| 1. |
- Abbasi, Abdul Ghafoor, et al.
(författare)
-
CryptoNET : Security Management Protocols
- 2010
-
Ingår i: ADVANCES IN DATA NETWORKS, COMMUNICATIONS, COMPUTERS. - ATHENS : WORLD SCIENTIFIC AND ENGINEERING ACAD AND SOC. - 9789604742455 ; , s. 15-20
-
Konferensbidrag (refereegranskat)abstract
- In this paper we describe several network security protocols used by various components of CryptoNET architecture. The protocols are based on the concept of generic security objects and on well-established security standards and technologies. Distinctive features of our security protocols are: (1) they are complete in terms of their functionality, (2) they are easy to integrate with applications, (3) they transparently handle security credentials and protocol-specific attributes using FIPS 201 (PIV) smart cards, and (4) they are based on generic security objects. These protocols are: remote user authentication protocol, single-sign-on protocol, SAML authorization protocol, and secure sessions protocol. Security protocols use our Security Provider as a collection of cryptographic engines implemented either in software or using FIPS 201 (NV) smart cards. It also manages protocols' attributes using security applets stored in Ply smart card.
|
|
| 2. |
- Abbasi, Abdul Ghafoor, 1977-
(författare)
-
CryptoNET : Generic Security Framework for Cloud Computing Environments
- 2011
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- The area of this research is security in distributed environment such as cloud computing and network applications. Specific focus was design and implementation of high assurance network environment, comprising various secure and security-enhanced applications. “High Assurance” means that - our system is guaranteed to be secure, - it is verifiable to provide the complete set of security services, - we prove that it always functions correctly, and - we justify our claim that it can not be compromised without user neglect and/or consent. We do not know of any equivalent research results or even commercial security systems with such properties. Based on that, we claim several significant research and also development contributions to the state–of–art of computer networks security. In the last two decades there were many activities and contributions to protect data, messages and other resources in computer networks, to provide privacy of users, reliability, availability and integrity of resources, and to provide other security properties for network environments and applications. Governments, international organizations, private companies and individuals are investing a great deal of time, efforts and budgets to install and use various security products and solutions. However, in spite of all these needs, activities, on-going efforts, and all current solutions, it is general belief that the security in today networks and applications is not adequate. At the moment there are two general approaches to network application’s security. One approach is to enforce isolation of users, network resources, and applications. In this category we have solutions like firewalls, intrusion–detection systems, port scanners, spam filters, virus detection and elimination tools, etc. The goal is to protect resources and applications by isolation after their installation in the operational environment. The second approach is to apply methodology, tools and security solutions already in the process of creating network applications. This approach includes methodologies for secure software design, ready–made security modules and libraries, rules for software development process, and formal and strict testing procedures. The goal is to create secure applications even before their operational deployment. Current experience clearly shows that both approaches failed to provide an adequate level of security, where users would be guaranteed to deploy and use secure, reliable and trusted network applications. Therefore, in the current situation, it is obvious that a new approach and a new thinking towards creating strongly protected and guaranteed secure network environments and applications are needed. Therefore, in our research we have taken an approach completely different from the two mentioned above. Our first principle is to use cryptographic protection of all application resources. Based on this principle, in our system data in local files and database tables are encrypted, messages and control parameters are encrypted, and even software modules are encrypted. The principle is that if all resources of an application are always encrypted, i.e. “enveloped in a cryptographic shield”, then - its software modules are not vulnerable to malware and viruses, - its data are not vulnerable to illegal reading and theft, - all messages exchanged in a networking environment are strongly protected, and - all other resources of an application are also strongly protected. Thus, we strongly protect applications and their resources before they are installed, after they are deployed, and also all the time during their use. Furthermore, our methodology to create such systems and to apply total cryptographic protection was based on the design of security components in the form of generic security objects. First, each of those objects – data object or functional object, is itself encrypted. If an object is a data object, representing a file, database table, communication message, etc., its encryption means that its data are protected all the time. If an object is a functional object, like cryptographic mechanisms, encapsulation module, etc., this principle means that its code cannot be damaged by malware. Protected functional objects are decrypted only on the fly, before being loaded into main memory for execution. Each of our objects is complete in terms of its content (data objects) and its functionality (functional objects), each supports multiple functional alternatives, they all provide transparent handling of security credentials and management of security attributes, and they are easy to integrate with individual applications. In addition, each object is designed and implemented using well-established security standards and technologies, so the