A Secure Business Framework for File Purchasing Application in Vehicular Ad Hoc Networks

Yuan, Shuang

January 2008

Vehicular ad hoc networks (VANETs) are gaining growing interest from both industry and academia. Driven by road safety requirements, the car manufacturers, transportation authorities and communications standards organizations are working together to make a quantum step in terms of vehicular information technology (IT) by equipping the vehicles with sensors, on-board processing and wireless communication modules. VANETs are composed of OBUs (On Board Units) and RSUs (Road Side Units). The communication standard used in VANETs is called DSRC (Dedicated Short Range Communication). With many essential vehicle components (radios, spectrum, standards, etc) coming into place, a lot of new applications are emerging beside road safety, which support not only safety related services, but also entertainment and mobile Internet access services. In this study, we propose a promising commercial application for file purchasing in VANETs, where a legitimate vehicle can purchase digital files/data through a roadside unit (RSU). Due to the high mobility of the vehicles, the contact period between an RSU and a vehicle could be insufficient to download the complete file. To purchase a digital file, a vehicle purchases a permission key from a fixed RSU and then begins to download the file from the RSU via vehicle-to-RSU communications (V2R) when it is in the transmission range of the RSU. Once the vehicle in the process of downloading a file leaves the transmission range of the RSU, its neighboring vehicles with a piece of the file cooperatively help to complete the file transfer via vehicle-to-vehicle (V2V) communications. Such a commercial file purchasing system can obviously initiate a new application scenario. However, it cannot be put into practice unless the security issues, such as the user privacy, incentives for inter-vehicle cooperation, and the copyright protection for the file content are well addressed. In order to deal with these security issues, we develop a secure business framework for the file purchasing system in this study. In this framework, we preserve the user privacy by using the pseudo identity for each vehicle. We stimulate the cooperation between vehicles through micro-payment incentive mechanism and guarantee the secure payment at the same time. To protect the digital file content from unauthorized distribution, we encrypt the file content before delivery to an end user and use digital fingerprint technology to generate a unique copy for each vehicle after delivery. In a word, we propose a file purchasing application in VANETs and also develop a secure framework for this application.

security

VANET

Electrical and Computer Engineering

Design of Efficient FPGA Circuits For Matching Complex Patterns in Network Intrusion Detection Systems

Clark, Christopher R.

03 March 2004

The objective of this research is to design and develop a reconfigurable string matching co-processor using field-programmable gate array (FPGA) technology that is capable of matching thousands of complex patterns at gigabit network rates for network intrusion detection systems (NIDS). The motivation for this work is to eliminate the most significant bottleneck in current NIDS software, which is the pattern matching process. The tasks involved with this research include designing efficient, high-performance hardware circuits for pattern matching and integrating the pattern matching co-processor with other NIDS components running on a network processor. The products of this work include a system to translate standard intrusion detection patterns to FPGA pattern matching circuits that support all the functionality required by modern NIDS. The system generates circuits efficient enough to enable the entire ruleset of a popular NIDS containing over 1,500 patterns and 17,000 characters to fit into a single low-end FPGA chip and process data at an input rate of over 800 Mb/s. The capacity and throughput both scale linearly, so larger and faster FPGA devices can be used to further increase performance. The FPGA co-processor allows the task of pattern matching to be completely offloaded from a NIDS, significantly improving the overall performance of the system.

Network security

Intrusion detection

IDS

Scaling and Visualizing Network Data to Facilitate in Intrusion Detection Tasks

Abdullah, Kulsoom B.

07 April 2006

As the trend of successful network attacks continue to rise, better forms of intrusion, detection and prevention are needed. This thesis addresses network traffic visualization techniques that aid administrators in recognizing attacks. A view of port statistics and Intrusion Detection System (IDS) alerts has been developed. Each help to address issues with analyzing large datasets involving networks. Due to the amount of traffic as well as the range of possible port numbers and IP addresses, scaling techniques are necessary. A port-based overview of network activity produces an improved representation for detecting and responding to malicious activity. We have found that presenting an overview using stacked histograms of aggregate port activity, combined with the ability to drill-down for finer details allows small, yet important details to be noticed and investigated without being obscured by large, usual traffic. Another problem administrators face is the cumbersome amount of alarm data generated from IDS sensors. As a result, important details are often overlooked, and it is difficult to get an overall picture of what is occurring in the network by manually traversing textual alarm logs. We have designed a novel visualization to address this problem by showing alarm activity within a network. Alarm data is presented in an overview from which system administrators can get a general sense of network activity and easily detect anomalies. They additionally have the option of then zooming and drilling down for details. Based on our system administrator requirements study, this graphical layout addresses what system administrators need to see, is faster and easier than analyzing text logs, and uses visualization techniques to effectively scale and display the data. With this design, we have built a tool that effectively uses operational alarm log data generated on the Georgia Tech campus network. For both of these systems, we describe the input data, the system design, and examples. Finally, we summarize potential future work.

