Search for: All records

Identification is the core of any authentication protocol design as the purpose of the authentication is to verify the user’s identity. The efficient establishment and verification of identity remain a big challenge. Recently, biometrics-based identification algorithms gained popularity as a means of identifying individuals using their unique biological characteristics. In this paper, we propose a novel and efficient identification framework, ActID, which can identify a user based on his/her hand motion while walking. ActID not only selects a set of high-quality features based on Optimal Feature Evaluation and Selection and Correlation-based Feature Selection algorithms but also includes a novel sliding window based voting classifier. Therefore, it achieves several important design goals for gait authentication based on resource-constrained devices, including lightweight and real-time classification, high identification accuracy, a minimum number of sensors, and a minimum amount of data collected. Performance evaluation shows that ActID is cost-effective and easily deployable, satisfies real-time requirements, and achieves a high identification accuracy of 100%. 

As a foundational and disruptive technology with unique features, blockchains can provide distinct technology pushes for novel business models, strategies, processes, and applications. Revised or new business models can be iteratively refined and transformed to increasingly more detailed design and implementation models to be realized by applications supported by blockchains. Governance concerns with how decisions are made, implemented, and controlled. It is an important focal point of any model and process. Blockchain enables new governance opportunities that are trusted, decentralized, automated, accountable, secured, and privacy-protected. These opportunities can be used to analyze governance issues in constructing models, processes, and blockchain applications. Based on our prototyping experience in two permissioned blockchain platforms, we propose a framework of six governance attributes for constructing consortium blockchain applications: decision process, accountability and verifiability, trust, incentive, security and privacy, and effectiveness. The framework aids in exploring blockchain-created governance opportunities and driving future research. 

Pervasive IoT applications enable us to perceive, analyze, control, and optimize the traditional physical systems. Recently, security breaches in many IoT applications have indicated that IoT applications may put the physical systems at risk. Severe resource constraints and insufficient security design are two major causes of many security problems in IoT applications. As an extension of the cloud, the emerging edge computing with rich resources provides us a new venue to design and deploy novel security solutions for IoT applications. Although there are some research efforts in this area, edge-based security designs for IoT applications are still in its infancy. This paper aims to present a comprehensive survey of existing IoT security solutions at the edge layer as well as to inspire more edge-based IoT security designs. We first present an edge-centric IoT architecture. Then, we extensively review the edge-based IoT security research efforts in the context of security architecture designs, firewalls, intrusion detection systems, authentication and authorization protocols, and privacy-preserving mechanisms. Finally, we propose our insight into future research directions and open research issues. 

Defending the cyberspace calls for troops of qualified cyber professionals (including architects, developers, managers, and various cyber operators) who possess the necessary set of knowledge and skills. Higher education institutions, especially computing related fields such as Computer Science, share the responsibility in producing the future cyber defense workforce. This paper describes our attempt in revamping a traditional CS curriculum at a teaching-oriented university in order to fulfill the Center of Academic Excellence in Cyber Defense Education (CAE-CDE) designation requirements. In details, we discuss how we overcome several resource constraints without sacrificing program quality. We also explain and illustrate the design rationale and process, which may interest other institutions with similar goals. Furthermore, we examine relevant frameworks and guidelines and show how they could be useful in our and other similar efforts. 

Cybersecurity is a rapidly developing field in which job titles and role descriptions may vary from one organization to the others. The NICE Cybersecurity Workforce Framework (NCWF) provides a common language to categorize and describe cybersecurity work for organizations to build a strong workforce. As the predominant workforce prescribed by the NCWF is technical in nature, academic efforts targeted towards these career paths are likewise technical. Though technical security education is critical, an equal amount of knowledge outside the technical domain is pivotal to understand sophisticated challenges in cybersecurity. Articulating a concise, inclusive, meaningful, and unifying approach in cyber related education fosters a balanced motivation for students from both technical and non-technical majors (interdisciplinary) to pursue a career in cybersecurity. Towards this end, we analyzed competencies, knowledge, skills and abilities of interdisciplinary roles and other roles introduced in the NCWF; we then highlighted discrepancies observed.