An efficient anonymous remote attestation scheme for trusted computing based on improved CPK

 The platform remote attestation (RA) is one of the main features of trusted computing platform proposed by the trusted computing group (TCG). The privacy certificate authority (CA) solution of RA requires users to pay for multiple certificates, and the direct anonymous attestation (DAA) solution leads to inefficiency. TCG RA also suffers from limitations of platform configuration privacy. This paper proposed a RA scheme based on an improved combined public key cryptography (ICPK) (abbreviated to RA-ICPK). RA-ICPK is a certificate-less scheme without using public key infrastructure CA signature or DAA signature, which combines commitment scheme, zero-knowledge proof and ring signature (RS) to own the property of unforgeability and privacy. RA-ICPK is mainly based on elliptic curve cryptography without bilinear pair computing, and only carries out zero-knowledge proof one time. RA-ICPK need not depend on trusted third parties to check trusted platform modules identity and integrity values revocations. © 2014 Springer Science+Business Media New York

Security from the transparent computing aspect

Transparent computing is an emerging computing paradigm where the users can enjoy any kind of service over networks on-demand with any devices, without caring about the underlying deployment details. In transparent computing, all software resources (even the OS) are stored on remote servers, from which the clients can request the resources for local execution in a block-streaming way. This paradigm has many benefits including cross-platform experience, user orientation, and platform independence. However, due to its fundamental features, e.g., separation of computation and storage in clients and servers respectively, and block-streaming-based scheduling and execution, transparent computing faces many new security challenges that may become its biggest obstacle. In this paper, we propose a Transparent Computing Security Architecture (TCSA), which builds user-controlled security for transparent computing by allowing the users to configure the desired security environments on demand. We envision, TCSA, which allows the users to take the initiative to protect their own data, is a promising solution for data security in transparent computing. © 2014 IEEE.

Fog computing: a cloud to the ground support for smart things and machine-to-machine networks

Cloud services to smart things face latency and intermittent connectivity issues. Fog devices are positioned between cloud and smart devices. Their high speed Internet connection to the cloud, and physical proximity to users, enable real time applications and location based services, and mobility support. Cisco promoted fog computing concept in the areas of smart grid, connected vehicles and wireless sensor and actuator networks. This survey article expands this concept to the decentralized smart building control, recognizes cloudlets as special case of fog computing, and relates it to the software defined networks (SDN) scenarios. Our literature review identifies a handful number of articles. Cooperative data scheduling and adaptive traffic light problems in SDN based vehicular networks, and demand response management in macro station and micro-grid based smart grids are discussed. Security, privacy and trust issues, control information overhead and network control policies do not seem to be studied so far within the fog computing concept.

Energy efficiency on location based applications in mobile cloud computing: a survey

The constrained battery power of mobile devices poses a serious impact on user experience. As an increasingly prevalent type of applications in mobile cloud environments, location-based applications (LBAs) present some inherent limitations concerning energy. For example, the Global Positioning System based positioning mechanism is well-known for its extremely power-hungry attribute. Due to the severity of the issue, considerable researches have focused on energy-efficient locating sensing mechanism in the last a few years. In this paper, we provide a comprehensive survey of recent work on low-power design of LBAs. An overview of LBAs and different locating sensing technologies used today are introduced. Methods for energy saving with existing locating technologies are investigated. Reductions of location updating queries and simplifications of trajectory data are also mentioned. Moreover, we discuss cloud-based schemes in detail which try to develop new energy-efficient locating technologies by leveraging the cloud capabilities of storage, computation and sharing. Finally, we conclude the survey and discuss the future research directions. © 2013 Springer-Verlag Wien.

Theorising about gender and computing interventions through an evaluation framework

Despite over 20 years of intervention programmes, the gender balance in the computing profession is not improving. It has been suggested that the problem with much of the research on gender and computing is that it is under-theorised. The contribution of this study is an evaluation framework, designed to evaluate gender and computing interventions, which will advance the theorisation of research through programme evaluation. This study was undertaken in three phases: The first involved theory building through an extensive review of the literature resulting in a conceptual framework for intervention programme evaluation. The second phase consisted of a multiple-case study of 14 major intervention programmes in Australia. Subsequent modifications to the conceptual framework resulted in the gender and computing intervention evaluation framework. The value of the framework was confirmed in phase three by intervention experts and showed that applying the framework will help programme champions to evaluate their programmes more thoroughly. The dissemination of sound evaluation results will then enable a deeper theorisation of the issues surrounding gender and computing interventions.

