Matching Items (5)
Filtering by
- All Subjects: Privacy
- All Subjects: Network Architectures
- Creators: Reisslein, Martin
Description
This dissertation is focused on building scalable Attribute Based Security Systems (ABSS), including efficient and privacy-preserving attribute based encryption schemes and applications to group communications and cloud computing. First of all, a Constant Ciphertext Policy Attribute Based Encryption (CCP-ABE) is proposed. Existing Attribute Based Encryption (ABE) schemes usually incur large, linearly increasing ciphertext. The proposed CCP-ABE dramatically reduces the ciphertext to small, constant size. This is the first existing ABE scheme that achieves constant ciphertext size. Also, the proposed CCP-ABE scheme is fully collusion-resistant such that users can not combine their attributes to elevate their decryption capacity. Next step, efficient ABE schemes are applied to construct optimal group communication schemes and broadcast encryption schemes. An attribute based Optimal Group Key (OGK) management scheme that attains communication-storage optimality without collusion vulnerability is presented. Then, a novel broadcast encryption model: Attribute Based Broadcast Encryption (ABBE) is introduced, which exploits the many-to-many nature of attributes to dramatically reduce the storage complexity from linear to logarithm and enable expressive attribute based access policies. The privacy issues are also considered and addressed in ABSS. Firstly, a hidden policy based ABE schemes is proposed to protect receivers' privacy by hiding the access policy. Secondly,a new concept: Gradual Identity Exposure (GIE) is introduced to address the restrictions of hidden policy based ABE schemes. GIE's approach is to reveal the receivers' information gradually by allowing ciphertext recipients to decrypt the message using their possessed attributes one-by-one. If the receiver does not possess one attribute in this procedure, the rest of attributes are still hidden. Compared to hidden-policy based solutions, GIE provides significant performance improvement in terms of reducing both computation and communication overhead. Last but not least, ABSS are incorporated into the mobile cloud computing scenarios. In the proposed secure mobile cloud data management framework, the light weight mobile devices can securely outsource expensive ABE operations and data storage to untrusted cloud service providers. The reported scheme includes two components: (1) a Cloud-Assisted Attribute-Based Encryption/Decryption (CA-ABE) scheme and (2) An Attribute-Based Data Storage (ABDS) scheme that achieves information theoretical optimality.
ContributorsZhou, Zhibin (Author) / Huang, Dijiang (Thesis advisor) / Yau, Sik-Sang (Committee member) / Ahn, Gail-Joon (Committee member) / Reisslein, Martin (Committee member) / Arizona State University (Publisher)
Created2011
Description
Mobile devices have penetrated into every aspect of modern world. For one thing, they are becoming ubiquitous in daily life. For the other thing, they are storing more and more data, including sensitive data. Therefore, security and privacy of mobile devices are indispensable. This dissertation consists of five parts: two authentication schemes, two attacks, and one countermeasure related to security and privacy of mobile devices.
Specifically, in Chapter 1, I give an overview the challenges and existing solutions in these areas. In Chapter 2, a novel authentication scheme is presented, which is based on a user’s tapping or sliding on the touchscreen of a mobile device. In Chapter 3, I focus on mobile app fingerprinting and propose a method based on analyzing the power profiles of targeted mobile devices. In Chapter 4, I mainly explore a novel liveness detection method for face authentication on mobile devices. In Chapter 5, I investigate a novel keystroke inference attack on mobile devices based on user eye movements. In Chapter 6, a novel authentication scheme is proposed, based on detecting a user’s finger gesture through acoustic sensing. In Chapter 7, I discuss the future work.
Specifically, in Chapter 1, I give an overview the challenges and existing solutions in these areas. In Chapter 2, a novel authentication scheme is presented, which is based on a user’s tapping or sliding on the touchscreen of a mobile device. In Chapter 3, I focus on mobile app fingerprinting and propose a method based on analyzing the power profiles of targeted mobile devices. In Chapter 4, I mainly explore a novel liveness detection method for face authentication on mobile devices. In Chapter 5, I investigate a novel keystroke inference attack on mobile devices based on user eye movements. In Chapter 6, a novel authentication scheme is proposed, based on detecting a user’s finger gesture through acoustic sensing. In Chapter 7, I discuss the future work.