Intrusion detection

Alarm visualization

Network security visualization

Network security

Port visualization

Network visualization

Visualization

Computer networks Security measures

Computer security

Anonymous, authentic, and accountable resource management based on the E-cash paradigm

Lam, Tak Cheung

15 May 2009

The prevalence of digital information management in an open network has driven the need to maintain balance between anonymity, authenticity and accountability (AAA). Anonymity allows a principal to hide its identity from strangers before trust relationship is established. Authenticity ensures the correct identity is engaged in the transaction even though it is hidden. Accountability uncovers the hidden identity when misbehavior of the principal is detected. The objective of this research is to develop an AAA management framework for secure resource allocations. Most existing resource management schemes are designed to manage one or two of the AAA attributes. How to provide high strength protection to all attributes is an extremely challenging undertaking. Our study shows that the electronic cash (E-cash) paradigm provides some important knowledge bases for this purpose. Based on Chaum-Pederson’s general transferable E-cash model, we propose a timed-zero-knowledge proof (TZKP) protocol, which greatly reduces storage spaces and communication overheads for resource transfers, without compromising anonymity and accountability. Based on Eng-Okamoto’s general divisible E-cash model, we propose a hypercube-based divisibility framework, which provides a sophisticated and flexible way to partition a chunk of resources, with different trade-offs in anonymity protection and computational costs, when it is integrated with different sub-cube allocation schemes. Based on the E-cash based resource management framework, we propose a privacy preserving service oriented architecture (SOA), which allows the service providers and consumers to exchange services without leaking their sensitive data. Simulation results show that the secure resource management framework is highly practical for missioncritical applications in large scale distributed information systems.

Security

Privacy

Resource Management

E-cash

none

Chen, Ting-ting

06 September 2004

none

social security

china

social control

Information Security Service Industry - EverGreen International Development Co Ltd.. - Entrepreneur Case Study

Hsu, Yu-Tsung

07 September 2004

With the increasing number of enterprises which provides e-business via Internet and the complex of information system, Information Security becomes more and more important to a company. Information Security not only can improve a company¡¦s information system but also can protect its information asset. It becomes a basic element for e-business. In addition, since information today goes beyond boundaries, a company may face the threat of being attacked by hackers or virus all the time. Maintaining system operation and protecting internal information become an essential issue to a company. Due to this new trend, Information Security Service Industry becomes one of the newly developed industries. At present, a company has the urgent need of adopting information technology to increase competitive advantages. The importance of Information Security is increasing day by day. This research mostly focuses on Taiwan Information Security Service Industry which is still lack of research literatures. The research uses a local Information Security Service company as its research target. Case study, field observation, and reading company¡¦s related materials help to understand how entrepreneurs analyze environment and evaluate opportunities, required resources, threats, and key success/failure factors. The research mainly focuses on how environment and opportunities analysis, entrepreneur team and organization structure, product strategy and operating model, consumers and market, product competitive advantage and implementation influence a company¡¦s success.

Information Security

Case Study

Entrepreneur

Time trends and advertising presentation of information security advertisement

Weng, Wen-di

08 October 2004

There are many studies about information security, but merely limited in the technologic and managerial fields. The purpose of this research is to discover information security advertisement in two ways ¡V the time trends and the advertising presentation. The research uses the content analysis with four variances ¡V time, category of products, type of enterprises, and targeted customers to analyze information security advertisement on computer magazines in the past ten years (1994~2003). According to research findings, there are some obvious changes in category of product, appeal strategy, amount of advertising message, topic reply and brand image in time trends. On the other hand, picture-headline effect, proportion structure, appeal strategy, presentation type, and brand image have apparent differences in advertising presentation. It can be concluded to eight findings from research results: 1.¡¨product¡¨ is always the main marketing objective; 2.advertising presentation is from ration to emotion; 3.follow the ¡§product life period¡¨ and ¡§advertising strategy¡¨ rule; 4.the amount of topic reply has gradually decreased; 5.different advertising purposes have different advertising presentation; 6.¡§expression of safety¡¨ is primary objective; 7.huge amounts of image usage; 8.the amount of advertising messages in information security advertisement is more than other types of advertisements.

