Paul Tarwireyi

Insider threat detection model for the cloud

Cloud computing is a revolutionary technology that is changing the way people and organizations conduct business. It promises to help organizations save money on IT expenditure while increasing reliability, efficiency and productivity. However, despite the potential benefits that the cloud promises its users, it is facing some security challenges. Insider threats are some of the growing security concerns that are hindering the adoption of the cloud. Cloud providers are faced with a challenge of monitoring usage patterns of users so as to ensure that malicious insiders do not compromise the security of customer data and applications. Solutions are still needed to ensure that the data stored in the cloud is secure from malicious insiders of the cloud service provider. This paper presents an Insider Threat Detection Model that can be used to detect suspicious insider activities. An experimental system was designed to implement this model. This system uses sequential rule mining to detect malicious users by comparing incoming events against user profiles.

Addressing Privacy in Cloud Computing Environment

Cloud computing is growing in popularity due to its ability to offer dynamically scalable resources provisioned as services regardless of user or location device. However, moving data to the cloud means that the control of the data is more on the hands of the cloud provider rather than the data owner. This to a certain extent means that cloud users are skeptical about losing their privacy when moving data to environments they do not control. From this stems the need for the means to allow the data owner to monitor what is happening to her/his data. This paper presents a framework that could assist in efforts to address privacy issues in the cloud. A proof of concept prototype implementation is presented to validate the framework. Evaluations are then carried out to test the utility and applicability of the proposed solution.

Towards privacy with tokenization as a service

Privacy is one of the main challenges that systems which process personally identifiable information and health protected information are currently battling with. Until recently, many solutions were inclined on protecting data-at-rest through encryption. However, the past decade has seen an increase in data breaches that target encrypted sensitive information like credit cards, passwords and health records. A new approach to solving this problem thrives to minimize the storage of sensitive data in processing environments. This paper presents a privacy-as-a-service mechanism which makes use of the tokenization technology. It proposes the use of a tokenization service that can be used by applications to store sensitive data away from the processing environment. We show how the tokenization service can be useful for applications such as e-commerce and e-health where privacy is a major concern.

Lithium-based batteries in tactical military applications: A review

Batteries provide electrical energy to many devices from power tools to military portable equipment. The battery technology has evolved over the years which led to the creation of lithium based batteries that are equipped to face the power-demanding military devices. Battery quality is a critical issue in military applications since the portable devices use power consuming algorithms for security. There is a need to efficiently use the available battery power. This work focuses on reviewing the existing battery technologies by taking into consideration lithium based batteries over other batteries like nickel-cadmium, nickel metal-hydride and reusable alkaline which are considered the most common. The relevance of lithium batteries in military is outlined looking at the demands posed by the military environment.

A Multi-Level Privacy Scheme for Securing Data in a Cloud Environment

Privacy concern is often cited as one of the key factors that impede large-scale adoption of the cloud computing paradigm by enterprise customers. Existing solutions to privacy issue with respect to cloud computing, commonly through encryption mechanisms, often result in performance problem. This paper proposes and presents a multi-level privacy support scheme for addressing the trade-off between privacy of user’s data stored in the cloud and system performance. This is achieved by using encryption algorithms with varying strengths to protect the privacy of different categories of user’s data depending on their privacy sensitivity. Simulation results, using Jindael AES encryption algorithm as case study, lends credence to the efficacy of the proposed privacy scheme.

Handling network merging and partitioning in MANETs

In wireless ad-hoc networks, nodes require IP addresses to communicate. The configuration of IP addresses in wireless adhoc networks is accomplished by using distributed algorithms rather than a centralized mechanism such as DHCP. Due to the unpredictable nature of wireless adhoc networks, independently configured networks may come into contact and duplicate IP address may occur. So many approaches have been proposed to handle this problem. After a network merger is detected, the first task is to detect address conflicts and then take corrective action, i.e. some nodes need to acquire new addresses. Even though a number of solutions have been proposed to address this problem, the ability to respond to network dynamics is still a challenge. In this paper, we propose a solution that addressed both the partitioning and the merging of networks. Our network partitioning solution can distinguish between temporary and permanent network partitioning. Simulations were carried out in NS2 and results presented.

Understanding the Value of Evaluating ICT Models to Improve Medium and Small Enterprises

This research investigated evaluation models for understanding the value of Information and Communication Technology (ICT) Operational Risk Management (ORM) in Medium and Small Enterprises (MSEs). Multiple regression, Repeated-Measures Analysis of Variance (RM-ANOVA) and Repeated-Measures Multivariate Analysis of Variance (RM-MANOVA) were performed. The findings of the distribution revealed that only one variable made a significant percentage contribution to the level of ICT operation in MSEs, the Payback method (β = 0.410, p < .000). It may thus be inferred that the Payback method is the prominent variable, explaining the variation in level of evaluation models affecting ICT adoption within MSEs. Consequently, looking at (1) degree of variability explained and (2) predictors, the results revealed that the variable contributed approximately 88.4 % of the variations in evaluation models affecting ICT adoption within MSEs. The analysis of variance also revealed that the regression coefficients were real and did not occur by chance.

A version-based transformation proxy for service evolution

Service Oriented Computing (SOC) has emerged as a new computing paradigm that has services as the building blocks to distributed applications. SOC supports rapid development, easy composition and low cost production of distributed applications as services, promoting interoperability. Interoperable applications are however not under the control of a single administration hence implementation detail is abstracted from other administrations. Following the web services architectural model, a service provider may not be in full view of the service requestors consuming his offered services, hence a mechanism to support the existing service requestors in the event of changes made to a service, need to be put in place. This will help to reduce the full impact of unannounced service changes on the service requestors. This paper presents the design and implementation of an approach to gracefully change a service from one version to the next while maintaining support for the existing services. The paper introduces a proxy-based service transformation model to convert messages sent between any service provider-requestor pair to match the version implementation of the requestor. The feasibility and applicability of this model is demonstrated through a prototype.