complete system, created as a combination of those objects, is itself compliant with security standards and, therefore, interoperable with exiting security systems. By applying our methodology, we first designed enabling components for our security system. They are collections of simple and composite objects that also mutually interact in order to provide various security services. The enabling components of our system are: Security Provider, Security Protocols, Generic Security Server, Security SDKs, and Secure Execution Environment. They are all mainly engine components of our security system and they provide the same set of cryptographic and network security services to all other security–enhanced applications. Furthermore, for our individual security objects and also for larger security systems, in order to prove their structural and functional correctness, we applied deductive scheme for verification and validation of security systems. We used the following principle: “if individual objects are verified and proven to be secure, if their instantiation, combination and operations are secure, and if protocols between them are secure, then the complete system, created from such objects, is also verifiably secure”. Data and attributes of each object are protected and secure, and they can only be accessed by authenticated and authorized users in a secure way. This means that structural security properties of objects, upon their installation, can be verified. In addition, each object is maintained and manipulated within our secure environment so each object is protected and secure in all its states, even after its closing state, because the original objects are encrypted and their data and states stored in a database or in files are also protected. Formal validation of our approach and our methodology is performed using Threat Model. We analyzed our generic security objects individually and identified various potential threats for their data, attributes, actions, and various states. We also evaluated behavior of each object against potential threats and established that our approach provides better protection than some alternative solutions against various threats mentioned. In addition, we applied threat model to our composite generic security objects and secure network applications and we proved that deductive approach provides better methodology for designing and developing secure network applications. We also quantitatively evaluated the performance of our generic security objects and found that the system developed using our methodology performs cryptographic functions efficiently. We have also solved some additional important aspects required for the full scope of security services for network applications and cloud environment: manipulation and management of cryptographic keys, execution of encrypted software, and even secure and controlled collaboration of our encrypted applications in cloud computing environments. During our research we have created the set of development tools and also a development methodology which can be used to create cryptographically protected applications. The same resources and tools are also used as a run–time supporting environment for execution of our secure applications. Such total cryptographic protection system for design, development and run–time of secure network applications we call CryptoNET system. CrytpoNET security system is structured in the form of components categorized in three groups: Integrated Secure Workstation, Secure Application Servers, and Security Management Infrastructure Servers. Furthermore, our enabling components provide the same set of security services to all components of the CryptoNET system. Integrated Secure Workstation is designed and implemented in the form of a collaborative secure environment for users. It protects local IT resources, messages and operations for multiple applications. It comprises four most commonly used PC applications as client components: Secure Station Manager (equivalent to Windows Explorer), Secure E-Mail Client, Secure Web Browser, and Secure Documents Manager. These four client components for their security extensions use functions and credentials of the enabling components in order to provide standard security services (authentication, confidentiality, integrity and access control) and also additional, extended security services, such as transparent handling of certificates, use of smart cards, Strong Authentication protocol, Security Assertion Markup Language (SAML) based Single-Sign-On protocol, secure sessions, and other security functions. Secure Application Servers are components of our secure network applications: Secure E-Mail Server, Secure Web Server, Secure Library Server, and Secure Software Distribution Server. These servers provide application-specific services to client components. Some of the common security services provided by Secure A
|
|
| 3. |
- Abbasi, Abdul Ghafoor, et al.
(författare)
-
Security extensions of windows environment based on FIPS 201 (PIV) smart card
- 2011
-
Ingår i: World Congr. Internet Secur., WorldCIS. - : IEEE. - 9780956426376 ; , s. 86-92
-
Konferensbidrag (refereegranskat)abstract
- This paper describes security extensions of various Windows components based on usage of FIPS 201 (PIV) smart cards. Compared to some other similar solutions, this system has two significant advantages: first, smart cards are based on FIPS 201 standard and not on some proprietary technology; second, smart card security extensions represent an integrated solution, so the same card is used for security of several Microsoft products. Furthermore, our smart card system uses FIPS 201 applet and middleware with smart card APIs, so it can also be used by other developers to extend their own applications with smart card functions in a Windows environment. We support the following security features with smart cards: start-up authentication (based on PIN and/or fingerprint), certificate-based domain authentication, strong authentication, and protection of local resources. We also integrated our middleware and smart cards with MS Outlook and MS Internet Explorer.
|
|
| 4. |
- Abbasi, Abdul Ghafoor, et al.
