Mehmet Tahir Sandikkaya

Security Problems of Platform-as-a-Service (PaaS) Clouds and Practical Solutions to the Problems

Cloud computing is a promising approach for the efficient use of computational resources. It delivers computing as a service rather than a product for a fraction of the cost. However, security concerns prevent many individuals and organizations from using clouds despite its cost effectiveness. Resolving security problems of clouds may alleviate concerns and increase cloud usage; in consequence, it may decrease overall costs spent for the computational devices and infrastructures. This paper particularly focuses on the Platform-as-a-Service (PaaS) clouds. Security of PaaS clouds is considered from multiple perspectives including access control, privacy and service continuity while protecting both the service provider and the user. Security problems of PaaS clouds are explored and classified. Countermeasures are proposed and discussed. The achieved solutions are intended to be the rationales for future PaaS designs and implementations.

Privacy Policies, Tools and Mechanisms of the Future

Although many believe that we have lost the battle for privacy, protection of what’s left of the user’s privacy is all the more important. Not only should a user be able to minimize the disclosure of her personal data, she should also have rights to decide what happens with her data once they have been disclosed. In order to minimize user interaction when deciding whether or not to reveal personal data, privacy policy languages were developed. However, these languages are inadequate and cannot properly deal with the complex interactions between users, service providers, third parties, identity providers and others. Also, tool support for composing and verifying these policies and mechanisms for enforcing them are lagging behind. This paper argues the need for better privacy policies and proposes some solutions. Throughout the paper, our statements are applied to three sample applications in three different domains: e-health, banking and social networks.

Agent-Based Offline Electronic Voting

Many electronic voting systems, classified mainly as homomorphic cryptography based, mix-net based and blind signature based, appear in the eighties after zero knowledge proofs were introduced. The common ground for all these three systems is the fact that none of them works without real time cryptologic computations which should be held on a server. As far as known, the agent-based approach has not yet been used in a secure electronic voting system. In this study, an agent-based electronic voting schema, which does not force real time computations on the server side and lets people vote at home, is proposed. Conventional cryptologic methods are used in the proposed schema to ensure some of the requirements of an electronic voting system where some of the requirements are constructed within distributed agent phenomena

Preserving privacy using visual cryptography in surveillance systems

This study proposes a practical, cost-effective and privacy-enhancing visual cryptographic surveillance system solution to independently store multiple shares of the original camera images. A face-detection algorithm determines faces on the original real-time image, and then the determined faces are replaced with random data to protect peoples identities. The rest of the image are kept, as it is to be able to follow the acts within the surveillance system. Whenever a suspected act occurs, independent entities in the system may act together to re-compose the original image and identify the suspected person. The proof of concept implementation, attack model and security analysis of the proposed model is discussed within the paper.

Prudent creditization polling (PCP): a novel adaptive polling service for an EPON

In this paper a novel adaptive bandwidth allocation scheme called Prudent Creditization Polling (PCP) is proposed and adapted with the reservation protocol IPACT. PCP attempts to reduce the average queue length at the ONUs and the average packet delay throughout the network. At each polling period, PCP attempts to creditize the request of the ONUs that suffer from high RTT, high average delay per packet, and high buffer growth. We implemented PCP with a fuzzy functional approach and a linear regression approach. We simulated PCP and several service disciplines in IPACT and compared their performance in terms of average packet delay and queue length. We show that PCP improves the performance of IPACT significantly in terms of the performance metrics aforementioned.