Md. Endadul Hoque

Enhancing Privacy and Security of RFID System with Serverless Authentication and Search Protocols in Pervasive Environments

One of the recent realms that gathered attention of researchers is the security issues of Radio Frequency Identification (RFID) systems that have tradeoff between controlled costs and improved efficiency. Evolvement and benefits of RFID technology signifies that it can be low-cost, efficient and secured solution to many pervasive applications. But RFID technology will not intermingle into human lives until prevailing and flexible privacy mechanisms are conceived. However, ensuring strong privacy has been an enormous challenge due to extremely inadequate computational storage of typical RFID tags. So in order to relieve tags from responsibility, privacy protection and security assurance was guaranteed by central server. In this paper, we suggest serverless, forward secure and untraceable authentication protocol for RFID tags. This authentication protocol safeguards both tag and reader against almost all major attacks without the intervention of server. Though it is very critical to guarantee untraceability and scalability simultaneously, here we are proposing a scheme to make our protocol more scalable via ownership transfer. To the best of our knowledge this feature is incorporated in the serverless system for the first time in pervasive environments. One extension of RFID authentication is RFID tag searching, which has not been given much attention so far. But we firmly believe that in near future tag searching will be a significant issue RFID based pervasive systems. So in this paper we propose a serverless RFID tag searching protocol in pervasive environments. This protocol can search a particular tag efficiently without server’s intervention. Furthermore they are secured against major security threats.

Design, analysis, and deployment of omnipresent Formal Trust Model (FTM) with trust bootstrapping for pervasive environments

The rapid decrease in the size of mobile devices, coupled with an increase in capability, has enabled a swift proliferation of small and very capable devices into our daily lives. With such a prevalence of pervasive computing, the interaction among portable devices needs to be continuous and invisible to device users. As these devices become better connected, collaboration among them will play a vital role in sharing resources in an ad-hoc manner. The sharing of resources works as a facilitator for pervasive devices. However, this ad hoc interaction among devices provides the potential for security breaches. Trust can fight against such security violations by restricting malicious nodes from participating in interactions. Therefore, we need a unified trust relationship model between entities, which captures both the needs of the traditional computing world and the world of pervasive computing where the continuum of trust is based on identity, physical context or a combination of both. Here, we present a context specific and reputation-based trust model along with a brief survey of trust models suitable for peer-to-peer and ad-hoc environments. This paper presents a multi-hop recommendation protocol and a flexible behavioral model to handle interactions. One other contribution of this paper is the integration of an initial trust model; this model categorizes services or contexts in different security levels based on their security needs, and these security needs are considered in trust bootstrapping. The other major contribution of this paper is a simple method of handling malicious recommendations. This paper also illustrates the implementation and evaluation of our proposed formal trust model.

AnonPri: An efficient anonymous private authentication protocol

Privacy protection is a very important issue during authentications in RFID systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags share a number of key components. Another technique can be to perform group based private authentication that improves the tradeoff between scalability and privacy by dividing the tags into a number of groups. This is a novel authentication scheme that ensures privacy of the provers. However, one limitation of this technique is that the level of privacy provided by the scheme decreases as more and more tags are compromised Therefore, in this paper, we propose a group based anonymous private authentication protocol (AnonPri) that provides higher level of privacy than the above mention group based scheme and achieves better efficiency than the approaches that prompt the reader to perform an exhaustive search. Our protocol provides unlinkability and thereby preserves privacy. The adversary cannot link the responses with the tags, even if she can learn the identifier that the tags are using to produce the response. To evaluate AnonPri, we have compared both the protocols, AnonPri and the group based authentication. The experiment results establish that the level of privacy provided by AnonPri is higher than that of the group based authentication.

Enhanced Partial Dominant Pruning (EPDP) Based Broadcasting in Ad hoc Wireless Networks

In many applications of ad-hoc wireless networks, one often has to broadcast the same message to all nodes. The major goal of any broadcasting algorithm is to minimize the number of retransmissions, i.e., to accomplish the goal with the minimum amount of traffic in the network. In addition to reducing the bandwidth expense needed to convey the message to all the nodes, this objective will try to minimize the total amount of energy spent by the nodes on this communal task. This is of paramount importance in sensor networks, which are often built of disposable nodes, whose life-time is directly determined by the efficiency of their power management scheme. In this paper, we present a heuristic broadcast algorithm dubbed EPDP, for enhanced partial dominant pruning, and demonstrate its superiority, in terms of the total number of retransmissions, over other solutions addressing the same issue.