(författare)
-
Web contents protection, secure execution and authorized distribution
- 2010
-
Ingår i: Proceedings - 5th International Multi-Conference on Computing in the Global Information Technology, ICCGI 2010. - 9780769541815 ; , s. 157-162
-
Konferensbidrag (refereegranskat)abstract
- This paper describes the design and implementation of a comprehensive system for protection of Web contents. In this design, new security components and extended security features are introduced in order to protect Web contents ageist various Web attacks. Components and extended security features are: protection of Web pages using strong encryption techniques, encapsulation of Web contents and resources in PKCS#7, extended secure execution environment for Java Web Server, eXtensible Access Control Markup Language (XACML) based authorization policies, and secure Web proxy. Design and implementation of our system is based on the concepts of generic security objects and component-based architecture that makes it compatible with exiting Web infrastructures without any modification.
|
|
| 5. |
- Aftab, Muhammad Usman, et al.
(författare)
-
Towards A Distributed Ledger Based Verifiable Trusted Protocol for VANET
- 2021
-
Ingår i: 2021 International Conference on Digital Futures and Transformative Technologies, ICoDT2 2021. - : Institute of Electrical and Electronics Engineers Inc.. - 9781665412858
-
Konferensbidrag (refereegranskat)abstract
- To ensure traffic safety and proper operation of vehicular networks, safety messages or beacons are periodically broadcasted in Vehicular Adhoc Networks (VANETs) to neighboring nodes and road side units (RSU). Thus, authenticity and integrity of received messages along with the trust in source nodes is crucial and highly required in applications where a failure can result in life-threatening situations. Several digital signature based approaches have been described in literature to achieve the authenticity of these messages. In these schemes, scenarios having high level of vehicle density are handled by RSU where aggregated signature verification is done. However, most of these schemes are centralized and PKI based where our goal is to develop a decentralized dynamic system. Along with authenticity and integrity, trust management plays an important role in VANETs which enables ways for secure and verified communication. A number of trust management models have been proposed but it is still an ongoing matter of interest, similarly authentication which is a vital security service to have during communication is not mostly present in the literature work related to trust management systems. This paper proposes a secure and publicly verifiable communication scheme for VANET which achieves source authentication, message authentication, non repudiation, integrity and public verifiability. All of these are achieved through digital signatures, Hash Message Authentication Code (HMAC) technique and logging mechanism which is aided by blockchain technology.
|
|
| 6. |
- Altmann, Peter, et al.
(författare)
-
Creating a Traceable Product Story in Manufacturing Supply Chains Using IPFS
- 2020
-
Ingår i: 2020 IEEE 19th International Symposium on Network Computing and Applications (NCA). - Boston/New York : IEEE. ; , s. 11-18
-
Konferensbidrag (refereegranskat)abstract
- Evolving traceability requirements increasingly challenge manufacturing supply chain actors to collect tamperproof and auditable evidence about what inputs they process, in what way these inputs are used, and what the resulting process outputs are. Traceability solutions based on blockchain technology have shown ways to satisfy the requirements of creating a tamper-proof and auditable trail of traceability data. However, the existing solutions struggle to meet the increasing storage requirements necessary to create an evidence trail using manufacturing data. In this paper, we show a way to create a tamper-proof and auditable evolving product story that uses a decentralized file system called the InterPlanetary File System (IPFS). We also show how using linked data can help auditors derive a traceable product story from such an accumulating evidence trail. The solution proposed herein can supplement existing blockchain-based traceability solutions and enable traceability in global manufacturing supply chains where forming a consortium incurs prohibitive costs and where storage requirements are high.
|
|
| 7. |
- André, Alann, et al.
(författare)
-
Digital platform for managementof EoL windturbine blades : Rekovind 2 - WP2
- 2023
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- The Rekovind2 project, financed by the Swedish Energy Agency, focuses on digitizing wind turbine blade streams for reuse and recycling. This is of the utmost importance to enable new, more circular technical solutions that can replace today’s non-sustainable recycling, i.e. landfill and incineration of wind turbine blades. In this report, the work carried out to map the wind turbine blades in service in Sweden is presented. The digital platform intended to make possible the re-use of blades reaching end-of-life is build around key features that will be required for re-use: blade database with all needed informations on the blade (age, damages, material, model, ...), map with blades geolocation, digital tool to help blade processing such as cutting, and information on what can be done with EoL blades.
|
|
| 8. |
- Batra, Rakhi, et al.
