Weili Han

Value-centric design of the internet-of-things solution for food supply chain: Value creation, sensor portfolio and information fusion

The revolution of Internet-of-Things (IoT) is reshaping the modern food supply chains with promising business prospects. To be successful in practice, the IoT solutions should create “income-centric” values beyond the conventional “traceability-centric” values. To accomplish what we promised to users, sensor portfolios and information fusion must correspond to the new requirements introduced by this income-centric value creation. In this paper, we propose a value-centric business-technology joint design framework. Based on it the income-centric added-values including shelf life prediction, sales premium, precision agriculture, and reduction of assurance cost are identified and assessed. Then corresponding sensor portfolios are developed and implemented. Three-tier information fusion architecture is proposed as well as examples about acceleration data processing, self-learning shelf life prediction and real-time supply chain re-planning. The feasibilities of the proposed design framework and solution have been confirmed by the field trials and an implemented prototype system.

An Access Control Language for a General Provenance Model

Provenance access control has been recognized as one of the most important components in an enterprise-level provenance system. However, it has only received little attention in the context of data security research. One important challenge in provenance access control is the lack of an access control language that supports its specific requirements, e.g., the support of both fine-grained policies and personal preferences, and decision aggregation from different applicable policies. In this paper, we propose an access control language tailored to these requirements.

Permission based Android security: Issues and countermeasures

Abstract Android security has been a hot spot recently in both academic research and public concerns due to numerous instances of security attacks and privacy leakage on Android platform. Android security has been built upon a permission based mechanism which restricts accesses of third-party Android applications to critical resources on an Android device. Such permission based mechanism is widely criticized for its coarse-grained control of application permissions and difficult management of permissions by developers, marketers, and end-users. In this paper, we investigate the arising issues in Android security, including coarse granularity of permissions, incompetent permission administration, insufficient permission documentation, over-claim of permissions, permission escalation attack, and TOCTOU (Time of Check to Time of Use) attack. We illustrate the relationships among these issues, and investigate the existing countermeasures to address these issues. In particular, we provide a systematic review on the development of these countermeasures, and compare them according to their technical features. Finally, we propose several methods to further mitigate the risk in Android security.

Using automated individual white-list to protect web digital identities

The theft attacks of web digital identities, e.g., phishing, and pharming, could result in severe loss to users and vendors, and even hold users back from using online services, e-business services, especially. In this paper, we propose an approach, referred to as automated individual white-list (AIWL), to protect users web digital identities. AIWL leverages a Naive Bayesian classifier to automatically maintain an individual white-list of a user. If the user tries to submit his or her account information to a web site that does not match the white-list, AIWL will alert the user of the possible attack. Furthermore, AIWL keeps track of the features of login pages (e.g., IP addresses, document object model (DOM) paths of input widgets) in the individual white-list. By checking the legitimacy of these features, AIWL can efficiently defend users against hard attacks, especially pharming, and even dynamic pharming. Our experimental results and user studies show that AIWL is an efficient tool for protecting web digital identities.

The design of an electronic pedigree system for food safety

The problem of food safety is a critical issue in recent years. To address the issue, the technologies of the Internet of Things are used to offer the possibilities to easily track the processes in the production, storage, transportation, sale, and even using phases of foods. This paper, therefore, introduces the design of an electronic pedigree system for food safety, which uses electronic pedigrees to enhance the safety of food supply. The system implements an extension of the pedigree standard of EPCglobal, and offers a more trustworthily tracking service to monitor and supervise the production and supply of food. We discuss the key issues of the design, and implement a prototype to evaluate the feasibility of the design. Finally, we analyze the trustworthiness assurance and security of our electronic pedigree system.

revDroid: Code Analysis of the Side Effects after Dynamic Permission Revocation of Android Apps

Dynamic revocation of permissions of installed Android applications has been gaining popularity, because of the increasing concern of security and privacy in the Android platform. However, applications often crash or misbehave when their permissions are revoked, rendering applications completely unusable. Even though Google has officially introduced the new permission mechanism in Android 6.0 to explicitly support dynamic permission revocation, the issue still exists. In this paper, we conduct an empirical study to understand the latest application practice post Android 6.0. Specifically, we design a practical tool, referred to as revDroid, to help us to empirically analyze how often the undesirable side effects, especially application crash, can occur in off-the-shelf Android applications. From the analysis of 248 popular applications from Google Play Store, revDroid finds out that 70% applications and 46% permission-relevant calls do not appropriately catch exceptions caused by permission revocation, while third-party libraries pay much more attention to permission revocation. We also use revDroid to analyze 132 recent malware samples. The result shows that only 27% malwares and 36% permission-relevant API calls of malwares fail to consider the permission revocation. In fact, many of them perform specialized handling of permission revocation to keep the core malicious logic running. Finally, revDroid can be used to help developers uncover the unhandled permission revocations during development time and greatly improve the application quality.