Information security

Advertising

Content analysis

Corporate Social Responsibility in China¡Gcontinuity and change

Chung, Ming-fei

28 July 2006

Corporate social responsibility (CSR), originated from the West, has undergone significant changes along with time and context. Under the wave of globalization, it is imperative that corporate fulfill their social responsibilities worldwide. As various scholars hold different viewpoints, debates on the role of CRS and whether it is a positive or negative force continue to thrive. Based on the bipolarity, this paper analyzes the CSR in China, as well as its development and future perspectives. Mainland China (People's Republic of China) has become a focal point of global economic development in recent years, and this 'world factory' has a crucial role to play in the world's finance and industry chains. Corporate in China, therefore, cannot avoid being evolved in responsibilities in addition to making profits. The paper also made further observation on the change of corporate-social relations and drew conclusion of how Chinese corporate carry their social responsibilities. The paper began by analyzing the CSR of state-owned enterprises in the context of Chinese traditional planed economy; it then further looked into how the westernized concept evolved and developed during the economic reform in 1978 with the open policy for foreign direct investment (FDI), and how CSR in China was adapted in accordance with the ideology of socialism. The paper, through both domestic and international literature reviews, aimed to examine the course of evolution of CSR in China. Major case studies were utilized to describe the diversity of CSR development in China, and for comparison between CSR in China and that in the West.

social security

Corporate Social Responsibility

A Framework Based On Continuous Security Monitoring

Erturk, Volkan

01 December 2008

Continuous security monitoring is the process of following up the IT systems by collecting measurements, reporting and analysis of the results for comparing the security level of the organization on continuous time axis to see how organizational security is progressing in the course of time. In the related literature there is very limited work done to continuously monitor the security of the organizations. In this thesis, a continuous security monitoring framework based on security metrics is proposed. Moreover, to decrease the burden of implementation a software tool called SecMon is introduced. The implementation of the framework in a public organization shows that the proposed system is successful for building an organizational memory and giving insight to the security stakeholders about the IT security level in the organization.

The application of the cage aquaculture security system in the marine park

Wang, Tsu-Shun

11 December 2008

Net cages are mainly located on the coastal areas of Peng-hu and Ping-tung counties. Generally, there are two kinds of disasters occurred in the fish farming industries: one is caused by typhoon attack, while the other is caused by human vandalism. This paper is focus on how to prevent the damages induced by poaching or vandalism. Since high-valued fish are raised in the net cages, they are often become the targets of illegal intruders for stealing at night, especially when the net cages are lack of security system. Under such unsecured situation, entrepreneurs would not dare to invest in this industry and may keep a suspicious attitude towards it. Compare to land aquaculture, marine aquaculture is far more complicated in terms of techniques involved in production progress. Surely over-fishing has serious deplete the stock of biomass in the sea in the past decades. Recently, the skyrocketed oil price even deteriorate the fishing industry to such a level that fishing boats can only operate for a season in each year and end up losing money. However, Fisheries Agency has planned to recycle commercial fishing boats, and hopefully by doing so, this aquacultural industry will turn into a new trend in the near future. This research looks into 700 hectares of net cage park, Southern Oceanic Park, and suggests that the fishery authority turn this area into special district, adjust the fishery law, designate San-fu port as the park¡¦s operation center, finally set up a security system, then we may reduce the damage caused by unlawful activities. The geographical make-up of Liu-chiu provides ideal conditions for the present net cage area. The sea waters outside of San-fu port are also blessed with the same geographical advantage. This research looks at ¡§man-made calamities¡¨, namely vandalism and theft, so as to prevent damage and loss and protect resources and equipment. The areas chosen for this study include the surrounding sea waters of Liu-chiu aquaculture zone and the highly representative San-fu fishing port. There are also discussions on the installation of automatic alarm system in the eventual marine park. As an officer in a law enforcement administration for coastal affaires, my past contact with net cage fishermen revealed the damage and loss they have been undergoing and their sense of helplessness. On top of that, relevant documents turned out to be insufficient. Therefore, this research aims to figure out a way to fill this security gap by integrating public power from governmental services with protection and safety solutions on the part of individuals. To put this initiative to work, it is necessary to map out a special marine park where security mechanism could be automatically triggered by local facilities. This will then allow public power and personal endeavor to work simultaneously in the special zone and prevent any illegal activities. With its high applicability and pertinence, the eventual security system will hopefully entice more entrepreneurs, thus maintaining a sound net cage aquaculture.

Liu-Chiu

security

cage aquaculture