Matching Items (44)
Filtering by
- All Subjects: Creative Project
- All Subjects: Security
- Creators: Computer Science and Engineering Program
Description
This dissertation is focused on building scalable Attribute Based Security Systems (ABSS), including efficient and privacy-preserving attribute based encryption schemes and applications to group communications and cloud computing. First of all, a Constant Ciphertext Policy Attribute Based Encryption (CCP-ABE) is proposed. Existing Attribute Based Encryption (ABE) schemes usually incur large, linearly increasing ciphertext. The proposed CCP-ABE dramatically reduces the ciphertext to small, constant size. This is the first existing ABE scheme that achieves constant ciphertext size. Also, the proposed CCP-ABE scheme is fully collusion-resistant such that users can not combine their attributes to elevate their decryption capacity. Next step, efficient ABE schemes are applied to construct optimal group communication schemes and broadcast encryption schemes. An attribute based Optimal Group Key (OGK) management scheme that attains communication-storage optimality without collusion vulnerability is presented. Then, a novel broadcast encryption model: Attribute Based Broadcast Encryption (ABBE) is introduced, which exploits the many-to-many nature of attributes to dramatically reduce the storage complexity from linear to logarithm and enable expressive attribute based access policies. The privacy issues are also considered and addressed in ABSS. Firstly, a hidden policy based ABE schemes is proposed to protect receivers' privacy by hiding the access policy. Secondly,a new concept: Gradual Identity Exposure (GIE) is introduced to address the restrictions of hidden policy based ABE schemes. GIE's approach is to reveal the receivers' information gradually by allowing ciphertext recipients to decrypt the message using their possessed attributes one-by-one. If the receiver does not possess one attribute in this procedure, the rest of attributes are still hidden. Compared to hidden-policy based solutions, GIE provides significant performance improvement in terms of reducing both computation and communication overhead. Last but not least, ABSS are incorporated into the mobile cloud computing scenarios. In the proposed secure mobile cloud data management framework, the light weight mobile devices can securely outsource expensive ABE operations and data storage to untrusted cloud service providers. The reported scheme includes two components: (1) a Cloud-Assisted Attribute-Based Encryption/Decryption (CA-ABE) scheme and (2) An Attribute-Based Data Storage (ABDS) scheme that achieves information theoretical optimality.
ContributorsZhou, Zhibin (Author) / Huang, Dijiang (Thesis advisor) / Yau, Sik-Sang (Committee member) / Ahn, Gail-Joon (Committee member) / Reisslein, Martin (Committee member) / Arizona State University (Publisher)
Created2011
Description
In modern healthcare environments, there is a strong need to create an infrastructure that reduces time-consuming efforts and costly operations to obtain a patient's complete medical record and uniformly integrates this heterogeneous collection of medical data to deliver it to the healthcare professionals. As a result, healthcare providers are more willing to shift their electronic medical record (EMR) systems to clouds that can remove the geographical distance barriers among providers and patient. Even though cloud-based EMRs have received considerable attention since it would help achieve lower operational cost and better interoperability with other healthcare providers, the adoption of security-aware cloud systems has become an extremely important prerequisite for bringing interoperability and efficient management to the healthcare industry. Since a shared electronic health record (EHR) essentially represents a virtualized aggregation of distributed clinical records from multiple healthcare providers, sharing of such integrated EHRs may comply with various authorization policies from these data providers. In this work, we focus on the authorized and selective sharing of EHRs among several parties with different duties and objectives that satisfies access control and compliance issues in healthcare cloud computing environments. We present a secure medical data sharing framework to support selective sharing of composite EHRs aggregated from various healthcare providers and compliance of HIPAA regulations. Our approach also ensures that privacy concerns need to be accommodated for processing access requests to patients' healthcare information. To realize our proposed approach, we design and implement a cloud-based EHRs sharing system. In addition, we describe case studies and evaluation results to demonstrate the effectiveness and efficiency of our approach.
ContributorsWu, Ruoyu (Author) / Ahn, Gail-Joon (Thesis advisor) / Yau, Stephen S. (Committee member) / Huang, Dijiang (Committee member) / Arizona State University (Publisher)
Created2012
Description
Investment real estate is unique among similar financial instruments by nature of each property's internal complexities and interaction with the external economy. Where a majority of tradable assets are static goods within a dynamic market, real estate investments are dynamic goods within a dynamic market. Furthermore, investment real estate, particularly commercial properties, not only interacts with the surrounding economy, it reflects it. Alive with tenancy, each and every commercial investment property provides a microeconomic view of businesses that make up the local economy. Management of commercial investment real estate captures this economic snapshot in a unique abundance of untapped statistical data. While analysis of such data is undeniably valuable, the efforts involved with this process are time consuming. Given this unutilized potential our team has develop proprietary software to analyze this data and communicate the results automatically though and easy to use interface. We have worked with a local real estate property management and ownership firm, Reliance Management, to develop this system through the use of their current, historical, and future data. Our team has also built a relationship with the executives of Reliance Management to review functionality and pertinence of the system we have dubbed, Reliance Dashboard.
