Tereza Cristina M. B. Carvalho

A survey on key management mechanisms for distributed Wireless Sensor Networks

Wireless Sensor Networks (WSNs) have a vast field of applications, including deployment in hostile environments. Thus, the adoption of security mechanisms is fundamental. However, the extremely constrained nature of sensors and the potentially dynamic behavior of WSNs hinder the use of key management mechanisms commonly applied in modern networks. For this reason, many lightweight key management solutions have been proposed to overcome these constraints. In this paper, we review the state of the art of these solutions and evaluate them based on metrics adequate for WSNs. We focus on pre-distribution schemes well-adapted for homogeneous networks (since this is a more general network organization), thus identifying generic features that can improve some of these metrics. We also discuss some challenges in the area and future research directions.

A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing

The development of cloud computing services is speeding up the rate in which the organizations outsource their computational services or sell their idle computational resources. Even though migrating to the cloud remains a tempting trend from a financial perspective, there are several other aspects that must be taken into account by companies before they decide to do so. One of the most important aspect refers to security: while some cloud computing security issues are inherited from the solutions adopted to create such services, many new security questions that are particular to these solutions also arise, including those related to how the services are organized and which kind of service/data can be placed in the cloud. Aiming to give a better understanding of this complex scenario, in this article we identify and classify the main security concerns and solutions in cloud computing, and propose a taxonomy of security in cloud computing, giving an overview of the current status of security in this emerging technology.

Mobile health in emerging countries: A survey of research initiatives in Brazil

OBJECTIVE To conduct a comprehensive survey of mobile health (mHealth) research initiatives in Brazil, discussing current challenges, gaps, opportunities and tendencies. METHODS Systematic review of publicly available electronic documents related to mHealth, including scientific publications, technical reports and descriptions of commercial products. Specifically, 42 projects are analyzed and classified according to their goals. This analysis considers aspects such as security features provided (if any), the health condition that are focus of attention, the main providers involved in the projects development and deployment, types of devices used, target users, where the projects are tested and/or deployed, among others. RESULTS The study shows a large number (86%) of mHealth solutions focused on the following categories: health surveys, surveillance, patient records and monitoring. Meanwhile, treatment compliance, awareness raising and decision support systems are less explored. The main providers of solutions are the universities (56%) and health units (32%), with considerable cooperation between such entities. Most applications have physicians (55%) and Community Health Agents (CHAs) (33%) as targeted users, the latter being important elements in nation-wide governmental health programs. Projects focused on health managers, however, are a minority (5%). The majority of projects do not focus on specific diseases but rather general health (57%), although solutions for hearth conditions are reasonably numerous (21%). Finally, the lack of security mechanisms in the majority of the surveyed solutions (52%) may hinder their deployment in the field due to the lack of compliance with general regulations for medical data handling. CONCLUSION There are currently many mHealth initiatives in Brazil, but some areas have not been much explored, such as solutions for treatment compliance and awareness raising, as well as decision support systems. Another research trend worth exploring refers to creating interoperable security mechanisms, especially for widely explored mHealth categories such as health surveys, patient records and monitoring. Challenges for the expansion of mHealth solutions, both in number and coverage, include the further involvement of health managers in the deployment of such solutions and in coordinating efforts among health and research institutions interested in the mHealth trend, possibly exploring the widespread presence of CHAs around the country as users of such technology.

Survey and comparison of message authentication solutions on wireless sensor networks

Security is an important concern in any modern network. This also applies to Wireless Sensor Networks (WSNs), especially those used in applications that monitor sensitive information (e.g., health care applications). However, the highly constrained nature of sensors imposes a difficult challenge: their reduced availability of memory, processing power and energy hinders the deployment of many modern cryptographic algorithms considered secure. For this reason, the choice of the most memory-, processing- and energy-efficient security solutions is of vital importance in WSNs. To date, a number of extensive analyses comparing different encryption algorithms and key management schemes have been developed, while very little attention has been given to message authentication solutions. In this paper, aiming to close this gap, we identify cipher-based Message Authentication Codes (MACs) and Authenticated Encryption with Associated Data (AEAD) schemes suitable for WSNs and then evaluate their features and performance on a real platform (TelosB). As a result of this analysis, we identify the recommended choices depending on the characteristics of the target network and available hardware.

