A generic framework for three-factor authentication : preserving security and privacy in distributed systems

As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is proposed to upgrade two-factor authentication to three-factor authentication. The conversion not only significantly improves the information assurance at low cost but also protects client privacy in distributed systems. In addition, our framework retains several practice-friendly properties of the underlying two-factor authentication, which we believe is of independent interest.

Attack vector analysis and privacy-preserving social network data publishing

This paper addresses the problem of privacy-preserving data publishing for social network. Research on protecting the privacy of individuals and the confidentiality of data in social network has recently been receiving increasing attention. Privacy is an important issue when one wants to make use of data that involves individuals' sensitive information, especially in a time when data collection is becoming easier and sophisticated data mining techniques are becoming more efficient. In this paper, we discuss various privacy attack vectors on social networks. We present algorithms that sanitize data to make it safe for release while preserving useful information, and discuss ways of analyzing the sanitized data. This study provides a summary of the current state-of-the-art, based on which we expect to see advances in social networks data publishing for years to come.

Multimodal synthesis and the voice of the multimedia author in a Japanese EFL context

This paper examines a powerful potential of multimodal design: meaning that transcends the total semiotic contribution of a text's constituent parts. With reference to data drawn from the digital storytelling practices of Japanese university students, the author argues and demonstrates that in the current semiotic climate, characterised by the increasing availability and complexity of communication tools and ready appropriation of available designs, practices of multimedia authorship truly can evince expression that is authentically multiplicative. However, this sort of meaning making does not automatically come about. Controlling the inherent polysemy of multimodal texts, in the author's view, is a matter of recognising points of semantic correspondence among co-deployed images, language, etc. and creating syntheses of potential meaning that cut across these semiotic modes. The author further argues that it is in this way that the voice of the multimodal author can most clearly be heard, particularly in cases in which a language learner–author integrates elements within a multimedia text that encode meaning in the L2.

Privacy threat analysis of social network data

Social network data has been increasingly made publicly available and analyzed in a wide spectrum of application domains. The practice of publishing social network data has brought privacy concerns to the front. Serious concerns on privacy protection in social networks have been raised in recent years. Realization of the promise of social networks data requires addressing these concerns. This paper considers the privacy disclosure in social network data publishing. In this paper, we present a systematic analysis of the various risks to privacy in publishing of social network data. We identify various attacks that can be used to reveal private information from social network data. This information is useful for developing practical countermeasures against the privacy attacks.

Improvement of DDoS attack detection and web access anonymity

The thesis has covered a range of algorithms that help to improve the security of web services. The research focused on the problems of DDoS attack and traffic analysis attack against service availability and information privacy respectively. Finally, this research significantly advantaged DDoS attack detection and web access anonymity.

Dynamic privacy assessment in a smart house environment using multimodal sensing

Surveillance applications in private environments such as smart houses require a privacy management policy if such systems are to be accepted by the occupants of the environment. This is due to the invasive nature of surveillance, and the private nature of the home. In this article, we propose a framework for dynamically altering the privacy policy applied to the monitoring of a smart house based on the situation within the environment. Initially the situation, or context, within the environment is determined; we identify several factors for determining environmental context, and propose methods to quantify the context using audio and binary sensor data. The context is then mapped to an appropriate privacy policy, which is implemented by applying data hiding techniques to control access to data gathered from various information sources. The significance of this work lies in the examination of privacy issues related to assisted-living smart house environments. A single privacy policy in such applications would be either too restrictive for an observer, for example, a carer, or too invasive for the occupants. We address this by proposing a dynamic method, with the aim of decreasing the invasiveness of the technology, while retaining the purpose of the system.

A framework for the design of privacy preserving pervasive healthcare

Privacy is an important aspect of pervasive and ubiquitous computing systems, and, in particular, pervasive healthcare. With reference to previous approaches on developing privacy sensitive pervasive healthcare applications, we detail a framework for the design of such systems that aims to minimise the impact of privacy on such systems. In reviewing previous approaches, we extract and combine common elements in order to unify the approaches and create a more formal methodology for designing privacy mechanisms in pervasive healthcare applications. In doing so we also consider the manner in which ubiquitous technologies impact on privacy and methods for reducing this impact. We demonstrate how the framework can be applied by using examples from the previous approaches. In addressing privacy issues, the framework aims to remove a large obstacle to deployment of pervasive healthcare systems, acceptance of the technology.

Context aware privacy in visual surveillance

In this paper we present preliminary work implementing dynamic privacy in public surveillance. The aim is to maximise the privacy of those under surveillance, while giving an observer access to sufficient information to perform their duties. As these aspects are in conflict, a dynamic approach to privacy is required to balance the system's purpose with the system's privacy. Dynamic privacy is achieved by accounting for the situation, or context, within the environment. The context is determined by a number of visual features that are combined and then used to determine an appropriate level of privacy.

Dynamic privacy in a smart house environment

A smart house can be regarded as a surveillance environment in which the person being observed carries out activities that range from intimate to more public. What can be observed depends on the activity, the person observing (e.g. a carer) and policy. In assisted living smart house environments, a single privacy policy, applied throughout, would be either too invasive for an occupant, or too restrictive for an observer, due to the conflicting goals of surveillance and private environments. Hence, we propose a dynamic method for altering the level of privacy in the environment based on the context, the situation within the environment, encompassing factors relevant to ensuring the occupant's safety and privacy. The context is mapped to an appropriate level of privacy, which is implemented by controlling access to data sources (e.g. video) using data hiding techniques. The aim of this work is to decrease the invasiveness of the technology, while retaining the purpose of the system.

Privacy and the access of information in a smart house environment

In this paper we present a framework for addressing privacy issues raised by the monitoring of assisted living smart house environments. In home environments, the conflict between the goals of the surveillance, and the private nature of the home, raises the issue of occupant privacy. This issue needs to be addressed if applications are to be accepted by the occupant. We identify four key properties required for the design of privacy sensitive ubiquitous computing applications. Subsequently, we develop a dynamic and flexible method for implementing privacy measures through controlling access to data, and an interface to provide feedback to the occupant, enabling them to control the implemented privacy measures. We form a generic framework for implementing privacy sensitive ubiquitous computing applications based on previous applications within the field. This framework was then extended and used to develop a specific framework for a privacy sensitive smart house. The approach proposed in the framework dynamically applies privacy measures to multi-modal data according to the situation, or context, of the environment. We further test an implementation of the privacy measures, and detail methods to implement feedback and control. The approach aims to decrease the invasiveness of the surveillance, while retaining the purpose of the assisted living environment.