(författare)
-
Evaluating Polarity Trend Amidst the Coronavirus Crisis in Peoples's Attitudes toward the Vaccination Drive
- 2021
-
Ingår i: Sustainability. - : MDPI. - 2071-1050. ; 13:10
-
Tidskriftsartikel (refereegranskat)abstract
- It has been more than a year since the coronavirus (COVID-19) engulfed the whole world, disturbing the daily routine, bringing down the economies, and killing two million people across the globe at the time of writing. The pandemic brought the world together to a joint effort to find a cure and work toward developing a vaccine. Much to the anticipation, the first batch of vaccines started rolling out by the end of 2020, and many countries began the vaccination drive early on while others still waiting in anticipation for a successful trial. Social media, meanwhile, was bombarded with all sorts of both positive and negative stories of the development and the evolving coronavirus situation. Many people were looking forward to the vaccines, while others were cautious about the side-effects and the conspiracy theories resulting in mixed emotions. This study explores users's tweets concerning the COVID-19 vaccine and the sentiments expressed on Twitter. It tries to evaluate the polarity trend and a shift since the start of the coronavirus to the vaccination drive across six countries. The findings suggest that people of neighboring countries have shown quite a similar attitude regarding the vaccination in contrast to their different reactions to the coronavirus outbreak.
|
|
| 9. |
- Ghafoor, Abdul, et al.
(författare)
-
Fate of straw- and root-derived carbon in a Swedish agricultural soil
- 2017
-
Ingår i: Biology and Fertility of Soils. - : Springer Science and Business Media LLC. - 0178-2762 .- 1432-0789. ; 53, s. 257-267
-
Tidskriftsartikel (refereegranskat)abstract
- To maximise carbon (C) storage in soils, understanding the fate of C originating from aboveground and belowground residues and their interaction with fertiliser under field conditions is critically important. The use of C-13 natural abundance provides unique opportunities to separate both C sources. We investigated the effect of 16 years of C3 straw and C4 root input, with and without nitrogen (N) addition, on SOC stocks and C distribution in soil fractions in the long-term frame trial at Ultuna, Sweden. The straw C input was fixed at 1.77 Mg ha(-1) year(-1), while the root input depended on maize plant growth, enabling studies on how N fertilisation affected (i) stabilisation of residues and (ii) plant C allocation to belowground organs. Four treatments were investigated: only maize roots (Control), maize roots with N (Control + N), maize roots and straw (Straw) and maize roots, straw and N (Straw + N). After 16 years, 5.6-8.9% of the total SOC stock in the 0-20 cm soil layer was maize-derived. In all four treatments, the relatively labile SOC fractions decreased, while the proportion of more refractory fractions increased. Based on allometric calculation of root inputs, retention of maize roots was 38, 26, 36 and 18% in the Control, Control + N, Straw and Straw + N treatments, respectively. The estimated retention coefficient of C3 straw in the Straw + N treatment was higher than that in the Straw-N treatment. We interpreted these results thus (1) roots were better stabilised in the soil than straw; (2) N fertilisation caused a shift in root to shoot ratio, with relatively more roots being present in N-deficient soil; and (3) N fertilisation caused greater stabilisation of residues, presumably due to increased microbial C use efficiency.
|
|
| 10. |
|
|
| 11. |
- Ghafoor, Abdul, et al.
