SECURITY, PRIVACY AND APPLICATIONS IN VEHICULAR AD HOC NETWORKS

With wireless vehicular communications, Vehicular Ad Hoc Networks (VANETs) enable numerous applications to enhance traffic safety, traffic efficiency, and driving experience. However, VANETs also impose severe security and privacy challenges which need to be thoroughly investigated. In this dissertation, we enhance the security, privacy, and applications of VANETs, by 1) designing application-driven security and privacy solutions for VANETs, and 2) designing appealing VANET applications with proper security and privacy assurance. First, the security and privacy challenges of VANETs with most application significance are identified and thoroughly investigated. With both theoretical novelty and realistic considerations, these security and privacy schemes are especially appealing to VANETs. Specifically, multi-hop communications in VANETs suffer from packet dropping, packet tampering, and communication failures which have not been satisfyingly tackled in literature. Thus, a lightweight reliable and faithful data packet relaying framework (LEAPER) is proposed to ensure reliable and trustworthy multi-hop communications by enhancing the cooperation of neighboring nodes. Message verification, including both content and signature verification, generally is computation-extensive and incurs severe scalability issues to each node. The resource-aware message verification (RAMV) scheme is proposed to ensure resource-aware, secure, and application-friendly message verification in VANETs. On the other hand, to make VANETs acceptable to the privacy-sensitive users, the identity and location privacy of each node should be properly protected. To this end, a joint privacy and reputation assurance (JPRA) scheme is proposed to synergistically support privacy protection and reputation management by reconciling their inherent conflicting requirements. Besides, the privacy implications of short-time certificates are thoroughly investigated in a short-time certificates-based privacy protection (STCP2) scheme, to make privacy protection in VANETs feasible with short-time certificates. Secondly, three novel solutions, namely VANET-based ambient ad dissemination (VAAD), general-purpose automatic survey (GPAS), and VehicleView, are proposed to support the appealing value-added applications based on VANETs. These solutions all follow practical application models, and an incentive-centered architecture is proposed for each solution to balance the conflicting requirements of the involved entities. Besides, the critical security and privacy challenges of these applications are investigated and addressed with novel solutions. Thus, with proper security and privacy assurance, these solutions show great application significance and economic potentials to VANETs. Thus, by enhancing the security, privacy, and applications of VANETs, this dissertation fills the gap between the existing theoretic research and the realistic implementation of VANETs, facilitating the realistic deployment of VANETs.

STATE-AND-TRANSITION MODELING AND ADAPTIVE MANAGEMENT: TOOLS FOR FUTURE CO-DEVELOPMENT OF MADAGASCAR’S NATURAL RESOURCES AND PEOPLE

Madagascar’s terrestrial and aquatic ecosystems have long supported a unique set of ecological communities, many of whom are endemic to the tropical island. Those same ecosystems have been a source of valuable natural resources to some of the poorest people in the world. Nevertheless, with pride, ingenuity and resourcefulness, the Malagasy people of the southwest coast, being of Vezo identity, subsist with low development fishing techniques aimed at an increasingly threatened host of aquatic seascapes. Mangroves, sea grass bed, and coral reefs of the region are under increased pressure from the general populace for both food provisions and support of economic opportunity. Besides purveyors and extractors, the coastal waters are also subject to a number of natural stressors, including cyclones and invasive, predator species of both flora and fauna. In addition, the aquatic ecosystems of the region are undergoing increased nutrient and sediment runoff due, in part, to Madagascar’s heavy reliance on land for agricultural purposes (Scales, 2011). Moreover, its coastal waters, like so many throughout the world, have been proven to be warming at an alarming rate over the past few decades. In recognizing the intimate interconnectedness of the both the social and ecological systems, conservation organizations have invoked a host of complimentary conservation and social development efforts with the dual aim of preserving or restoring the health of both the coastal ecosystems and the people of the region. This paper provides a way of thinking more holistically about the social-ecological system within a resiliency frame of understanding. Secondly, it applies a platform known as state-and-transition modeling to give form to the process. State-and-transition modeling is an iterative investigation into the physical makeup of a system of study as well as the boundaries and influences on that state, and has been used in restorative ecology for more than a decade. Lastly, that model is sited within an adaptive management scheme that provides a structured, cyclical, objective-oriented process for testing stakeholders cognitive understanding of the ecosystem through a pragmatic implementation and monitoring a host of small-scale interventions developed as part of the adaptive management process. Throughout, evidence of the application of the theories and frameworks are offered, with every effort made to retool conservation-minded development practitioners with a comprehensive strategy for addressing the increasingly fragile social-ecological systems of southwest Madagascar. It is offered, in conclusion, that the seascapes of the region would be an excellent case study worthy of future application of state-and-transition modeling and adaptive management as frameworks for conservation-minded development practitioners whose multiple projects, each with its own objective, have been implemented with a single goal in mind: preserve and protect the state of the supporting environment while providing for the basic needs of the local Malagasy people.

