e-learning systems are explored with respect to the “Privacy Principles”. The capabilities of a number of existing privacy enhancing technologies, including methods for network privacy, policy-based privacy/security management, and trust systems, are reviewed and assessed.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks

An ad hoc wireless network is a temporary and dynamic environment where a group of mobile nodes with radio frequency transceivers communicate with each other without the intervention of any centralized administration or established infrastructure. Due to the limited transmission range of each mobile node, communication sessions between two nodes are usually established through a number of intermediate nodes, which are supposed to be willing to cooperate while forwarding the messages they receive to their destination. Unfortunately, some of these intermediate nodes might not be trustworthy and might be malicious, thereby forming a threat to the security and/or confidentiality of the exchanged data between the mobile nodes. While data encryption can protect the content exchanged between nodes, analysis of communication patterns may reveal valuable information about end users and their relationships. Using anonymous paths for communication provides security and privacy against traffic analysis. To establish these anonymous paths, in a traditional wired network, nodes build a global view of the network by exchanging routing information, whereas in an ad hoc wireless network, building this global view is not an option. In this paper, we propose a novel distributed routing protocol which guarantees security, anonymity and high reliability of the established route in a hostile environment, such as ad hoc wireless network, by encrypting routing packet header and abstaining from using unreliable intermediate node. The major objective of our protocol is to allow trustworthy intermediate nodes to participate in the path construction protocol without jeopardizing the anonymity of the communicating nodes. We describe our protocol, and provide its proof of correctness.

A novel solution for achieving anonymity in wireless ad hoc networks

A mobile ad hoc network consists of mobile nodes that can move freely in an open environment. Communicating nodes in a wireless and mobile ad hoc network usually seek the help of other intermediate nodes to establish communication channels. In such an open environment, malicious intermediate nodes can be a threat to the security and/or anonymity of the exchanged data between the mobile nodes. While data encryption can protect the content exchanged between nodes, routing information may reveal valuable information about end users and their relationships. The main purposes of this paper are to study the possibility of achieving anonymity in ad hoc networks, and propose an anonymous routing protocol, similar to onion routing concept used in wired networks. Our protocol includes a mechanism to establish a trust among mobile nodes while avoiding untrustworthy nodes during the route discovery process. The major objective of our protocol is to allow only trustworthy intermediate nodes to participate in the routing protocol without jeopardizing the anonymity of the communicating nodes. We present our scheme, and report on its performance using an extensive set of simulation set of experiments using ns-2 simulator. Our results indicate clearly that anonymity can be achieved in mobile ad hoc networks, and the additional overhead of our scheme to DSR is reasonably low when compared to a non-secure DSR ad hoc routing protocol.

Secure dynamic distributed routing algorithm for ad hoc wireless networks

An ad hoc wireless network permits wireless mobile nodes to communicate without prior infrastructure. Due to the limited range of each wireless node, communication sessions between two nodes are usually established through a number of intermediate nodes. Unfortunately, some of these intermediate nodes might be malicious, forming a threat to the security or confidentiality of exchanged data. While data encryption can protect the content exchanged between nodes, analysis of communication patterns may reveal valuable information about end users and their relationships. Using anonymous paths for communication provides security and privacy against traffic analysis. To establish these anonymous paths, all nodes build a global view of the network by exchanging routing information. In dynamic ad hoc networks, building this global view is not an option. In this paper, we propose and analyze a distributed route construction algorithm for use in the establishment of anonymous routing paths in ad hoc wireless networks.

Applying digital rights management systems to privacy rights management

Disclaimer The views expressed by the authors of this article are their own and may not necessarily be taken to be those of either the Dutch Data Protection Authority or the National Research Council of Canada. Abstract While there are growing concerns about how to manage citizen privacy, currently there are no established technology solutions that meet the privacy needs required in some cases by legislation. In this paper we examine the prospect of adapting systems developed for Digital Rights Management to meet the challenges of Privacy Rights Management. In particular, the goal of this work is the adaptation of DRM technology to produce a privacy management architecture that reflects the requirements of Directive 95/46/EC for the protection of personal data. This paper first outlines the requirements for management of the personal data within the European Community it then describes the changes that would be required to transform a digital rights management system into a system to manage the handling of personal data. The paper concludes with a thorough discussion of the issues and potential of this approach.

Distributed device networks with security constraints

In todays globalized business world, outsourcing, joint ventures, mobile and cross-border collaborations have led to work environments distributed across multiple organizational and geographical boundaries. The new requirements of portability, configurability and interoperability of distributed device networks put forward new challenges and security risks to the systems design and implementation. There are critical demands on highly secured collaborative control environments and security enhancing mechanisms for distributed device control, configuration, monitoring, and interoperation. This paper addresses the collaborative control issues of distributed device networks under open and dynamic environments. The security challenges of authenticity, integrity, confidentiality, and execution safety are considered as primary design constraints. By adopting policy-based network security technologies and XML processing technologies, two new modules of Secure Device Control Gateway and Security Agent are introduced into regular distributed device control networks to provide security and safety enhancing mechanisms. The core architectures, applied mechanisms, and implementation considerations are presented in detail in this paper.

An analysis of online gaming crime characteristics

Purpose – To arouse the public awareness of online gaming‐related crimes and other societal influences so that these problems can be solved through education, laws and appropriate technologies.Design/methodology/approach – A total of 613 criminal cases of online gaming crimes that happened in Taiwan during 2002 were gathered and analyzed. They were analyzed for special features then focusing on the tendency for online gaming crime. Related prosecutions, offenders, victims, criminal methods, and so on, were analyzed.Findings – According to our analysis of online gaming characteristics in Taiwan, the majority of online gaming crime is theft (73.7 percent) and fraud (20.2 percent). The crime scene is mainly in internet cafes (54.8 percent). Most crimes are committed within the 12:00 to 14:00 time period (11.9 percent). Identity theft (43.4 percent) and social engineering (43.9 percent) are the major criminal means. The offenders (95.8 percent) and victims (87.8 percent) are mainly male and offenders always p...