ContributorsBurton, Daryl (Co-author) / Workman, Jack (Co-author) / LePine, Marcie (Thesis director) / Atkinson, Robert (Committee member) / Barrett, The Honors College (Contributor) / Department of Finance (Contributor) / Department of Management (Contributor) / Computer Science and Engineering Program (Contributor)
Created2015-05
Description
MeetPoint is a project derived from Computer Science with a focus upon applications to mobile. The application is created to provide users with the ability to meet up with certain individuals to accomplish a specific task, in this case studying. The project idea came from the creator wanting to meet up with a friend in order to converse about an upcoming exam. The creator knew where the person lived, but could not easily come up with a location for the two to meet that would be a reasonable distance from both of them. Hence came the idea for a mobile application to complete those actions for the user. The project focuses upon implementation in a school setting in which the meetings would actually take place. For means of this project, the locations were fixed to on campus at Arizona State University. The committee felt that this would scope the project correctly for its two-semester creation while still demonstrating how to fulfill the task at hand. Android is the operating system of choice for the mobile application due to it being Java, which was the most familiar language to the student. MeetPoint provides users with an easy to navigate and familiar front-end while harnessing the power of a database in the back-end. The application hides the intricacies of the back-end from the user in order to better provide a comfortable user experience. A lot of the project was designed around providing a comfortable user experience by keeping the application familiar to the user in that it maintains similarities with other popular mobile applications.
ContributorsWallace, Tyler L (Author) / Balasooriya, Janaka (Thesis director) / Faucon, Christophe (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2015-05
Description
Cyber threats are growing in number and sophistication making it important to continually study and improve all dimensions of digital forensics. Teamwork in forensic analysis has been overlooked in systems even though forensics relies on collaboration. Forensic analysis lacks a system that is flexible and available on different electronic devices which are being used and incorporated into everyday life. For instance, cellphones or tablets that are easy to bring on-the-go to sites where the first steps of forensic analysis is done. Due to the present day conversion to online accessibility, most electronic devices connect to the internet. Squeegee is a proof of concept that forensic analysis can be done on the web. The forensic analysis expansion to the web opens many doors to collaboration and accessibility.
ContributorsJuntiff, Samantha Maria (Author) / Ahn, Gail-Joon (Thesis director) / Kashiwagi, Jacob (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2015-05
Description
Bhairavi is a solo performance that investigates belonging and dis-belonging in diaspora communities, especially as it relates to the female body. Specifically, through my experience as a second-generation Indian-American woman - I expose and challenge the notion of ‘tradition,’ as it is forced into women’s bodies, and displaces them in their own homes. Bhairavi is a story told through movement and theatrical narrative composition with research and material collected through structured and unstructured observation of my family, cultural community, and myself.
Note: This work of creative scholarship is rooted in collaboration between three female artist-scholars: Carly Bates, Raji Ganesan, and Allyson Yoder. Working from a common intersectional, feminist framework, we served as artistic co-directors of each other’s solo pieces and co-producers of Negotiations, in which we share these pieces in relationship to each other. Thus, Negotiations is not a showcase of three individual works, but rather a conversation among three voices. As collaborators, we have been uncompromising in the pursuit of our own unique inquiries and voices, and each of our works of creative scholarship stand alone. However, we believe that all of the parts are best understood in relationship to each other, and to the whole. For this reason, we have chosen to cross-reference our thesis documents.
French Vanilla: An Exploration of Biracial Identity Through Narrative Performance by Carly Bates
Deep roots, shared fruits: Emergent creative process and the ecology of solo performance through “Dress in Something Plain and Dark” by Allyson Yoder
Bhairavi: A Performance-Investigation of Belonging and Dis-Belonging in Diaspora
Communities by Raji Ganesan
Note: This work of creative scholarship is rooted in collaboration between three female artist-scholars: Carly Bates, Raji Ganesan, and Allyson Yoder. Working from a common intersectional, feminist framework, we served as artistic co-directors of each other’s solo pieces and co-producers of Negotiations, in which we share these pieces in relationship to each other. Thus, Negotiations is not a showcase of three individual works, but rather a conversation among three voices. As collaborators, we have been uncompromising in the pursuit of our own unique inquiries and voices, and each of our works of creative scholarship stand alone. However, we believe that all of the parts are best understood in relationship to each other, and to the whole. For this reason, we have chosen to cross-reference our thesis documents.