(författare)
-
Measurements and modeling of pesticide persistence in soil at the catchment scale
- 2011
-
Ingår i: Science of the Total Environment. - : Elsevier BV. - 0048-9697 .- 1879-1026. ; 409, s. 1900-1908
-
Tidskriftsartikel (refereegranskat)abstract
- Degradation of pesticides in soils is both spatially variable and also one of the most sensitive factors determining losses to surface water and groundwater. To date, no general guidance is available on suitable approaches for dealing with spatial variation in pesticide degradation in catchment or regional scale modeling applications. The purpose of the study was therefore to study the influence of various soil physical, chemical and microbiological characteristics on pesticide persistence in the contrasting cultivated soils found in a small (13 km(2)) agricultural catchment in Sweden and to develop and test a simple model approach that could support catchment scale modeling. Persistence of bentazone, glyphosate and isoproturon was investigated in laboratory incubation experiments. Degradation rate constants were highly variable with coefficients of variation ranging between 42 and 64% for the three herbicides. Multiple linear regression analysis and Mallows Cp statistic were employed to select the best set of independent parameters accounting for the variation in degradation. Soil pH and the proportion of active microorganisms (r) together explained 69% of the variation in the bentazone degradation rate constant; the Freundlich sorption co-efficient (K-f) and soil laccase activity together explained 88% of the variation in degradation rate of glyphosate, while soil pH was a significant predictor (p < 0.05) for isoproturon persistence. However, correlations between many potential predictor variables made clear interpretations of the statistical analysis difficult. Multiplicative models based on two predictors chosen 'a priori', one accounting for microbial activity (e.g. microbial respiration, laccase activity or the surrogate variable soil organic carbon, SOC) and one accounting for the effects of sorption on bioavailability, showed promise to support predictions of degradation for large-scale modeling applications, explaining up to 50% of the variation in herbicide persistence. (C) 2011 Elsevier B.V. All rights reserved.
|
|
| 12. |
|
|
| 13. |
- Ghafoor, Abdul, et al.
(författare)
-
Modeling Spatial Variation in Microbial Degradation of Pesticides in Soil
- 2011
-
Ingår i: Environmental Science and Technology. - : American Chemical Society (ACS). - 0013-936X .- 1520-5851. ; 45, s. 6411-6419
-
Tidskriftsartikel (refereegranskat)abstract
- Currently, no general guidance is available on suitable approaches for dealing with spatial variation in the first-order pesticide degradation rate constant k even though it is a very sensitive parameter and often highly variable at the field, catchment, and regional scales. Supported by some mechanistic reasoning, we propose a simple general modeling approach to predict k from the sorption constant, which reflects bioavailability, and easily measurable surrogate variables for microbial biomass/activity (organic carbon and clay contents). The soil depth was also explicitly included as an additional predictor variable. This approach was tested in a meta-analysis of available literature data using bootstrapped partial least-squares regression. It explained 73% of the variation in k for the 19 pesticide-study combinations (n = 212) in the database. When 4 of the 19 pesticide-study combinations were excluded (n = 169), the approach explained 80% of the variation in the degradation rate constant. We conclude that the approach shows promise as an effective way to account for the effects of bioavailability and microbial activity on microbial pesticide degradation in large-scale model applications.
|
|
| 14. |
- Ghafoor, Abdul, et al.
(författare)
-
Modelling pesticide sorption in the surface and subsurface soils of an agricultural catchment
- 2013
-
Ingår i: Pest Management Science. - : Wiley. - 1526-498X .- 1526-4998. ; 69, s. 919-929
-
Tidskriftsartikel (refereegranskat)abstract
- CONCLUSIONInformation on clay, iron and aluminium oxides and soil pH, in addition to organic carbon, is needed for accurate prediction of pesticide leaching. The variables f(oc), f(clay) and pH are generally available, whereas measurements of oxides of Al and Fe are rarely reported. The authors therefore emphasise the need to measure and report contents of oxides of Al and Fe in soil survey databases, because small variations in their concentrations may contribute significantly to large variations in sorption, especially of ionisable pesticides. (c) 2012 Society of Chemical Industry
|
|
| 15. |
- Ghafoor, Abdul, et al.
(författare)
-
SentiUrdu-1M : A large-scale tweet dataset for Urdu text sentiment analysis using weakly supervised learning
- 2023
-
Ingår i: PLOS ONE. - : Public Library of Science (PLoS). - 1932-6203. ; 18:8
-
Tidskriftsartikel (refereegranskat)abstract
- Low-resource languages are gaining much-needed attention with the advent of deep learning models and pre-trained word embedding. Though spoken by more than 230 million people worldwide, Urdu is one such low-resource language that has recently gained popularity online and is attracting a lot of attention and support from the research community. One challenge faced by such resource-constrained languages is the scarcity of publicly available large-scale datasets for conducting any meaningful study. In this paper, we address this challenge by collecting the first-ever large-scale Urdu Tweet Dataset for sentiment analysis and emotion recognition. The dataset consists of a staggering number of 1,140,821 tweets in the Urdu language. Obviously, manual labeling of such a large number of tweets would have been tedious, error-prone, and humanly impossible; therefore, the paper also proposes a weakly supervised approach to label tweets automatically. Emoticons used within the tweets, in addition to SentiWordNet, are utilized to propose a weakly supervised labeling approach to categorize extracted tweets into positive, negative, and neutral categories. Baseline deep learning models are implemented to compute the accuracy of three labeling approaches, i.e., VADER, TextBlob, and our proposed weakly supervised approach. Unlike the weakly supervised labeling approach, the VADER and TextBlob put most tweets as neutral and show a high correlation between the two. This is largely attributed to the fact that these models do not consider emoticons for assigning polarity.
