Energy efficient secure and privacy preserving data aggregation in Wireless Sensor Networks / Energy efficient secure and privacy preserving data aggregation in Wireless Sensor Networks

Memon, Irfana

12 November 2013

Les réseaux de capteurs sans fils sont composés de noeuds capteurs capables de mesurer certains paramètres de l’environnement, traiter l’information recueillie, et communiquer par radio sans aucune autre infrastructure. La communication avec les autres noeuds consomme le plus d’énergie. Les protocoles de collecte des données des réseaux de capteurs sans fils doit donc avoir comme premier objectif de minimiser les communications. Une technique souvent utilisée pour ce faire est l’agrégation des données. Les réseaux de capteurs sans fils sont souvent déployés dans des environnements ouverts, et sont donc vulnérables aux attaques de sécurité. Cette thèse est une contribution à la conception de protocoles sécurisés pour réseaux de capteurs sans fils. Nous faisons une classification des principaux protocoles d’agrégation de données ayant des propriétés de sécurité. Nous proposons un nouveau protocole d’agrégation (ESPPA). ESPPA est basé sur la construction d’un arbre recouvrant sûr et utilise une technique de brouillage pour assurer la confidentialité et le respect de la vie privée. Notre algorithme de construction (et re-construction) de l’arbre recouvrant sûr tient compte des éventuelles pannes des noeuds capteurs. Les résultats de nos simulations montrent que ESPPA assure la sécurité en terme de confidentialité et de respect de la vie privée, et génère moins de communications que SMART. Finalement, nous proposons une extension du schéma de construction de l’arbre recouvrant sûr qui identifie les noeuds redondants en terme de couverture de captage et les met en veille. Les résultats de nos simulations montrent l’efficacité de l’extension proposée. / WSNs are formed by sensor nodes that have the ability to sense the environment, process the sensed information, and communicate via radio without any additional prior backbone infrastructure. In WSNs, communication with other nodes is the most energy consuming task. Hence, the primary objective in designing protocols for WSNs is to minimize communication overhead. This is often achieved using in-network data aggregation. As WSNs are often deployed in open environments, they are vulnerable to security attacks. This thesis contributes toward the design of energy efficient secure and privacy preserving data aggregation protocol for WSNs. First, we classify the main existing secure and privacy-preserving data aggregation protocols for WSNs in the literature. We then propose an energy-efficient secure and privacy-preserving data aggregation (ESPPA) scheme for WSNs. ESPPA scheme is tree-based and achieves confidentiality and privacy based on shuffling technique. We propose a secure tree construction (ST) and tree-reconstruction scheme. Simulation results show that ESPPA scheme effectively preserve privacy, confidentiality, and has less communication overhead than SMART. Finally we propose an extension of ST scheme, called secure coverage tree (SCT) construction scheme. SCT applies sleep scheduling. Through simulations, we show the efficacy and efficiency of the SCT scheme. Beside the work on secure and privacy preserving data aggregation, during my research period, we have also worked on another interesting topic (i.e., composite event detection for WSNs). Appendix B presents a complementary work on composite event detection for WSNs.

Réseaux de capteurs sans fil

Agrégation de données

Consommation d’énergie

Wireless sensor networks

Aggregation tree construction

Data-aggregation

Energy efficiency

004

Controle de cargas conteinerizadas utilizando elementos da cadeia logística segura e do programa brasileiro de Operador Econômico Autorizado (OEA). / Control of containerized cargo using elements of the secure supply chain and the brazilian Authorized Economic Operator program (AEO)