S-search: finding RFID tags using scalable and secure search protocol

Massively deploying RFID systems that preserve data integrity and security is a major challenge of the coming years. Since RFID tags are extremely constrained in time and space, enforcing high level of security with excessive cryptographic computation is not possible. Secured mechanisms for tag authentication have been in the midst of researchers interest for almost a decade. One extension of RFID authentication is RFID tag searching, which has not been given much attention so far. But we firmly believe that in near future tag searching will be a significant issue. And tag searching need to be scalable as RFID tags are deployed comprehensively within a system. In this paper we propose a scalable and lightweight RFID tag searching protocol. This protocol can search a particular tag efficiently as the approach is not based on exhaustive search. This approach does not employ extreme computing or cryptographic functions. Our proposed scalable search protocol is secured against major security threats and it is suitable to be used in numerous real life situations.

User Privacy Protection in Pervasive Social Networking Applications Using PCO

Privacy is the most often-cited criticism of context awareness in pervasive environment, and may be the utmost barrier to its enduring success. However, privacy implications associated with pervasive online community-based applications depend on the level of identifiability of the information provided, its possible recipients, and its possible uses. Unfortunately, conventional privacy preservation techniques are not suitable for these types of application. This paper describes our current work in developing a novel privacy sensitive architecture for context obfuscation (PCO) for privacy preservation in pervasive online community-based applications. More specifically, PCO preserves users’ privacy by generalising request parameters as well as the context data provided to the application. To support multiple levels of granularity for the released context data, the obfuscation procedure uses an ontological description that states the granularity of object type instances. We have developed and evaluated a contextual instant messaging application (PCO application) in Android platform that incorporates level-based privacy of the user’s contextual information. We also evaluate our prototype application through user evaluation survey. The PCO architecture can be extended to be used in diverse online community-based applications.

Secured tag identification using EDSA (enhanced distributed scalable architecture)

RFID technology has become increasingly popular in todays society and plays an important role in daily life. However, the exploitation of this technology requires practical and secure solutions to overcome certain issues. In the case of RFID systems, privacy protection and scalability are two conflicting goals. Nevertheless, in this paper we propose a hexagonal cell based distributed architecture which ensures improved scalability while maintaining privacy. The hexagonal architecture allows readers to co-operate with one another to identify tags without compromising scalability. Furthermore, this architecture uses serverless protocols for security assurance, cutting down set up and maintenance cost as well as traffic to server. To the best of our knowledge, we propose a combination of servered and serverless techniques within the same distributed architecture for the first time. Our proposed distributed scalable architecture together with the secure serverless protocols can be used in numerous real life situations.

Trust based security auto-configuration for smart assisted living environments

Recent progresses in wireless sensor networking and pervasive computing have created huge opportunities for providing elderly people with technological facilities. For elderly people, conceiving technologies for increasing their autonomy, so as to enable them to self-manage their life is of utmost importance. However, when it comes to smart home, once all appliances in a home are automated and connected through internet, it becomes essential to consider issues of security, especially security configuration. In the smart home, security has to be configured and managed by technology-unaware elderly people. One mechanism of auto security configuration in such environment can be achieved by observing the trustworthiness of smart devices. Trust-based security mechanisms allow access rights to evolve among previously unknown devices, thus minimizing security configuration. In this paper, we present a security configuration model which takes critical security decisions by determining the trustworthiness of an entity based on the sources of trust: Direct interaction and Recommendation trust.

REBIVE: a reliable private data aggregation scheme for wireless sensor networks

An important topic addressed by the wireless sensor networks community over the last several years is the in-net work data aggregation. It is significant as well as a challenging issue to provide reliable data aggregation scheme while preserving data privacy. However, in WSNs, achieving ideal data accuracy is complicated due to collision, heavy network traffic, processing delays and/or several attacks. The problem of gathering accurate integrated data will be further intensified if the environment is adverse. Hence how to attain data privacy and perfect data accuracy are two major challenges for data aggregation in wireless sensor networks. To address this problem, we propose in this paper a new privacy preserving data aggregation scheme. We present REBIVE (REliaBle prIVate data aggregation scheme). In REBIVE the data accuracy maintenance and data privacy protection mechanisms work cooperatively. Different from past research, our proposed solution have the following features: providing privacy preservation technique for individual sensor data and aggregated sensor data; maintaining perfect data accuracy for realistic environments; being highly efficient; and being robust to popular attacks launched in WSNs.