|
|
| 16. |
- Ghafoor, Abdul, et al.
(författare)
-
Soil properties and susceptibility to preferential solute transport in tilled topsoil at the catchment scale
- 2013
-
Ingår i: Journal of Hydrology. - : Elsevier BV. - 0022-1694 .- 1879-2707. ; 492, s. 190-199
-
Tidskriftsartikel (refereegranskat)abstract
- Preferential water flow and solute transport can have dramatic effects on the leaching of contaminants to groundwater and surface waters (via subsurface drainage) and is therefore of major concern to policy and decision-makers in the realm of water resources management. Unfortunately, we cannot measure these processes at the landscape scales that are relevant for management (farms, catchments, regions), which implies that an approach based on pedotransfer functions is needed to support model predictions. However, the extent to which susceptibility to preferential solute transport can be predicted from proxy site and soil attributes that can be observed and mapped at the landscape scale is still largely unknown. We therefore carried out non-reactive solute breakthrough experiments on 45 topsoil columns sampled from the contrasting soil types found in a 13 km(2) agricultural catchment in Sweden. Non-parametric indicators of preferential solute transport were derived from the shapes of the solute breakthrough curves and related to soil physical and hydraulic properties measured in the same columns. The results showed that preferential transport was weakly (and negatively) correlated with the saturated macropore hydraulic conductivity. In contrast, it was much more strongly controlled by the size of the largest water-filled pore, which in turn was significantly correlated to the saturated hydraulic conductivity of the soil matrix and soil textural classes. Preferential transport was also weakly expressed in three fine-textured soils of large organic carbon content. We conclude that the spatial pattern of preferential transport across the studied catchment should show a clear deterministic component since it depended on soil properties (e.g. clay content) that are expressed relatively uniformly across larger areas of land. (C) 2013 Elsevier B.V. All rights reserved.
|
|
| 17. |
- Ghafoor, Abdul, et al.
(författare)
-
The Impact of Translating Resource-Rich Datasets to Low-Resource Languages Through Multi-Lingual Text Processing
- 2021
-
Ingår i: IEEE Access. - : IEEE. - 2169-3536. ; 9, s. 124478-124490
-
Tidskriftsartikel (refereegranskat)abstract
- Urdu is still considered a low-resource language despite being ranked as world’s 10th most spoken language with nearly 230 million speakers. The scarcity of benchmark datasets in low-resource languages has led researchers to utilize more ingenious techniques to curb the issue. One such option widely adopted is to use language translation services to replicate existing datasets from resource-rich languages such as English to low-resource languages, such as Urdu. For most natural language processing tasks, including polarity assessment, words translated via Google translator from one language to another often change the meaning. It results in a polarity shift causing the system’s performance degradation, particularly for sentiment classification and emotion detection tasks. This study evaluates the effect of translation on the sentiment classification task from a resource-rich language to a low-resource language. It identifies and enlists words causing polarity shift into five distinct categories. It further finds the correlation between the language with similar roots. Our study shows 2-3 percentage points performance degradation in sentiment classification due to polarity shift as a result of translation from resource-rich languages to low-resource languages.
|
|
| 18. |
- Ghafoor, Abdul, et al.
