T. Andrew Yang

Security co-existence of wireless sensor networks and RFID for pervasive computing

Recent advances in wireless networks and embedded systems have created a new class of pervasive systems such as Wireless Sensor Networks (WSNs) and Radio Frequency IDentification (RFID) systems. WSNs and RFID systems provide promising solutions for a wide variety of applications, particularly in pervasive computing. However, security and privacy concerns have raised serious challenges on these systems. These concerns have become more apparent when WSNs and RFID systems co-exist. In this article, we first briefly introduce WSNs and RFID systems. We then present their security concerns and related solutions. Finally, we propose a Linear Congruential Generator (LCG) based lightweight block cipher that can meet security co-existence requirements of WSNs and RFID systems for pervasive computing.

Self-propagating mal-packets in wireless sensor networks: Dynamics and defense implications

In this paper, based on our proposed mal-packet self-propagation models in wireless sensor networks, we use TOSSIM to study their propagation dynamics. We also present a preliminary study of the feasibility of mal-packet defense in sensor networks. Specifically, based on random graph theory and percolation theory, we propose the immunization of the highly-connected nodes in order to partition the network into as many separate pieces as possible, thus preventing or slowing down the mal-packet propagation. We study the percolation threshold of different network densities and the effectiveness of immunization in terms of connection ratio, remaining link ratio, and distribution of component sizes. We also present an analysis of the distribution of component sizes.

Social Networking as a New Trend in E-Marketing

In the world of e-marketing, new business models are frequently introduced, and new trends have started to emerge. One such latest trend is social networking websites, many of which have attracted not only large number of users and visitors, but also online advertising companies to place their ads on the sites. In this paper we explore online social networking as a new trend of e-marketing. We first examine the online social network as a new form of web-based services, and compare social networks with other representative web-based services by using the 7C framework. We then analyze social networking from a business strategy point of view, by creating a business model for online social networking sites using Porter’s Five Forces Model. We also discuss the primary revenue models that may be used by organizations and companies providing online social networking services.

EdgeSec: Design of an Edge Layer Security Service to Enhance IoT Security

With the widespread availability of connected smart devices, Internet of Things (IoT) is becoming the worlds largest computing platform. These large-scale, heterogeneous and resource-constrained devices bring many significant new challenges to the design of efficient and reliable IoT systems. Security is one of the most crucial ones that need to be effectively addressed for the wide adoption of IoT systems. In this paper, we first present an in-depth analysis of security challenges in IoT. Then, we propose EdgeSec, the design of a novel security service which is deployed at the Edge layer to enhance the security of IoT systems. EdgeSec consists of seven major components that work together to systematically handle specific security challenges in IoT systems. Finally, the effectiveness of EdgeSec is demonstrated in the context of a typical IoT application, Smart Home.

Design and implementation of a multi-facet hierarchical cybersecurity education framework

Shortage of qualified cybersecurity workforce is a national problem. Without an effective solution, peoples daily lives, business operations, and even national security are in jeopardy. Higher education institutions have invested in various approaches to train college students to acquire cybersecurity related knowledge, skills, and abilities. The existing approaches still need improvement and refinement and do not apply universally. In this paper, we report our efforts in designing and implementing a holistic framework for cybersecurity education with the desired level of breadth and depth. The framework is hierarchical since it includes all levels of cyber citizens especially in an organizational environment. The framework is also multi-facet to include various knowledge domains. These two characteristics of the framework make it modular and extensible, which allows progressive implementation. Implementation of this framework is currently underway at a small university where resources are limited. The framework is proven useful and practical, and can be adopted in a similar setting by other institutions.

Use Cases and Development of Software Defined Networks in OpenStack

With ubiquitous presence and perpetual growth of software applications and computing devices connected to the Internet, organizations and businesses are faced with increasing challenges in operating and maintaining technologies that support their IT infrastructure. Among the goals of technology management are cost-effectiveness, energy efficiency, and secure management of information technologies, which are expected to produce maximum utility value. Virtualization has been proposed as a promising solution to the challenges facing todays IT managers. From virtualized servers to virtualized networks to virtual data centers, various virtualized systems have been explored as means of easing IT operation challenges. One of the major benefits of virtualization is the possibility of building a network of virtual machines and storage infrastructure between the virtual data center and external physical networks. A data center involves a large number of networking devices such as switches, routers, and firewalls. With traditional networking, managing networks in data centers is a complex task due to the closed architecture and vertical integration among the networking devices. Software-defined networking (SDN) is a new architectural paradigm, enabling flexible and dynamic management of networks and associated services. This paper presents the benefits of virtualization in general, the advantages of adopting virtualization in data centers, a practical implementation of virtual data centers on OpenStack, and implementing SDN to manage networks in the virtual data center.