Lima, Alexsandro Soares de

13 May 2015

O presente trabalho propõe um processo para auxiliar a tarefa de implantação de controles de Cadeia Logística Segura para a importação e exportação de cargas conteinerizadas, transportadas pelo modal rodoviário. Está em consonância com a legislação brasileira atual, no que se refere à Receita Federal do Brasil e demais Órgãos Anuentes. Além disso, inclui, também, as novas diretrizes do Programa Brasileiro de Operador Econômico Autorizado que teve seu início na primeira quinzena de Dezembro de 2014, bem como os aspectos principais do quadro SAFE, da Organização Mundial das Aduanas (OMA) e do programa americano Customs-Trade Partnership Against Terrorism (C-TPAT). O processo proposto no trabalho contempla a instrumentação dos controles e seus principais pontos de integração de dados, estágio em que grande parte dos operadores econômicos atuais se encontra. A proposta justifica-se pela complexidade dos processos de cadeias logísticas, sua importância para o comércio exterior e, portanto, para a economia do país, que exigem um aperfeiçoamento constante para atender à competitividade crescente dos mercados, controlar e gerenciar riscos e incertezas dos tempos da globalização. A metodologia do trabalho de pesquisa constou de estudos sobre o significado de cadeia logística segura, legislações e normatizações existentes, principais tecnologias utilizadas no Brasil e no mundo e suas estratégias de integração de sistemas, com enfoque em alguns projetos de gestão já existentes no país. O porto de Santos foi tomado como campo principal de pesquisa. O trabalho evidenciou a importância da presença de três características fundamentais em um processo de cadeia logística segura: ser instrumentado, integrado e inteligente. Considera-se que, a partir do processo proposto, será possível aumentar o grau de inteligência de uma cadeia logística, de forma a gerenciar e mitigar os potenciais riscos de forma mais racional. / This assay proposes a process to assist the task of implantation of controls of Secure Supply Chain to importation and exportation of containerized cargo, transported by road. It is pursuant to the current Brazilian laws, as it concerns Receita Federal do Brasil and other consenting authorities. In addition, it also includes the new guidelines of the Brazilian Authorized Economic Operator Program, which began on the first fortnight of December 2014, as well as the main aspects of the SAFE Framework, from the World Customs Organization (WCO) and the C-TPAT program (Customs-Trade Partnership Against Terrorism). The proposal is justified by the complexity of the supply chain processes, their importance to the foreign trade and therefore, to the countrys economy, which require constant improvement in order to meet the growing competitiveness within markets and to control and manage risks and uncertainties of globalization times. The methodology of this assay consists of studies on the meaning of secure supply chain, existing laws and standards, main technologies used in Brazil and throughout the world and their strategies of system integration, focusing on some management projects already existing in the country. The Port of Santos was taken as main research field. This assay provides evidence of the importance of three fundamental characteristics in a secure supply chain process: to be instrumented, integrated and intelligent. The proposed methodology contemplates instrumentation of the processes and their key points of integration, a stage in which great part of the existing economic operators can be found currently. From this point on, it will be possible to increase its degree of intelligence in such a way as to manage and mitigate risks more rationally.

Authorized Economic Operator

Cadeia logística segura

Comércio exterior

Container

Container scanner.

Contêiner

Escaner de contêiner.

Foreign Trade

OCR

OCR

Operador econômico autorizado

Port

Porto

RFID

RFID

Secure supply chain.

Transporte de carga

Power and Electro-Magnetic Side-Channel Attacks : threats and countermeasures / Attaques par Canaux Auxiliaires en Consommation et Electro-Magnétique : menaces et contremesures