(författare)
-
Towards trusted security context exchange protocol for sdn based low latency networks
- 2019
-
Ingår i: International Conference on Computer Safety, Reliability, and Security SAFECOMP 2019: Computer Safety, Reliability, and Security. - Cham : Springer Verlag. - 9783030266004 ; , s. 286-298
-
Konferensbidrag (refereegranskat)abstract
- To overcome the latency issue in real-time communication, a number of research based solutions and architectures are being proposed. In all these, security is not considered an important factor since it causes extra delay in the communication and introduces overhead. Therefore, a design decision is needed to assess tradeoff between efficiency and security mechanisms. In this respect, we designed a security approach in Software Defined Networks (SDN) based Vehicular Autonomous Ad hoc Network (VANET) where low latency and security are essential elements. VNAET provides a system of systems approach where various hybrid solutions are integrated and installed on number of network nodes managed by SDN. In such networks, our novel approach exchanges security context in a synchronized manner to serve as a baseline for network nodes to dynamically adopt security features as per security requirements of these nodes. Hence, various security contexts are designed and categorized based on the nature of information exchange between nodes, mainly, to offer authentication, secure and trustworthy communication services. These well-designed security contexts enable devices of different capabilities to securely communicate by using predefined security parameters and cryptographic functions. This eliminates the need to negotiate any secure communication parameters and hence results in less communication overhead. In addition, our approach is integrated with verifiable identities (Veidblock) concept which addresses privacy issues through anonymity. These security contexts are verified by using scyther by demonstrating that the trustworthiness is achieved by countering non-repudiation, impersonation, tampering, eavesdropping and replay attacks.
|
|
| 19. |
- Ghafoor, Abdul
(författare)
-
Understanding the causes of spatial variation in pesticide sorption and degradation at the catchment scale
- 2013
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Intensive agricultural practices and use of pesticides, essential to achieve high crop yields, present particular risks to soil and water resources which sustain life. Degradation and sorption of pesticides in soils are both spatially variable and also among the most sensitive factors determining losses to surface water and groundwater. Currently, no general guidance is available on suitable approaches for dealing with spatial variation in pesticide degradation and sorption in catchment or regional scale modelling applications. This thesis investigated sorption and degradation of three pesticides (bentazone, isoproturon, and glyphosate) in the cultivated soils of an agricultural catchment in Sweden with the aim to develop and test simple model approaches that could support large-scale modelling. In the case of sorption, an extended partitioning model improved upon the koc concept for all three compounds studied: inorganic sorbents dominated sorption in sub-surface soils and their effects were only masked by organic matter in surface soils with organic carbon contents larger than ca.2%. Interactions between organic and inorganic sorbents affected glyphosate sorption, but apparently not that of bentazone or isoproturon. It was concluded that information on clay, fclay, iron and aluminum oxides and soil pH, in addition to organic carbon, foc, is needed to accurately predict pesticide sorption. The variables foc, fclay and pH are generally available, whereas measurements of oxides of Al and Fe are rarely reported. The degradation rate constant (k) was highly variable with coefficients of variation ranging between 42 and 64% for the three herbicides. This variability could be attributed to variations in microbial biomass and pesticide bioavailability. A simple modelling approach to predict k from the sorption constant, which reflects bioavailability, and easily measurable surrogate variables for microbial biomass/activity (organic carbon and clay contents) was successfully tested in a meta-analysis of available literature data using bootstrapped partial least squares regression (PLSR). In conclusion, this approach shows promise as an effective way to account for the effects of bioavailability and microbial activity on microbial pesticide degradation in large-scale model applications.
|
|
| 20. |
- Lindgren, Anders, 1978-, et al.
(författare)
-
Trusted Platform for Disruptive Vehicular Ad Hoc Networks using Distributed Ledger Technology
- 2023
-
Ingår i: Proceedings - IEEE Consumer Communications and Networking Conference, CCNC. - : Institute of Electrical and Electronics Engineers Inc.. - 9781665497343 ; , s. 1129-1134
-
Konferensbidrag (refereegranskat)abstract
- Traffic safety applications and other communication systems for vehicles together with data collection sensors have the potential to improve road safety. For this to be viable however, it is important that the data collection and communication can be trusted so that erroneous or malicious data does not impact the use cases of the applications. This paper studies current and upcoming solutions to such problems and how they can be modified and applied to meet both technical requirements as well as the needs of relevant stakeholders. The paper defines the TruVeLedger framework using technology from the fields of distributed ledgers and vehicular ad hoc networks (VANETs) to create a trusted platform. The paper considers the viability of different approaches to such a platform as well as defining a verifiable trusted communication protocol for vehicular networks.
|
|
| 21. |
- Marsico, Antonio, et al.