French Vanilla: An Exploration of Biracial Identity Through Narrative Performance by Carly Bates
Deep roots, shared fruits: Emergent creative process and the ecology of solo performance through “Dress in Something Plain and Dark” by Allyson Yoder
Bhairavi: A Performance-Investigation of Belonging and Dis-Belonging in Diaspora
Communities by Raji Ganesan
ContributorsGanesan, Raji J (Author) / Underiner, Tamara (Thesis director) / Stephens, Mary (Committee member) / Computer Science and Engineering Program (Contributor) / Barrett, The Honors College (Contributor)
Created2016-05
Description
An application called "Productivity Heatmap" was created with this project with the goal of allowing users to track how productive they are over the course of a day and week, input through scheduled prompts separated by 30 minutes to 4 hours, depending on preference. The result is a heat map colored according to a user's productivity at particular times of each day during the week. The aim is to allow a user to have a visualization on when he or she is best able to be productive, given that every individual has different habits and life patterns. This application was made completely in Google's Android Studio environment using Java and XML, with SQLite being used for database management. The application runs on any Android device, and was designed to be a balance of providing useful information to a user while maintaining an attractive and intuitive interface. This thesis explores the creation of a functional mobile application for mass distribution, with a particular set of end users in mind, namely college students. Many challenges in the form of learning a new development environment were encountered and overcome, as explained in the report. The application created is a core functionality proof-of-concept of a much larger personal project in creating a versatile and useful mobile application for student use. The principles covered are the creation of a mobile application, meeting requirements specified by others, and investigating the interest generated by such a concept. Beyond this thesis, testing will be done, and future enhancements will be made for mass-market consumption.
ContributorsWeser, Matthew Paul (Author) / Nelson, Brian (Thesis director) / Balasooriya, Janaka (Committee member) / Computer Science and Engineering Program (Contributor) / Barrett, The Honors College (Contributor)
Created2016-05
Description
Radio Frequency Identification (RFID) technology allows objects to be identified electronically by way of a small electronic tag. RFID is quickly becoming quite popular, and there are many security hurdles for this technology to overcome. The iCLASS line of RFID, produced by HID Global, is one such technology that is widely used for secure access control and applications where a contactless authentication element is desirable. Unfortunately, iCLASS has been shown to have security issues. Nevertheless customers continue to use it because of the great cost that would be required to completely replace it. This Honors Thesis will address attacks against iCLASS and means for countering them that do not require such an overhaul.
ContributorsMellott, Matthew John (Author) / Ahn, Gail-Joon (Thesis director) / Thorstenson, Tina (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2014-05
Description
Modern computer processors contain an embedded firmware known as microcode that controls decode and execution of x86 instructions. Although proprietary and relatively obscure, this microcode can be modified using updates released by hardware manufacturers to correct processor logic flaws (errata). At the same time, a malicious microcode update could compromise a processor by implementing new malicious instructions or altering the functionality of existing instructions, including processor-accelerated virtualization or cryptographic primitives. Not only is this attack vector capable of subverting all software-enforced security policies and access controls, but it also leaves behind no postmortem forensic evidence since the write-only patch memory is cleared upon system reset. Although supervisor privileges (ring zero) are required to update processor microcode, this attack cannot be easily mitigated due to the implementation of microcode update functionality within processor silicon. In this paper, we reveal the microarchitecture and mechanism of microcode updates, present a security analysis of this attack vector, and provide some mitigation suggestions.
ContributorsChen, Daming Dominic (Author) / Ahn, Gail-Joon (Thesis director) / Lee, Joohyung (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor) / School of International Letters and Cultures (Contributor) / School of Mathematical and Statistical Sciences (Contributor)
Created2014-05
Description
We discuss processes involved in user-centric security design, including the synthesis of goals based on security and usability tasks. We suggest the usage of implicit security and the facilitation of secureuser actions. We propose a process for evaluating usability flaws by treating them as security threats and adapting traditional HCI methods. We discuss how to correct these flaws once they are discovered. Finally, we discuss the Usable Security Development Model for developing usable secure systems.
ContributorsJorgensen, Jan Drake (Author) / Ahn, Gail-Joon (Thesis director) / VanLehn, Kurt (Committee member) / Wilkerson, Kelly (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2013-05