Lomne, Victor

07 July 2010

En cryptographie classique, un algorithme de chiffrement est considéré comme une boîte noire, et un attaquant n'a accès qu'aux textes clairs et chiffrés. Mais un circuit cryptographique émet aussi des informations sensibles lors d'une opération cryptographique, comme sa consommation de courant ou ses émissions électro-magnétiques. Par conséquent, différentes techniques, appelées attaques par canaux auxiliaires, permettent d'exploiter ces fuites d'informations physiques pour casser des algorithmes cryptographiques avec une complexité très faible en comparaison avec les méthodes de la cryptanalyse classique. Dans ce travail, les attaques par canaux auxiliaires basées sur la consommation de courant ou les émissions électro-magnétiques sont d'abord étudiées d'un point de vue algorithmique, et différentes améliorations sont proposées. Ensuite, une attention particulière est consacrée à l'exploitation du canal auxiliaire électro-magnétique, et un flot de simulation des radiations magnétiques des circuits intégrés est proposé et validé sur deux microcontrôleurs. Finalement, certaines contremesures permettant de protéger les algorithmes de chiffrement contre ces menaces, basées sur des styles de logique équilibrées, sont présentées et évaluées. / In cryptography, a cipher is considered as a black-box, and an attacker has only access to plaintexts and ciphertexts. But a real world cryptographic device leaks additionnal sensitive informations during a cryptographic operation, such as power consumption or electro-magnetic radiations. As a result, several techniques, called Side-Channel Attacks, allow exploiting these physical leakages to break ciphers with a very low complexity in comparison with methods of classical cryptanalysis. In this work, power and electro-magnetic Side-Channel Attacks are firstly studied from an algorithmic point-of-view, and some improvements are proposed. Then, a particular attention is given on the exploitation of the electro-magnetic side-channel, and a simulation flow predicting magnetic radiations of ICs is proposed and validated on two microcontrollers. Finally, some countermeasures allowing to protect ciphers against these threats, based on balanced logic styles, are presented and evaluated.

Attaques par canaux auxiliaires

Analyse differentielle de courant

Logique triple rail sécurisée

Sttl

Side-Channel Attacks

Differential Power Analysis

Differential Electro-Magnetic Analysis

Secure Triple Track Logic

Sttl

Garantia fiduciária de direitos de crédito na recuperação judicial do fiduciante

Ferreira, Bruno Valladão Guimarães

03 February 2016

Made available in DSpace on 2016-04-26T20:24:08Z (GMT). No. of bitstreams: 1 Bruno Valladao Guimaraes Ferreira.pdf: 1578157 bytes, checksum: 9f0c2395454f5a2caebd72dc0fd1c3bc (MD5) Previous issue date: 2016-02-03 / Conselho Nacional de Desenvolvimento Científico e Tecnológico / This research is the based on the effectiveness of the private law and the civil freedom, which does not exist if there does not exist economic freedom. In fact, this work considers the idea of the judicial protection to the private investment as it is dedicated to the legal treatment of the credits, which has fiduciary guarantees, before the judicial restructuring proceeding of the debtor, considering that credit comes from saving, and saving is investment. The work presents issues which has been definitely decided by some courts, but which has not by some other courts. In addition, it brings other matters about which the doctrine and the courts has not issued much opinions and decisions yet. In addition, it presents the reason why the interest increases due the Brazilian insolvency law, bringing the opinion of some bank´s credit area heads. Finally, it concludes arguing that there is still legal insecurity from that legal treatment of those guarantees, which makes the interest higher, due to the increasing of part of the bank interest spread related to the cost of defaults / A linha de pesquisa deste trabalho é a efetividade do direito privado e liberdades civis, que não existem se não houver liberdade econômica. Com efeito, este trabalho tem em vista a proteção jurídica ao investimento privado, ao dedicar-se ao tratamento, na recuperação judicial, aos créditos garantidos pela propriedade fiduciária sobre direitos de crédito lembrando que o crédito advém da poupança e poupança é investimento. O trabalho apresenta temas pacificados em alguns tribunais, mas, aberto em outros; bem como hipóteses sobre as quais há escassa doutrina e jurisprudência. Além disso, expõe os fundamentos pelos quais os juros aos tomadores aumentam em decorrência da regulação em comento, com destaque para opinião dos próprios banqueiros sobre o tema. Por fim, conclui no sentido de que ainda há insegurança jurídica a respeito do tratamento, na recuperação judicial, àqueles créditos, insegurança essa que tem por consequência o aumento dos juros ao tomador, que, por sua vez, decorre da parcela do spread bancário correspondente ao custo com inadimplência

