Masoom Alam

A Cross Tenant Access Control (CTAC) Model for Cloud Computing: Formal Specification and Verification

Sharing of resources on the cloud can be achieved on a large scale, since it is cost effective and location independent. Despite the hype surrounding cloud computing, organizations are still reluctant to deploy their businesses in the cloud computing environment due to concerns in secure resource sharing. In this paper, we propose a cloud resource mediation service offered by cloud service providers, which plays the role of trusted third party among its different tenants. This paper formally specifies the resource sharing mechanism between two different tenants in the presence of our proposed cloud resource mediation service. The correctness of permission activation and delegation mechanism among different tenants using four distinct algorithms (activation, delegation, forward revocation, and backward revocation) is also demonstrated using formal verification. The performance analysis suggests that the sharing of resources can be performed securely and efficiently across different tenants of the cloud.

A Balanced Energy-Consuming and Hole-Alleviating Algorithm for Wireless Sensor Networks

In wireless sensor networks (WSNs) energy balancing and energy efficiency are the key requirements to prolong the network lifetime. In this paper, we investigate the problem of energy hole, where sensor nodes located near the sink or in some other parts of the network die very early due to unbalanced load distribution. Moreover, there is a dire need to utilize the energy resource efficiently. For this purpose, a balanced energy consuming and hole alleviating (BECHA), and energy-aware balanced energy consuming and hole alleviating (EA-BECHA) algorithms are proposed, not only to balance the load distribution of entire network, but also to utilize the energy resource efficiently. This work mainly adopts data forwarding and routing selection strategy for the entire network. An optimal distance and energy-based transmission strategy which is free of location error is adopted to forward the different size of data to the neighbors by selecting the optimal forwarder. Finally, the simulation results validate the proposed schemes by showing improvement in network lifetime, energy balancing and enhanced throughput.

τ-safety: A privacy model for sequential publication with arbitrary updates

The dissemination of Electronic Health Records (EHRs) can be extremely beneficial for multidimensional medical research perspectives leveraging patient diagnoses to reliable prescription, clinical trials to disease surveillance and immunization to disease prevention. However, privacy preservation on anonymous release–shared with medical researchers (or intended recipients)-demands a privacy model that must be able to meet three challenges: 1) it should be able to strike a balance between the privacy and utility of released dataset; 2) it should be able to preserve the individual-based privacy; 3) it should be able to thwart the adversary in the presence of arbitrary updates (i.e. with any consistent insert/update/delete sequence) and especially chainable-auxiliary information. The main objective of this work is to propose a privacy model that meets these three criteria. In this work, we propose τ-safety privacy model for sequential publication that is able to meet all above-mentioned challenges. τ (events list) refers to the type of operations (e.g., insert, update, delete) that can be performed on an individuals record in any release. The results of our experiments prove that the proposed scheme achieves better anonymization quality and query accuracy in comparison with m-invariance against τ attacks in external and internal updates.

Vector Based Genetic Algorithm to optimize predictive analysis in network security

A new Intrusion Detection System (IDS) for network security is proposed making use of a Vector-Based Genetic Algorithm (VBGA) inspired by evolutionary approaches. The novelty in the algorithm is to represent chromosomes as vectors and training data as matrices. This approach allows multiple pathways to calculate fitness function out of which one particular methodology is used and tested. The proposed method uses the overlap of the matrices with vector chromosomes for model building. The fitness of the chromosomes is calculated from the comparison of true and false positives in test data. The algorithm is flexible to train the chromosomes for one particular attack type or to detect the maximum number of attacks. The VBGA has been tested on two datasets (KDD Cup-99 and CTU-13). The proposed algorithm gives high detection rate and low false positives as compared to traditional Genetic Algorithm. A detailed comparative analysis is given of proposed VBGA with the traditional string-based genetic algorithm on the basis of accuracy and false positive rates. The results show that vector based genetic algorithm provides a significant improvement in detection rates keeping false positives at minimum.

Secure Actor Directed Localization in Wireless Sensor and Actor Networks

Wireless sensor and actor networks are fully automated. Actor nodes are inducted to communicate with sensor nodes directly and reduce the communication delay caused by base station or sink nodes. Sometimes, the actor node is directly accessible without the involvement of any control room. The actor node is responsible for taking a prompt action against the reported event by a sensor node. For secure communication, it is essential that sensor and actor nodes be aware of their existing location and the data must be encrypted before transmission. Due to energy constraints, secure localization in wireless sensor networks is a hot issue. To date, the researchers have proposed many approaches for localization of sensor nodes in the network. In this paper, we provide new insights for secure actor directed localization technique in wireless sensor and actor networks. A secure connectivity based localization (CBL) approach for sensor and actor nodes localization is presented. The proposed approach helps to locate a sensor node efficiently and effectively. We have also decreased the possibility of attacks and the registration of attacker nodes with other legitimate nodes in the network. The proposed technique prevents man-in-the-middle attacks and securely delivers data to the destination.

Garbled role-based access control in the cloud

Security has always been a major concern in the cloud environment because outsourcing leads to the new security issues. Privacy risks related to the job assignment are the dominating hurdles in the wide organizations like research, military and intelligence. To address this issue Garbled Role-Based Access Control (GRBAC) mechanism is being offered in this paper having key component that obliviously assign roles to the users through (RSA Oblivious-Transfer). The design of the proposed model has been guided by the Role-Based Access Control and Dynamic Separation of Duty. The proposed model also includes the flexible authentication based on the user’s context information. GRBAC offers fine-grained security while algorithm does not have to be secret from adversary. Security of this model is based on the adopted Garbled Function (

On energy efficiency in underwater wireless sensor networks with cooperative routing

f_g

Towards a set aggregation-based data integrity scheme for smart grids

fg). The proposed model is best suited for the organizations where available roles cannot be revealed to the users and assigned roles are not to be leaked even to the server.