Specify and enforce the policies of quantified risk adaptive access control

XACML and its reference implementation can not directly support quantified risk adaptive access control, because there are several special requirements to specify and enforce the policies in risk adaptive access control: the elements in these policies, such as risk, risk level, are not covered; and risk in quantified risk adaptive access control would be mutable, accumulated and required to be continuously controlled. This paper, therefore, extends XACML and its reference implementation to support quantified risk adaptive access control. This paper makes two contributions: design a risk adaptive policy language extended from XACML; and propose a framework to enforce the policies. To the best of our knowledge, this paper is the first research work to discuss this topic.

SCout: Prying Into Supply Chains via a Public Query Interface

The distribution network, including its flow information, in a supply chain system is usually a business secret to ensure the supply chain security and hold on to a favorable position in commercial competition. When more and more organizations deploy tracking systems to facilitate users, most of them focus much on the business growth but ignore the protection for the secrets. This paper therefore shows how we can pry into supply chains based on publicly acquired data via a public query interface. We design SCout, which crawls messages in social network services (SNSs) to acquire tracking numbers of an express company, and automatically retrieve the supply information from a public query interface, and then set up the distribution network of the target express company. SCout can also provide the flow information between any two distribution points. Furthermore, based on these obtained data, we analyze the relationship between the number of tracking numbers and the information of a distribution network. These experiments show that some express companies need to improve their awareness of data security. In particular, poor coding rules of tracking numbers can help adversaries obtain more tracking numbers easily. Thus, we provide some security countermeasures for express companies to defend from the above snooping. To the best of our knowledge, this paper is the first research to study the data security issue of logistics query systems from the business aspect.

Fine-Grained Business Data Confidentiality Control in Cross-Organizational Tracking

With the support of the Internet of Things (IoT for short) technologies, tracking systems are being widely deployed in many companies and organizations in order to provide more efficient and trustworthy delivery services. Such systems usually support easy-to-use interfaces, by which users can visualize the shipping status and progress of merchandise, according to business data which are collected directly from the merchandise through sensing technologies. However, these business data may include sensitive business information, which should be strongly protected in cross-organizational scenarios. Thus, it is critical for suppliers that the disclosure of such data to unauthorized users is prevented in the context of the open environment of these tracking systems. As business data from different suppliers and organizations are usually associated together with merchandise being shipped, it is also important to support fine-grained confidentiality control. In this paper, we articulate the problem of fine-grained business data confidentiality control in IoT-enabled cross-organizational tracking systems. We then propose a fine-grained confidentiality control mechanism, referred to as xCP-ABE, to address the problem in the context of open environment. The xCP-ABE mechanism is a novel framework which makes suppliers in tracking systems able to selectively authorize specific sets of users to access their sensitive business data and satisfies the confidentiality of transmission path of goods. We develop a prototype of the xCP-ABE mechanism, and then evaluate its performance. We also carry out a brief security analysis of our proposed mechanism. Our evaluation and analysis show that our framework is an effective and efficient solution to ensure the confidentiality of business data in cross-organizational tracking systems.

Dynamic combination of authentication factors based on quantified risk and benefit

By combining multiple factors during authentication, a service can provide better assurance of security. However, the users are likely to feel inconvenient, or even discard the service. This paper, therefore, addresses this issue and introduces a novel method, referred to as the Quantified riSk and Benefit adaptive Authentication Factors combination QSBAF. QSBAF balances the requirements for both security and usability in the authentication of an information system and improves the systems ability to respond quickly to emerging risky events. In QSBAF, the authentication factors can be dynamically combined on the basis of quantified risk, benefit measurements, and combination policies. Furthermore, QSBAF provides an adaptive mechanism, which is driven by history data to justify the measurements of risk and benefit. In this paper, we use the online banking system as a typical scenario to demonstrate the usage of QSBAF. We also implement a prototype of QSBAF to evaluate the performance of its feasibility in real application scenarios. Copyright