Efetividade

Direito privado

Liberdade civil

Garantia fiduciária

Crédito

Recuperação judicial

Juro

Segurança jurídica

Effectiveness

Private law

Civil freedom

Legal protection

Private investment

Secure

Fiduciary

Credit

Judicial restructuring

Interest

Legal security

Elektronické platební systémy / Electronic payment systems

Saparov, Pavel

January 2011

The goal of the thesis is to analyze chosen electronic payment systems. The thesis is divided into two parts -- theoretical and practical. Theoretical part is dedicated to cover types of electronic payment system. Also is devoted to the issues of certain legal aspects that are common to all payment systems; defines the necessary concepts and business entities commonly encountered in the payment processing environment. Practical part focuses on the evaluation of usability, safety and usefulness for merchants mainly working with credit cards and particularly with alternative payment system like PayPal, iDEAL, Sofortbanking and Webmoney. Consider the advantages and disadvantages of certain payment systems. Describes the practical applicability of PCI DSS and 3-D Secure protocol.

Controle de cargas conteinerizadas utilizando elementos da cadeia logística segura e do programa brasileiro de Operador Econômico Autorizado (OEA). / Control of containerized cargo using elements of the secure supply chain and the brazilian Authorized Economic Operator program (AEO)

Alexsandro Soares de Lima

13 May 2015

O presente trabalho propõe um processo para auxiliar a tarefa de implantação de controles de Cadeia Logística Segura para a importação e exportação de cargas conteinerizadas, transportadas pelo modal rodoviário. Está em consonância com a legislação brasileira atual, no que se refere à Receita Federal do Brasil e demais Órgãos Anuentes. Além disso, inclui, também, as novas diretrizes do Programa Brasileiro de Operador Econômico Autorizado que teve seu início na primeira quinzena de Dezembro de 2014, bem como os aspectos principais do quadro SAFE, da Organização Mundial das Aduanas (OMA) e do programa americano Customs-Trade Partnership Against Terrorism (C-TPAT). O processo proposto no trabalho contempla a instrumentação dos controles e seus principais pontos de integração de dados, estágio em que grande parte dos operadores econômicos atuais se encontra. A proposta justifica-se pela complexidade dos processos de cadeias logísticas, sua importância para o comércio exterior e, portanto, para a economia do país, que exigem um aperfeiçoamento constante para atender à competitividade crescente dos mercados, controlar e gerenciar riscos e incertezas dos tempos da globalização. A metodologia do trabalho de pesquisa constou de estudos sobre o significado de cadeia logística segura, legislações e normatizações existentes, principais tecnologias utilizadas no Brasil e no mundo e suas estratégias de integração de sistemas, com enfoque em alguns projetos de gestão já existentes no país. O porto de Santos foi tomado como campo principal de pesquisa. O trabalho evidenciou a importância da presença de três características fundamentais em um processo de cadeia logística segura: ser instrumentado, integrado e inteligente. Considera-se que, a partir do processo proposto, será possível aumentar o grau de inteligência de uma cadeia logística, de forma a gerenciar e mitigar os potenciais riscos de forma mais racional. / This assay proposes a process to assist the task of implantation of controls of Secure Supply Chain to importation and exportation of containerized cargo, transported by road. It is pursuant to the current Brazilian laws, as it concerns Receita Federal do Brasil and other consenting authorities. In addition, it also includes the new guidelines of the Brazilian Authorized Economic Operator Program, which began on the first fortnight of December 2014, as well as the main aspects of the SAFE Framework, from the World Customs Organization (WCO) and the C-TPAT program (Customs-Trade Partnership Against Terrorism). The proposal is justified by the complexity of the supply chain processes, their importance to the foreign trade and therefore, to the countrys economy, which require constant improvement in order to meet the growing competitiveness within markets and to control and manage risks and uncertainties of globalization times. The methodology of this assay consists of studies on the meaning of secure supply chain, existing laws and standards, main technologies used in Brazil and throughout the world and their strategies of system integration, focusing on some management projects already existing in the country. The Port of Santos was taken as main research field. This assay provides evidence of the importance of three fundamental characteristics in a secure supply chain process: to be instrumented, integrated and intelligent. The proposed methodology contemplates instrumentation of the processes and their key points of integration, a stage in which great part of the existing economic operators can be found currently. From this point on, it will be possible to increase its degree of intelligence in such a way as to manage and mitigate risks more rationally.

