Mobile Sensor Gateway

Forsberg, Linus, Falkenström, Maximilian

January 2019

Den här uppsatsen beskriver processen av att skapa en plattformsoberoende mobilapplikation för att koppla upp mobila enheter mot trådlösa sensorer med hjälp av Bluetooth Low Energy, samla in data från uppkopplade sensorer och ladda upp den insamlade datan till en molnlagringstjänst. Allt eftersom konsumenter och forskare använder fler sensorer och andra Bluetooth-enheter, [1] ökar behovet av simplare och standardiserade lösningar för att arbeta med dessa. En litteraturstudie har genomförts där information om närliggande forskning insamlats och viktig information om de nödvändiga mjukvarukomponenter som krävs har utvärderats. I kombination med litteraturstudien har en IT-artefakt utvecklats i form av en mobilapplikation som har testats utefter insamlade krav för att säkerställa applikationens funktionalitet. Syftet med det här arbetet är att tydliggöra och konkretisera en mjukvaruutvecklingsprocess som kan användas för att skapa en mobilapplikation av det här slaget, samt vilka potentiella svårigheter som finns i dagsläget med att utforma den här typen av applikationer. Resultaten visar att en del tillverkare inte följer standarden för Bluetooth-kommunikation, detta gör det svårt att skriva generaliserade metoder för att hämta data från sensorer av alla typer och från samtliga tillverkare. / This thesis describes the process of creating a platform-independent mobile application for connecting mobile devices to wireless sensors using Bluetooth Low Energy, collecting data from connected sensors and uploading the collected data to a cloud storage service. As consumers and researchers use more sensors and other Bluetooth-devices, [1] one could argue that there is a need for simpler and standardised solutions to working with these. A literature study has been conducted where information on related research has been collected and important information about the necessary software components has been evaluated. In combination with the literature study, an IT artefact has been developed in the form of a mobile application that has been tested according to collected requirements to ensure the application's functionality. The purpose of this work is to contribute with a clear scientific process over what is required to create a mobile application of this kind and what potential difficulties exist in present-day design of this type of applications. The results show that some manufacturers may not be following the standards for Bluetooth data communication, thus making it hard to write generalized methods for retrieving data from sensors of any type or manufacturer.

Bluetooth Low Energy

Sensors

Cross platform mobile application

Cloud storage

Internet of Things

Engineering and Technology

Teknik och teknologier

Undersökning och design av en säkerhetslösning för en molnlagringstjänst / Analysis and design of a security solution for a cloud storage service