(författare)
-
An interactive intent-based negotiation scheme for application-centric networks
- 2017
-
Ingår i: 2017 IEEE Conference on Network Softwarization. - 9781509060085
-
Konferensbidrag (refereegranskat)abstract
- The demonstration presents the first implementation of a resource negotiation scheme between users and a network for the provisioning of application-aware connectivity services. This active interaction enables the users, who request connectivity services with multiple application requirements, to select an alternative solution when the network does not have enough resources to satisfy the original requests.
|
|
| 22. |
- Marsico, Antonio, et al.
(författare)
-
Enriching intent-based SDN to ease customer service management in transport networks
- 2018
-
Ingår i: <em></em> Find other works by these authors Advanced Photonics 2018 (BGPP, IPR, NP, NOMA, Sensors, Networks, SPPCom, SOF) OSA Technical Digest (online) (Optical Society of America, 2018), paper NeW2F.2. - 9781557528209
-
Konferensbidrag (refereegranskat)abstract
- Intent-based Software-Defined Networking can automate mapping of customer services to transport services. We demonstrate this using a multi-layer orchestrator that provisions a complex customer service over an IP/Optical testbed.
|
|
| 23. |
- Matias, Jon, et al.
(författare)
-
FlowSNAC : Improving FlowNAC with secure scaling and resiliency
- 2016
-
Ingår i: 2016 Fifth European Workshop on Software-Defined Networks (EWSDN). - 9781509061464 ; , s. 59-61
-
Konferensbidrag (refereegranskat)abstract
- Life-cycle management of stateful VNF services is a complicated task, especially when automated resiliency and scaling should be handled in a secure manner, without service degradation. We present FlowSNAC, a resilient and scalable VNF service for user authentication and service deployment. FlowSNAC consists of both stateful and stateless components, some of that are SDN-based and others that are NFVs. We describe how it adapts to changing conditions by automatically updating resource allocations through a series of intermediate steps of traffic steering, resource allocation, and secure state transfer. We conclude by highlighting some of the lessons learned during implementation, and their wider consequences for the architecture of SDN/NFV management and orchestration systems.
|
|
| 24. |
- Pervez, Zeeshan, et al.
(författare)
-
SIGNED : Smart cIty diGital twiN vErifiable Data Framework
- 2023
-
Ingår i: IEEE Access. - : Institute of Electrical and Electronics Engineers Inc.. - 2169-3536. ; 11, s. 29430-29446
-
Tidskriftsartikel (refereegranskat)abstract
- Smart city digital twins can provide useful insights by making effective use of multidisciplinary urban data from diverse sources. Whilst these insights provide new information that helps cities in decision making, verifying the authenticity, integrity, traceability and data ownership across various functional units have become critical characteristics to ensure the data is from an authentic and trustworthy source. However, these characteristics are rarely considered in a digital twin ecosystem. In this research we introduce a novel framework, namely, 'SIGNED: Smart cIty diGital twiN vErifiable Data framework' that is designed on the basis of data ownership, selective disclosure and verifiability principles. Using Verifiable Credentials, SIGNED ensures digital twin data are verifiably authentic i.e., it covers provenance, transparency, and reliability through verifiable presentation. A proof of concept is designed and evaluated based on a smart water management use case to demonstrate the effectiveness of SIGNED in securing verifiable exchange of digital twin data across multiple functional units. The proof-of-concept demonstrates that SIGNED successfully allows the exchange of data in a trusted and verifiable manner at negligible performance cost, thus enhancing security and alleviating privacy issues when sharing data between various functional units in a smart city.
|
|
| 25. |
- Sköldström, Pontus, et al.
(författare)
-
DISMI - An intent interface for application-centric transport network services
- 2017
-
Ingår i: International Conference on Transparent Optical Networks. - 9781538608586
-
Konferensbidrag (refereegranskat)abstract
- Application-centric networking is a novel approach to construct transport networks that allows application-specific requirements to be taken into account through the entire service provisioning process: the service offered to each application is differentiated at each layer of the transport network, from IP to optical. This approach replaces the grooming of traffic with different requirements into a shared path in the transport layer, and allows for a finer control and utilization of network resources by network operators. To make this concept viable, an interface for requesting a connectivity service by applications requires an abstraction with respect to the various underlying network technologies. Interfaces based on the concept of Intents provide such an abstraction: applications can describe what they need from the network (their requirements) rather than how to achieve them. This paper describes the design and implementation of the solution we propose: DISMI, the Intent-based North-Bound Interface of a network controller.
|
|