The MARVIN message authentication code and the LETTERSOUP authenticated encryption scheme

We present MARVIN, a new parallelizable message authentication code (MAC) based on the ALRED family. The new algorithm is designed with resource-constrained platforms inmind and explores the structure of an underlying block cipher toprovide security at a small cost in terms of memory needs. Also,we show how MARVIN can be used as an authentication-onlyfunction or else in an authenticated encryption with associateddata (AEAD) scheme. We define a new AEAD proposal called LETTERSOUP, which is based on the mode ofoperation. Finally, we LFSRC analyze the security and performance of theresulting schemes. Copyright

Methodology for IT Governance Assessment and Design

IT Governance has become an increasingly important process in delivering business value from IT. A number of IT governance frameworks have been proposed as the MIT — CISR framework and COBIT. However, there is no proposal of a systematic methodology for IT Governance assessment and design, considering the possibility of joint usage of multiple frameworks. This paper presents a systematic methodology for IT governance assessment and design, specified through different phases, their activities and outcomes. This methodology is applied in a real case showing the practical benefit from its usage.

Comparison of Authenticated-Encryption schemes in Wireless Sensor Networks

Security is an important concern in any modern network. This also applies to Wireless Sensor Networks (WSNs), especially those used in applications that monitor sensitive information (e.g., health care applications). However, the highly constrained nature of sensors impose a difficult challenge: their reduced availability of memory, processing power and energy hinders the deployment of many modern cryptographic algorithms considered secure. For this reason, the choice of the most memory-, processing- and energy-efficient security solutions is of vital importance in WSNs. To date, several authors have developed extensive analyses comparing different encryption algorithms and key management schemes, while very little attention has been given to message authentication mechanisms. In this paper, we address this issues by identifying Authenticated Encryption with Associated Data (AEAD) schemes suitable for WSNs and by evaluating their features and performance on TelosB sensor nodes. As a result of this analysis, we identify the recommended choices depending on the characteristics of the target network.

A Multimedia Delivery Architecture for IPTV with P2P-Based Time-Shift Support

From the four basic functionalities of video delivery systems - linear TV, Video on Demand (VoD), time-shifted TV (tsTV), and network Personal Video Recorder (nPVR) - most of todays solutions focus either on linear TV, or on VoD. While linear TV usually uses efficient distribution mechanisms such as multicast, VoD is often realized via centralized, bandwidth-inefficient unicast. Even when file sharing P2P algorithms are used for VoD or nPVR, they can not be applied to tsTV since they require the whole content to exist from the beginning. With this paper, we propose a novel solution that aims at offering all four functionalities in one distributed system. Our architecture uses multicast for the distribution of live content, and a modified P2P protocol for offering VoD, nPVR, and tsTV altogether.

A Framework for Authentication and Authorization Credentials in Cloud Computing

Security is a key concern when adopting cloud technology. Cloud solutions include not only issues inherited from related technologies, such as virtualization and distributed computing, but also new concerns associated to complexity of the cloud ecosystem, composed by the cloud entities and their interactions. One of the concerns is related to authentication and authorization in the cloud in order to provide robust mechanisms to identify entities and establish their permissions and roles in the cloud, controlling resource usage and promoting accounting and isolation. This paper identifies the state of the art in terms of credential management focusing on the cloud ecosystem. It proposes a credential classification and a framework for studying and developing solutions in this context, unifying concepts related to cloud deployment models, service types, entities and lifecycle controls.

FWM Constraints Management for Lightpath Establishment in GMPLS Networks

In all-optical networks, management of physical layer restrictions should collaborate in lightpath establishment. Label-Switched Path validation in Generalized MultiProtocol Label Switching on Dense Wavelength Division Multiplexing network requires the treatment of the physical impairment-related parameters along the provisioned route.