Cederfelt, Ludvig

January 2017

Troligen har de allra flesta hört talas ”molnet” eller molnlagring. Molnlagring är populärt och användbart för att säkerhetskopiera, dela och göra information lättåtkomligt från flera enheter. Mega, Dropbox, Google Drive och OneDrive är några av alla de tjänster som finns idag, de erbjuder lite olika funktionalitet och inriktningar. Ett problem med alla dessa tjänster är att det som standard endast är den som äger kontot som har tillgång till materialet som är uppladdat. Det gör att information som bilder kan bli förlorade om kontoinnehavaren avlider. Säkerheten, i form av möjligheterna för tredje part att komma åt informationen, är ofta okänd för användarna i dessa tjänster. Dessa två problem vill EmbeddedArt åtgärda med sin nya tjänst. Datan ska förvaras krypterad och otillgänglig för utomstående samtidigt som det ska vara möjligt för användarna att ange en person som ska få tillgång till informationen om kontoinnehavaren avlider. Tanken är att skicka ut krypteringsnyckeln och ett USB-minne med den krypterade datan som användaren sedan själv enkelt kan avkryptera på sin dator med det medföljande programmet, krypteringsnyckeln och datan måste skickas separat. Även om det finns generella förslag på publik nyckelinfrastrukturer (PKI) finns det inte någon som uppfyller dessa krav och har modern, stark kryptering. Att tjänsten håller användares information säker från tredje part är viktigt för användarnas integritet och förtroende för tjänsten. Men för att få användare till, och fortsätta använda, tjänsten måste den även vara användarvänlig. Utöver att tjänsten ska vara snabb, ha många funktioner och lagra datan säkert måste det vara möjligt för administratörerna att kunna avkryptera datan. Hur kan då en PKIlösning se ut där det blir en bra balans mellan dessa viktiga punkter? I denna rapport studeras och föreslås hur en sådan lösning kan se ut för en molnlagringstjänst. Den föreslagna säkerhetslösningen implementeras i en existerande molnlagringstjänst. Resultatet jämförs med hur molnlagringstjänsten fungerade innan och utvärderas på punkterna användarvänlighet, säkerhet, prestanda samt fortsatt utveckling av tjänsten. Förslaget som presenteras är en lösning där innehållet i användarnas filer är skyddat och funktionerna i tjänsten inte är förändrade. Både RSA (Rivest-Shamir-Adleman kryptering) och AES (avancerad krypteringsstandard) används för att skydda innehållet i användarnas filer. Lagring av och operationer med nycklarna är fördelade på olika servrar, varav en som med fördel kan bytas ut, eller utökas med en koppling, till en hårdvarusäkerhetsmodul (HSM). Tjänstens ägare har tillgång till de privata nycklarna och kan således komma åt innehållet i filerna. Vissa kostnader går inte att undvika på grund av krypteringen och de extra delarna i infrastrukturen. För att minimera påverkan på den existerande tjänsten och underlätta för framtida utveckling har de kryptografiska operationerna hakats in i filströmmarna. I de utförda testerna är prestandaförlusten cirka 10–15% vid uppladdning av filer. / Most people have probably heard of the cloud or cloud storage. Cloud storage is popular and useful for backing up, sharing and making information easily accessible from multiple devices. Mega, Dropbox, Google Drive and OneDrive are some of the services that are available today, they offer a little different functionality and orientation to compete with each other. A problem with all these services is that by default, only the owner of the account has access to the material or login. This means that information such as images might be lost if the account holder dies. Security, in the form of encryption and third party access to the information, is often unknown to the users of these services. EmbeddedArt wants to fix these two issues with their new service. The data shall be kept encrypted and unavailable to third parties at the same time as it should be possible for users to enter a person who will have access to the information if the account holder dies. The idea is to send out the encryption key and a USB memory with the encrypted data that the user can then easily encrypt on his computer with the included application. Although there are general suggestions for public key infrastructure (PKI) structures, there doesn’t seems to be any that meets these requirements and has modern, strong encryption. It is important that service keeps user information secure from third parties for the users' integrity and trust in the service. But to get users to the service, it must also be user friendly. While the service should be fast, have many features and store the data for sure, it must be possible for administrators to access the information. How can a PKI solution be designed to have a good balance between these important points? This report examines and proposes a solution for how a solution can look like for a cloud storage service. The suggested security solution is implemented in an existing cloud storage service. The result is then compared with the service before implementation with regard to the points of usability, security, performance and continued development of the service.   The proposal presented is a solution where the contents of users’ files are protected, and the features of the service are not changed. Both RSA (Rivest-Shamir-Adleman Encryption) and AES (Advanced Encryption Standard) are used to protect the contents of the users’ files. Storage and cryptographic operations with the keys are distributed on different servers, one of which may be replaced by a hardware security module (HSM). The service owner has access to the private keys and can thus access the contents of the files. Some costs cannot be avoided, but in order to minimize them and make the least changes in the service, the cryptographic operations have been inserted into the file streams. In the tests performed, the performance loss is 10-15% when uploading files.  Keywords

cryptography

PKI

cloud storage

kryptering

PKI

molnlagring

Computer Sciences

Datavetenskap (datalogi)

Detecting the presence of people in a room using motion detection

Granath, Linus, Strid, Andreas

January 2016

Companies face a problem where employees reserve rooms and do not show up, which leadsto money and resources loss for the companies. An application capable of detecting thepresence of people in a room could solve this problem.This thesis details the process of building an Android application capable of detectingthe presence of people in a static room using motion detection. The application wasdeveloped through a five-staged process and evaluated by performing experiments whichmeasured the accuracy of the application.The finished application is installed on a Sony Xperia M4 Aqua device which is mountedhigh up on a wall in a conference room where the application takes images of the room. Theapplication is connected to a Google Drive account where the application uploads acquiredimages with an appropriate label. The application achieved an accuracy of 94.18% in anexperiment where 550 images where taken automatically by the application in differentconference rooms with and without people inside them

iot

motion detection

opencv

image processing

cloud storage

Engineering and Technology

Teknik och teknologier

BlobSeer: Towards efficient data storage management for large-scale, distributed systems