FEACS: a flexible and efficient access control scheme for cloud computing

In the past few years, cloud computing has emerged as one of the most influential paradigms in the IT industry. As promising as it is, this paradigm brings forth many new challenges for data security because users have to outsource sensitive data on untrusted cloud servers for sharing. In this paper, to guarantee the confidentiality and security of data sharing in cloud environment, we propose a Flexible and Efficient Access Control Scheme (FEACS) based on Attribute-Based Encryption, which is suitable for fine-grained access control. Compared with existing state-of-the-art schemes, FEACS is more practical by following functions. First of all, considering the factor that the user membership may change frequently in cloud environment, FEACS has the capability of coping with dynamic membership efficiently. Secondly, full logic expression is supported to make the access policy described accurately and efficiently. Besides, we prove in the standard model that FEACS is secure based on the Decisional Bilinear Diffie-Hellman assumption. To evaluate the practicality of FEACS, we provide a detailed theoretical performance analysis and a simulation comparison with existing schemes. Both the theoretical analysis and the experimental results prove that our scheme is efficient and effective for cloud environment.

Outreach programmes to attract girls into computing: how the best laid plans can sometimes fail

This article presents a reflective analysis of an outreach programme called the Digital Divas Club. This curriculum-based programme was delivered in Australian schools with the aim of stimulating junior and middle school girls’ interest in computing courses and careers. We believed that we had developed a strong intervention programme based on previous literature and our collective knowledge and experiences. While it was coordinated by university academics, the programme content was jointly created and modified by practicing school teachers. After four years, when the final data were compiled, it showed that our programme produced significant change to student confidence in computing, but the ability to influence a desire to pursue a career path in computing did not fully eventuate. To gain a deeper insight in to why this may be the case, data collected from two of the schools are interrogated in more detail as described in this article. These schools were at the end of the expected programme outcomes. We found that despite designing a programme that delivered a multi-layered positive computing experience, factors beyond our control such as school culture and teacher technical self-efficacy help account for the unanticipated results. Despite our best laid plans, the expectations that this semester long programme would influence students’ longer term career outcomes may have been aspirational at best.

Revisiting social influence in the ubiquitous computing era

This paper revisits the social influence construct in the era of ubiquitous computing. Despite its rather broad origins in psychology, social influence has to date been operationalized rather narrowly in the information technology adoption literature. We report on a study of mobile technology users in which we studied various social influences on these individuals. We isolate four distinct variants of social influence, operating in both inbound and outbound directions, each with positive and negative impacts. The study integrates three different dimensions of social influence into an analytical framework to facilitate future research. © 2012 IEEE.

Enabling cloud computing in emergency management systems

Emergencies, including both natural and man - made disasters, increasingly pose an immediate threat to life, health, property, and environment. For example, Hurricane Katrina, the deadliest and most destructive Atlantic tropical cyclone of the 2005 Atlantic hurricane season, led to at least 1,883 people's death and an estimated loss of - 108 billion property. To reduce the damage by emergencies, a wide range of cutting-edge technologies on medicine and information are used in all phases of emergency management. This article proposes a cloud-based emergency management system for environmental and structural monitoring that utilizes the powerful computing and storage capability of datacenters to analyze the mass data collected by the wireless intelligent sensor network deployed in civil environment. The system also benefits from smartphone and social network platform to setup the spatial and population models, which enables faster evacuation and better resource allocation.

Dynamic cloud service selection using an adaptive learning mechanism in multi-cloud computing

Cloud service selection in a multi-cloud computing environment is receiving more and more attentions. There is an abundance of emerging cloud service resources that makes it hard for users to select the better services for their applications in a changing multi-cloud environment, especially for online real time applications. To assist users to efficiently select their preferred cloud services, a cloud service selection model adopting the cloud service brokers is given, and based on this model, a dynamic cloud service selection strategy named DCS is put forward. In the process of selecting services, each cloud service broker manages some clustered cloud services, and performs the DCS strategy whose core is an adaptive learning mechanism that comprises the incentive, forgetting and degenerate functions. The mechanism is devised to dynamically optimize the cloud service selection and to return the best service result to the user. Correspondingly, a set of dynamic cloud service selection algorithms are presented in this paper to implement our mechanism. The results of the simulation experiments show that our strategy has better overall performance and efficiency in acquiring high quality service solutions at a lower computing cost than existing relevant approaches.

A secure cloud computing based framework for big data information management of smart grid

Smart grid is a technological innovation that improves efficiency, reliability, economics, and sustainability of electricity services. It plays a crucial role in modern energy infrastructure. The main challenges of smart grids, however, are how to manage different types of front-end intelligent devices such as power assets and smart meters efficiently; and how to process a huge amount of data received from these devices. Cloud computing, a technology that provides computational resources on demands, is a good candidate to address these challenges since it has several good properties such as energy saving, cost saving, agility, scalability, and flexibility. In this paper, we propose a secure cloud computing based framework for big data information management in smart grids, which we call 'Smart-Frame.' The main idea of our framework is to build a hierarchical structure of cloud computing centers to provide different types of computing services for information management and big data analysis. In addition to this structural framework, we present a security solution based on identity-based encryption, signature and proxy re-encryption to address critical security issues of the proposed framework.