Cadeia logística segura

Comércio exterior

Contêiner

Escaner de contêiner.

OCR

Operador econômico autorizado

Porto

RFID

Transporte de carga

Authorized Economic Operator

Container

Container scanner.

Foreign Trade

OCR

Port

RFID

Secure supply chain.

安全多方計算協定描述語言之設計與實作 / A Protocol Description Language for Secure Multi-Party Computation

黃文楷, Huang, Wen Kai

Unknown Date

安全多方計算的研究主要是針對在分散環境下的兩造(或多方)之間，如何在不透露彼此私有的資料的情況下，計算一個約定函數的問題，並要確保除了計算結果及其可能推導出的資訊，不會洩漏額外的私有資料。依此設計出來的函數算法，稱為安全的多方計算協定(protocol)。 過去兩年本實驗室根據一套基於向量內積運算(scalar product)發展出的安全多方計算方法，設計了一個雛型的分散式系統框架，開發了一套符合其安全要求的常用算數運算函數庫。 但目前個別的應用問題在此系統上發展安全協定的程式時，使用者必須相當熟悉其架構與程式庫細節，才能開發所需程式，造成推廣上的障礙。有鑑於此，本論文採用領域專屬語言(domain-specific language)的方法與技術，針對一般安全多方協定程式的特徵來進行歸納與分析，找出協助其表達計算步驟的適當抽象機制，並在設計上訂定了以下目標： 1. 設計一高階語言用以描述多方安全計算，以提供使用者撰寫安全多方計算程式。 2. 檢查並確保使用者撰寫的程式不會有資訊洩漏。 3. 多方安全運算執行上能保持一定的效率。 4. 建立多方安全計算的運算流程，讓PDL與現有的運作環境配合，達到各伺服器合作運行多方安全計算的目的。 朝向這四個目標發展出一套協定描述語言與其編譯器。以便與SMC-Protocol以及其環境合作，協助領域專家以更簡便的方式來設計與實驗更多的安全多方協定。我們稱此語言為多方安全計算協定描述語言(Protocol Description Language, PDL)。 / Protocols for secure multi-party computation (SMC) allow participants to share a computation while each party learns only what can be inferred from their own inputs and the output of the computation. In the past two years, we developed an SMC implementation framework for both integers and floating numbers which comprises a set of arithmetic operations that manipulate secret values among involved parties using the scalar product protocol as the basis. Such a library of arithmetic operations is call building blocks. But using this library is not easy. To solve individual SMC problem, programmer should knowing the given framework and protocol detail very well. This difficulty makes them won't consider this framework while facing the need of SMC. To ease the writing of more complex user-defined protocols, using the technique of domain-specific language, this thesis analysis the general needs of SMC, develop a domain-specific language of SMC, and implement a compiler that coverts this language to SMC code, which is executable code composed of the protocols of given framework. We called this language Protocol Description Language, PDL.