Nicolae, Bogdan

30 November 2010

With data volumes increasing at a high rate and the emergence of highly scalable infrastructures (cloud computing, petascale computing), distributed management of data becomes a crucial issue that faces many challenges. This thesis brings several contributions in order to address such challenges. First, it proposes a set of principles for designing highly scalable distributed storage systems that are optimized for heavy data access concurrency. In particular, it highlights the potentially large benefits of using versioning in this context. Second, based on these principles, it introduces a series of distributed data and metadata management algorithms that enable a high throughput under concurrency. Third, it shows how to efficiently implement these algorithms in practice, dealing with key issues such as high-performance parallel transfers, efficient maintainance of distributed data structures, fault tolerance, etc. These results are used to build BlobSeer, an experimental prototype that is used to demonstrate both the theoretical benefits of the approach in synthetic benchmarks, as well as the practical benefits in real-life, applicative scenarios: as a storage backend for MapReduce applications, as a storage backend for deployment and snapshotting of virtual machine images in clouds, as a quality-of-service enabled data storage service for cloud applications. Extensive experimentations on the Grid'5000 testbed show that BlobSeer remains scalable and sustains a high throughput even under heavy access concurrency, outperforming by a large margin several state-of-art approaches.

[INFO] Computer Science

large scale data storage

cloud storage

versioning

decentralized metadata management

high throughput

heavy access concurrency

API-Based Acquisition of Evidence from Cloud Storage Providers

Barreto, Andres E

11 August 2015

Cloud computing and cloud storage services, in particular, pose a new challenge to digital forensic investigations. Currently, evidence acquisition for such services still follows the traditional approach of collecting artifacts on a client device. In this work, we show that such an approach not only requires upfront substantial investment in reverse engineering each service, but is also inherently incomplete as it misses prior versions of the artifacts, as well as cloud-only artifacts that do not have standard serialized representations on the client. In this work, we introduce the concept of API-based evidence acquisition for cloud services, which addresses these concerns by utilizing the officially supported API of the service. To demonstrate the utility of this approach, we present a proof-of-concept acquisition tool, kumodd, which can acquire evidence from four major cloud storage providers: Google Drive, Microsoft One, Dropbox, and Box. The implementation provides both command-line and web user interfaces, and can be readily incorporated into established forensic processes.

Cloud forensics

cloud storage

kumodd

API-based evidence acquisition

Google Drive

Dropbox

OneDrive

Box

Data Storage Systems

Information Security

Secure and Reliable Data Outsourcing in Cloud Computing

Cao, Ning

31 July 2012

"The many advantages of cloud computing are increasingly attracting individuals and organizations to outsource their data from local to remote cloud servers. In addition to cloud infrastructure and platform providers, such as Amazon, Google, and Microsoft, more and more cloud application providers are emerging which are dedicated to offering more accessible and user friendly data storage services to cloud customers. It is a clear trend that cloud data outsourcing is becoming a pervasive service. Along with the widespread enthusiasm on cloud computing, however, concerns on data security with cloud data storage are arising in terms of reliability and privacy which raise as the primary obstacles to the adoption of the cloud. To address these challenging issues, this dissertation explores the problem of secure and reliable data outsourcing in cloud computing. We focus on deploying the most fundamental data services, e.g., data management and data utilization, while considering reliability and privacy assurance. The first part of this dissertation discusses secure and reliable cloud data management to guarantee the data correctness and availability, given the difficulty that data are no longer locally possessed by data owners. We design a secure cloud storage service which addresses the reliability issue with near-optimal overall performance. By allowing a third party to perform the public integrity verification, data owners are significantly released from the onerous work of periodically checking data integrity. To completely free the data owner from the burden of being online after data outsourcing, we propose an exact repair solution so that no metadata needs to be generated on the fly for the repaired data. The second part presents our privacy-preserving data utilization solutions supporting two categories of semantics - keyword search and graph query. For protecting data privacy, sensitive data has to be encrypted before outsourcing, which obsoletes traditional data utilization based on plaintext keyword search. We define and solve the challenging problem of privacy-preserving multi- keyword ranked search over encrypted data in cloud computing. We establish a set of strict privacy requirements for such a secure cloud data utilization system to become a reality. We first propose a basic idea for keyword search based on secure inner product computation, and then give two improved schemes to achieve various stringent privacy requirements in two different threat models. We also investigate some further enhancements of our ranked search mechanism, including supporting more search semantics, i.e., TF × IDF, and dynamic data operations. As a general data structure to describe the relation between entities, the graph has been increasingly used to model complicated structures and schemaless data, such as the personal social network, the relational database, XML documents and chemical compounds. In the case that these data contains sensitive information and need to be encrypted before outsourcing to the cloud, it is a very challenging task to effectively utilize such graph-structured data after encryption. We define and solve the problem of privacy-preserving query over encrypted graph-structured data in cloud computing. By utilizing the principle of filtering-and-verification, we pre-build a feature-based index to provide feature-related information about each encrypted data graph, and then choose the efficient inner product as the pruning tool to carry out the filtering procedure."