ContributorsChen, Yimin (Author) / Zhang, Yanchao (Thesis advisor) / Zhang, Junshan (Committee member) / Reisslein, Martin (Committee member) / Ying, Lei (Committee member) / Arizona State University (Publisher)
Created2018
Description
Emerging modular cable network architectures distribute some cable headend functions to remote nodes that are located close to the broadcast cable links reaching the cable modems (CMs) in the subscriber homes and businesses. In the Remote- PHY (R-PHY) architecture, a Remote PHY Device (RPD) conducts the physical layer processing for the analog cable transmissions, while the headend runs the DOCSIS medium access control (MAC) for the upstream transmissions of the distributed CMs over the shared cable link. In contrast, in the Remote MACPHY (R-MACPHY) ar- chitecture, a Remote MACPHY Device (RMD) conducts both the physical and MAC layer processing. The dissertation objective is to conduct a comprehensive perfor- mance comparison of the R-PHY and R-MACPHY architectures. Also, development of analytical delay models for the polling-based MAC with Gated bandwidth alloca- tion of Poisson traffic in the R-PHY and R-MACPHY architectures and conducting extensive simulations to assess the accuracy of the analytical model and to evaluate the delay-throughput performance of the R-PHY and R-MACPHY architectures for a wide range of deployment and operating scenarios. Performance evaluations ex- tend to the use of Ethernet Passive Optical Network (EPON) as transport network between remote nodes and headend. The results show that for long CIN distances above 100 miles, the R-MACPHY architecture achieves significantly shorter mean up- stream packet delays than the R-PHY architecture, especially for bursty traffic. The extensive comparative R-PHY and R-MACPHY comparative evaluation can serve as a basis for the planning of modular broadcast cable based access networks.
ContributorsAlharbi, Ziyad Ghazai (Author) / Reisslein, Martin (Thesis advisor) / Thyagaturu, Akhilesh (Committee member) / Zhang, Yanchao (Committee member) / McGarry, Michael (Committee member) / Arizona State University (Publisher)
Created2019
Description
Smartphone privacy is a growing concern around the world; smartphone applications routinely take personal information from our phones and monetize it for their own profit. Worse, they're doing it legally. The Terms of Service allow companies to use this information to market, promote, and sell personal data. Most users seem to be either unaware of it, or unconcerned by it. This has negative implications for the future of privacy, particularly as the idea of smart home technology becomes a reality. If this is what privacy looks like now, with only one major type of smart device on the market, what will the future hold, when the smart home systems come into play. In order to examine this question, I investigated how much awareness/knowledge smartphone users of a specific demographic (millennials aged 18-25) knew about their smartphone's data and where it goes. I wanted three questions answered: - For what purposes do millennials use their smartphones? - What do they know about smartphone privacy and security? - How will this affect the future of privacy? To accomplish this, I gathered information using a distributed survey to millennials attending Arizona State University. Using statistical analysis, I exposed trends for this demographic, discovering that there isn't a lack of knowledge among millennials; most are aware that smartphone apps can collect and share data and many of the participants are not comfortable with the current state of smartphone privacy. However, more than half of the study participants indicated that they never read an app's Terms of Service. Due to the nature of the privacy vs. convenience argument, users will willingly agree to let apps take their personal in- formation, since they don't want to give up the convenience.
ContributorsJones, Scott Spenser (Author) / Atkinson, Robert (Thesis director) / Chavez-Echeagaray, Maria Elena (Committee member) / Computer Science and Engineering Program (Contributor) / Barrett, The Honors College (Contributor)
Created2016-12
Description
Access Networks provide the backbone to the Internet connecting the end-users to
the core network thus forming the most important segment for connectivity. Access
Networks have multiple physical layer medium ranging from fiber cables, to DSL links
and Wireless nodes, creating practically-used hybrid access networks. We explore the
hybrid access network at the Medium ACcess (MAC) Layer which receives packets
segregated as data and control packets, thus providing the needed decoupling of data
and control plane. We utilize the Software Defined Networking (SDN) principle of
centralized processing with segregated data and control plane to further extend the
usability of our algorithms. This dissertation introduces novel techniques in Dynamic
Bandwidth allocation, control message scheduling policy, flow control techniques and
Grouping techniques to provide improved performance in Hybrid Passive Optical Networks (PON) such as PON-xDSL, FiWi etc. Finally, we study the different types of
software defined algorithms in access networks and describe the various open challenges and research directions.
the core network thus forming the most important segment for connectivity. Access
Networks have multiple physical layer medium ranging from fiber cables, to DSL links
and Wireless nodes, creating practically-used hybrid access networks. We explore the
hybrid access network at the Medium ACcess (MAC) Layer which receives packets
segregated as data and control packets, thus providing the needed decoupling of data
and control plane. We utilize the Software Defined Networking (SDN) principle of
centralized processing with segregated data and control plane to further extend the
usability of our algorithms. This dissertation introduces novel techniques in Dynamic
Bandwidth allocation, control message scheduling policy, flow control techniques and
Grouping techniques to provide improved performance in Hybrid Passive Optical Networks (PON) such as PON-xDSL, FiWi etc. Finally, we study the different types of
software defined algorithms in access networks and describe the various open challenges and research directions.
ContributorsMercian, Anu (Author) / Reisslein, Martin (Thesis advisor) / McGarry, Michael P (Committee member) / Tepedelenlioğlu, Cihan (Committee member) / Zhang, Yanchao (Committee member) / Arizona State University (Publisher)
Created2015