安全多方計算

隱私保護

領域專屬語言

靜態分析

Secure multi-party computation

privacy protection

domain-specific language

static analysis

Fault Tolerant Cryptographic Primitives for Space Applications

Juliato, Marcio

January 2011

Spacecrafts are extensively used by public and private sectors to support a variety of services. Considering the cost and the strategic importance of these spacecrafts, there has been an increasing demand to utilize strong cryptographic primitives to assure their security. Moreover, it is of utmost importance to consider fault tolerance in their designs due to the harsh environment found in space, while keeping low area and power consumption. The problem of recovering spacecrafts from failures or attacks, and bringing them back to an operational and safe state is crucial for reliability. Despite the recent interest in incorporating on-board security, there is limited research in this area. This research proposes a trusted hardware module approach for recovering the spacecrafts subsystems and their cryptographic capabilities after an attack or a major failure has happened. The proposed fault tolerant trusted modules are capable of performing platform restoration as well as recovering the cryptographic capabilities of the spacecraft. This research also proposes efficient fault tolerant architectures for the secure hash (SHA-2) and message authentication code (HMAC) algorithms. The proposed architectures are the first in the literature to detect and correct errors by using Hamming codes to protect the main registers. Furthermore, a quantitative analysis of the probability of failure of the proposed fault tolerance mechanisms is introduced. Based upon an extensive set of experimental results along with probability of failure analysis, it was possible to show that the proposed fault tolerant scheme based on information redundancy leads to a better implementation and provides better SEU resistance than the traditional Triple Modular Redundancy (TMR). The fault tolerant cryptographic primitives introduced in this research are of crucial importance for the implementation of on-board security in spacecrafts.

Security

Cryptography

Fault Tolerance

Trusted Platform

Space Systems

Hash Functions

Secure Hash Algorithm

SHA-2

Keyed-Hash Message Authentication Code

HMAC

Hardware Implementation

FPGA

Application Specific Processor

Custom Instruction

HW/SW Partitioning

Electrical and Computer Engineering

Algorithms For Efficient Implementation Of Secure Group Communication Systems

Rahul, S

11 1900

A distributed application may be considered as a set of nodes which are spread across the network, and need to communicate with each other. The design and implementation of these distributed applications is greatly simplified using Group Communication Systems (GCSs) which provide multipoint to multipoint communication. Hence, GCSs can be used as building blocks for implementing distributed applications. The GCS is responsible for reliable delivery of group messages and management of group membership. The peer-to-peer model and the client-server model are the two models of distributed systems for implementing GCSs. In this thesis, our focus is on improving the capability of GCS based on the client-server model. Security is an important requirement of many distributed applications. For such applications, security has to be provided m the GCS itself. The security of a GCS includes confidentiality, authentication and non-repudiation of messages, and ensuring that the GCS is properly meeting its guarantees. The complexity and cost of implementation of the above three types of security guarantees greatly depend on whether the GCS servers are trusted by the group members or not. Making use of the GCS services provided by untrusted GCS servers becomes necessary when the GCS servers are managed by a third party. In this thesis, we have proposed algorithms for ensuring the above three security guarantees for GCSs in which servers are not trusted. As part of the solution, we have proposed a new digital multisignature scheme which allows group members to verify that a message has indeed been signed by all group members. The various group key management algorithms proposed in literature differ from each other with respect to the following four metrics: communication overhead, computational overhead, storage at each member and distribution of load among group members. We identify the need for a distributed group key management algorithm which minimizes the computational overhead on group members and propose an algorithm to achieve it.

Electrical Communication Engineering

Computer Communication Protocol

Computer Communication - Security

Safe Delivery Rule

Group Communication Systems

Electrical Communications

Secure degrees of freedom on widely linear instantaneous relay-assisted interference channel

Ho, Zuleita K.-M., Jorswieck, Eduard

22 November 2013

The number of secure data streams a relay-assisted interference channel can support has been an intriguing problem. The problem is not solved even for a fundamental scenario with a single antenna at each transmitter, receiver and relay. In this paper, we study the achievable secure degrees of freedom of instantaneous relay-assisted interference channels with real and complex coefficients. The study of secure degrees of freedom with complex coefficients is not a trivial multiuser extension of the scenarios with real channel coefficients as in the case for the degrees of freedom, due to secrecy constraints. We tackle this challenge by jointly designing the improper transmit signals and widely-linear relay processing strategies.

Relaiskanal

Interferenz-Neutralisierung

Sonderforschungsbereich 912

Hochadaptive Energieeffiziente Systeme

Instantaneous relay channel

widely linear

secure degrees of freedom

interference neutralization

information leakage neutralization

real interference alignment

Collaborative Research Centre 912

ddc:621.3

rvk:ZN 6090

rvk:ZN 6420