A FIREWALL MODEL OF FILE SYSTEM SECURITY

File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about “who” can access an object, but also about “how” a subject can access an object. To enforce the security policies, each access request is checked against the specified policies to decide whether it is allowed or rejected. The current protection schemes in UNIX/Linux systems focus on the access control. Besides the basic access control scheme of the system itself, which includes permission bits, setuid and seteuid mechanism and the root, there are other protection models, such as Capabilities, Domain Type Enforcement (DTE) and Role-Based Access Control (RBAC), supported and used in certain organizations. These models protect the confidentiality of the data directly. The integrity of the data is protected indirectly by only allowing trusted users to operate on the objects. The access control decisions of these models depend on either the identity of the user or the attributes of the process the user can execute, and the attributes of the objects. Adoption of these sophisticated models has been slow; this is likely due to the enormous complexity of specifying controls over a large file system and the need for system administrators to learn a new paradigm for file protection. We propose a new security model: file system firewall. It is an adoption of the familiar network firewall protection model, used to control the data that flows between networked computers, toward file system protection. This model can support decisions of access control based on any system generated attributes about the access requests, e.g., time of day. The access control decisions are not on one entity, such as the account in traditional discretionary access control or the domain name in DTE. In file system firewall, the access decisions are made upon situations on multiple entities. A situation is programmable with predicates on the attributes of subject, object and the system. File system firewall specifies the appropriate actions on these situations. We implemented the prototype of file system firewall on SUSE Linux. Preliminary results of performance tests on the prototype indicate that the runtime overhead is acceptable. We compared file system firewall with TE in SELinux to show that firewall model can accommodate many other access control models. Finally, we show the ease of use of firewall model. When firewall system is restricted to specified part of the system, all the other resources are not affected. This enables a relatively smooth adoption. This fact and that it is a familiar model to system administrators will facilitate adoption and correct use. The user study we conducted on traditional UNIX access control, SELinux and file system firewall confirmed that. The beginner users found it easier to use and faster to learn then traditional UNIX access control scheme and SELinux.

Local Use and Management of Tasba (Senna obtusifolia) in the Traditional Food System of Sanguere Paul, North Cameroon

The purpose of this study is to examine the importance of the wild edible weed tasba (Senna obtusifolia) in Sanguéré Paul, Cameroon by examining how households use and manage the plant. This study found that local management of tasba is minimal compared to other traditional vegetables. Tasba was collected most frequently from en brousse or the communal, fallowed land which is often too degraded for traditional field crops to grow. Women subsistence farmers were closely involved with tasba as they are the ones responsible for food production within the family. Socioeconomic differences between women affects how they manage tasba and other vegetables to form a livelihood strategy to achieve food security within the family. Modifications and changes in management and use of tasba are influenced by time, proximity and income based on her perspective, preferences and resources available. Overall, tasba is an integral part of the traditional food system in Sanguéré Paul, and can play a role in the uncertain ecological and social setting of northern Cameroon.