cloud computing

security

privacy preserving

cloud storage

data reliability

data availability

keyword search

ranked search

graph query

Security in Cloud Storage : A Suitable Security Algorithm for Data Protection

Oduyiga, Adeshola Oyesanya

January 2018

The purpose of this thesis work was to conduct a general research on existing security techniques and come up with a considerable algorithm for data security in cloud storage. Cloud storage is an infrastructure or is a model of computer data storage in which the digital data is stored in logical pools. It unifies object storage for both developers and enterprises, from live applications data to cloud archival. It help to save valuable space on PC computers or mobile devices and provides the easy storage and access of data anywhere in the world. However, just as the benefits of cloud computing abounds, so also are the risks involved. If data are not well secured or encrypted before deployment for storage in the cloud, in case of negligence on the side of the developers, then hackers can gain unauthorized access to the data. The behavior of existing security algorithms on data were studied, the encryption and decryption process of the each algorithm on data was studied and also their weaknesses against attacks. Apart from data encryption, security policies also plays an important roll in cloud storage which was also covered in this report. The research work was conducted through the use of online publications, literature review, books, academic publications and reputable research materials. The study showed that regardless of the challenges in cloud storage, there is still a suitable algorithm for protecting data against attack in the cloud.

Security-in-cloud-storage

DES

3DES

Blowfish

RC5

AES

Attacks-on-cloud-facilities

Data-Encryption-Standard

Data-protection.

Software Engineering

Programvaruteknik

Understanding and Predicting Students' Intention to Pay for Private Cloud Storage Services

Meier, Philip

January 2017

Date: 05 June 2017 Level: Bachelor Thesis in Business Administration, 15 ECTS Institution: School of Business, Society and Engineering, Mälardalen University Authors: Meier, Philip Soltani, Nazila Khodabandeloo (88/03/11) (93/07/05) Title: Understanding and Predicting Students’ Intention to Pay for Private Cloud Storage Services Tutour: Konstantin Lampou Keywords: cloud storage service, iCloud, technology acceptance model, information systems, user acceptance, intention to pay Research Question: What are students’ intention to pay for private cloud storage services and why? Purpose: The purpose of this study is to investigate students’ intention to pay for private cloud storage services, in order to find out how willing they are to pay for such services and for what reasons. Method: This study takes a qualitative approach, where both primary and secondary data are collected. Secondary data was collected through i.e. empirical studies and annual publications. Primary empirical data was conducted through semi-structured interviews with 21 students of Mälardalen University. The primary empirical data was analysed using a thematic analysis. Conclusion: Conducting this study showed, that most of the factors’ influences on students’ intention to pay for private cloud storages were positive, resulting in an overall high willingness to pay. The perceived monetary sacrifice was regarded as very low, hence not preventing potential customers from paying for the services. Considerable issues were however found in the perceived quality, more precisely in the perceived reliability and the lack of trust expressed in private cloud services. Finally, unused potential for private cloud service providers to positively influence students’ attitudes was found both in the perceived usefulness and subjective norm factors.

cloud storage service

iCloud

technology acceptance model

information systems

user acceptance

intention to pay

Business Administration

Företagsekonomi

Addressing the Data Location Assurance Problem of Cloud Storage Environments

Noman, Ali

09 April 2018

In a cloud storage environment, providing geo-location assurance of data to a cloud user is very challenging as the cloud storage provider physically controls the data and it would be challenging for the user to detect if the data is stored in different datacenters/storage servers other than the one where it is supposed to be. We name this problem as the “Data Location Assurance Problem” of a Cloud Storage Environment. Aside from the privacy and security concerns, the lack of geo-location assurance of cloud data involved in the cloud storage has been identified as one of the main reasons why organizations that deal with sensitive data (e.g., financial data, health-related data, and data related to Personally Identifiable Infor-mation, PII) cannot adopt a cloud storage solution even if they might wish to. It might seem that cryptographic techniques such as Proof of Data Possession (PDP) can be a solution for this problem; however, we show that those cryptographic techniques alone cannot solve that. In this thesis, we address the data location assurance (DLA) problem of the cloud storage environment which includes but is not limited to investigating the necessity for a good data location assurance solution as well as challenges involved in providing this kind of solution; we then come up with efficient solutions for the DLA problem. Note that, for the totally dis-honest cloud storage server attack model, it may be impossible to offer a solution for the DLA problem. So the main objective of this thesis is to come up with solutions for the DLA problem for different system and attack models (from less adversarial system and attack models to more adversarial ones) available in existing cloud storage environments so that it can meet the need for cloud storage applications that exist today.

cloud storage security

data location assurance for cloud

cloud computing security

DLAS

cloud computing

Are you ok app

Nilsson, Peder, Kold Pedersen, Kasper

January 2020

Denna avhandling beskriver hur en smartphone-baserad larm-applikation som ger säkrare resor för cyklister och löpare kan konstrueras. Genom att övervaka och utvärdera GPS-data från telefonen över tid skickar den föreslagna applikations-prototypen, namngiven till Are You OK App (AYOKA), automatiskt SMS-meddelanden och initierar telefonsamtal till kontakter i en lista konfigurerad av användaren när densamme har råkat ut för ett fall.I detta projekt härleds fall utifrån GPS-inaktivitet (när användarens geografiska koordinater är oförändrade inom ett valt tidsintervall). Detektion av GPS-inaktivitet, i kombination med att användaren inte har svarat, sätter igång larmfunktionen i applikationen. Projektet exemplifierar också hur implementeringen av ett flöde som delar data i ett moln, vilket använder Microsoft Azure som plattform, kan förbättra applikationens datainsamling avsevärt. Genom att använda en IoT Hub, Stream Analytics och en Azure SQL-databas, visar prototypen hur insamlad data kan centraliseras och potentiellt användas i framtida forskning inom övervakning och analys. Den testade prototypen visar ett förbättrat nöd- / säkerhetssystem som kan fungera i många olika sammanhang. Metoden för detektion passar relativt bra med fokus på cyklister och löpare eftersom dessa aktiviteter innebär att utövaren förflyttar sig, vilket i sin tur gör GPS-spårning effektiv. Några nackdelar som diskuteras är den höga grad av interaktion från användaren som behövs för att urskilja ett fall från en vald paus. För att möjliggöra detektering av fall från fysisk aktivitet som sker på en och samma geografiska plats, skulle det vara nödvändigt att i detekteringen använda data från accelerometer och gyroskop. I avhandlingen föreslås att prototypen, inklusive delnings-flödet för molndata, kan tjäna som ett ramverk för framtida system för smarta telefoner där fall-detektering använder sig av strömmad sensordata från enheten. / This thesis describes how a smartphone-based alarm application can be constructed to provide safer trips for cyclists and runners. Through monitoring and evaluating GPS data via the mobile device over time, the proposed application prototype, coined Are You OK App (AYOKA), automatically sends SMS messages and initiates phone calls to contacts in a user-configured list when a fall is detected. In this project, falls are inferred on the basis of GPS-inactivity (in this context defined as when the user’s geolocation has not changed within a selected time interval). Detection of GPS-inactivity, combined with a lack of response from the user, will trigger the alarming features of the application. The project also exemplifies how the implementation of a cloud data sharing flow, which uses Microsoft Azure as a platform, can significantly enhance the data gathering capabilities of the application. By utilizing an IoT Hub, Stream Analytics and an Azure SQL database, the prototype demonstrates how the gathered data can be centralized, and in future research could potentially be utilized for monitoring and analytical purposes. The method of detection performed relatively well with the focus on cyclists and runners since these activities involve changing of geographical coordinates, thereby making GPS-tracking effective. By focusing on detecting GPS-inactivity, it is argued that the prototype could potentially be utilized in other emergency scenarios apart from falls, such as being hit by a car. A disadvantage discussed includes the high degree of reliance on user participation to discern a fall from a voluntary pause. To enable detection of falls from physical activity occurring in one location, it would be necessary to incorporate data from accelerometer and gyroscope sensors into the current fall detection functionality. This thesis suggests that the prototype, including the cloud data sharing flow, can serve as a framework for future smartphone-based fall detection systems that use streamed sensor data.

Fall detection

GPS

Android

Xamarin

IoT Hub

Azure

Stream Analytics

Smartphone

Emergency

System

Cloud storage

Engineering and Technology

Teknik och teknologier