Tracking Pacific bluefin tuna (Thunnus thynnus orientalis) in the northeastern Pacific with an automated algorithm that estimates latitude by matching sea-surface-temperature data from satellites with temperature data from tags on fish

Data recovered from 11 popup satellite archival tags and 3 surgically implanted archival tags were used to analyze the movement patterns of juvenile northern bluefin tuna (Thunnus thynnus orientalis) in the eastern Pacific. The light sensors on archival and pop-up satellite transmitting archival tags (PSATs) provide data on the time of sunrise and sunset, allowing the calculation of an approximate geographic position of the animal. Light-based estimates of longitude are relatively robust but latitude estimates are prone to large degrees of error, particularly near the times of the equinoxes and when the tag is at low latitudes. Estimating latitude remains a problem for researchers using light-based geolocation algorithms and it has been suggested that sea surface temperature data from satellites may be a useful tool for refining latitude estimates. Tag data from bluefin tuna were subjected to a newly developed algorithm, called “PSAT Tracker,” which automatically matches sea surface temperature data from the tags with sea surface temperatures recorded by satellites. The results of this algorithm compared favorably to the estimates of latitude calculated with the lightbased algorithms and allowed for estimation of fish positions during times of the year when the lightbased algorithms failed. Three near one-year tracks produced by PSAT tracker showed that the fish range from the California−Oregon border to southern Baja California, Mexico, and that the majority of time is spent off the coast of central Baja Mexico. A seasonal movement pattern was evident; the fish spend winter and spring off central Baja California, and summer through fall is spent moving northward to Oregon and returning to Baja California.

RFID Tag Interrogation Systems

We describe an RFID tag reading system for reading one or more RFID Tags, the system comprising an RF transmitter and an RF receiver, a plurality of transmit/receive antennas coupled to said RF transmitter and to said RF receiver, to provide spatial transmit/receive signal diversity, and a tag signal decoder coupled to at least said RF receiver, wherein said system is configured to combine received RF signals from said antennas to provide a combined received RF signal, wherein said RF receiver has said combined received RF signal as an input; wherein said antennas are spaced apart from one another sufficiently for one said antenna not to be within the near field of another said antenna, wherein said system is configured to perform a tag inventory cycle comprising a plurality of tag read rounds to read said tags, a said tag read round comprising transmission of one or more RF tag interrogation signals simultaneously from said plurality of antennas and receiving a signal from one or more of said tags, a said tag read round having a set of time slots during which a said tag is able to transmit tag data including a tag ID for reception by said antenna, and wherein said system is configured to perform, during a said tag inventory cycle, one or both of: a change in a frequency of said tag interrogation signals transmitted simultaneously from said plurality of antennas, and a change in a relative phase of a said RF tag interrogation signals transmitted from one of said antennas with respect to another of said antennas.

Mutual authentication protocol for networked RFID systems

In this paper we address the problem of securing networked RFID applications. We develop and present a RFID security protocol that allows mutual authentication between the reader and tag as well as secure communication of tag data. The protocol presented uses a hybrid method to provide strong security while ensuring the resource requirements are low. To this end it employs a mix of simple one way hashing and low-cost bit wise operations. Our protocol ensures the confidentiality and integrity of all data being communicated and allows for reliable mutual authentication between tags and readers. The protocol presented is also resistant to a large number of common attacks.

Secure distributed deduplication systems with improved reliability

Data deduplication is a technique for eliminating duplicate copies of data, and has been widely used in cloud storage to reduce storage space and upload bandwidth. However, there is only one copy for each file stored in cloud even if such a file is owned by a huge number of users. As a result, deduplication system improves storage utilization while reducing reliability. Furthermore, the challenge of privacy for sensitive data also arises when they are outsourced by users to cloud. Aiming to address the above security challenges, this paper makes the first attempt to formalize the notion of distributed reliable deduplication system. We propose new distributed deduplication systems with higher reliability in which the data chunks are distributed across multiple cloud servers. The security requirements of data confidentiality and tag consistency are also achieved by introducing a deterministic secret sharing scheme in distributed storage systems, instead of using convergent encryption as in previous deduplication systems. Security analysis demonstrates that our deduplication systems are secure in terms of the definitions specified in the proposed security model. As a proof of concept, we implement the proposed systems and demonstrate that the incurred overhead is very limited in realistic environments.

A secure and efficient data sharing framework with delegated capabilities in hybrid cloud

Hybrid cloud is a widely used cloud architecture in large companies that can outsource data to the publiccloud, while still supporting various clients like mobile devices. However, such public cloud data outsourcing raises serious security concerns, such as how to preserve data confidentiality and how to regulate access policies to the data stored in public cloud. To address this issue, we design a hybrid cloud architecture that supports data sharing securely and efficiently, even with resource-limited devices, where private cloud serves as a gateway between the public cloud and the data user. Under such architecture, we propose an improved construction of attribute-based encryption that has the capability of delegating encryption/decryption computation, which achieves flexible access control in the cloud and privacy-preserving in datautilization even with mobile devices. Extensive experiments show the scheme can further decrease the computational cost and space overhead at the user side, which is quite efficient for the user with limited mobile devices. In the process of delegating most of the encryption/decryption computation to private cloud, the user can not disclose any information to the private cloud. We also consider the communication securitythat once frequent attribute revocation happens, our scheme is able to resist some attacks between private cloud and data user by employing anonymous key agreement.

Formal analysis of card-based payment systems in mobile devices

To provide card holder authentication while they are conducting an electronic transaction using mobile devices, VISA and MasterCard independently proposed two electronic payment protocols: Visa 3D Secure and MasterCard Secure Code. The protocols use pre-registered passwords to provide card holder authentication and Secure Socket Layer/ Transport Layer Security (SSL/TLS) for data confidentiality over wired networks and Wireless Transport Layer Security (WTLS) between a wireless device and a Wireless Application Protocol (WAP) gateway. The paper presents our analysis of security properties in the proposed protocols using formal method tools: Casper and FDR2. We also highlight issues concerning payment security in the proposed protocols.

External auditors’ perceptions of cloud computing adoption in Australia

Adopting a multi-theoretical approach, I examine external auditors’ perceptions of the reasons why organizations do or do not adopt cloud computing. I interview forensic accountants and IT experts about the adoption, acceptance, institutional motives, and risks of cloud computing. Although the medium to large accounting firms where the external auditors worked almost exclusively used private clouds, both private and public cloud services were gaining a foothold among many of their clients. Despite the advantages of cloud computing, data confidentiality and the involvement of foreign jurisdictions remain a concern, particularly if the data are moved outside Australia. Additionally, some organizations seem to understand neither the technology itself nor their own requirements, which may lead to poorly negotiated contracts and service agreements. To minimize the risks associated with cloud computing, many organizations turn to hybrid solutions or private clouds that include national or dedicated data centers. To the best of my knowledge, this is the first empirical study that reports on cloud computing adoption from the perspectives of external auditors.

A type system for value-dependent information flow analysis

Information systems are widespread and used by anyone with computing devices as well as corporations and governments. It is often the case that security leaks are introduced during the development of an application. Reasons for these security bugs are multiple but among them one can easily identify that it is very hard to define and enforce relevant security policies in modern software. This is because modern applications often rely on container sharing and multi-tenancy where, for instance, data can be stored in the same physical space but is logically mapped into different security compartments or data structures. In turn, these security compartments, to which data is classified into in security policies, can also be dynamic and depend on runtime data. In this thesis we introduce and develop the novel notion of dependent information flow types, and focus on the problem of ensuring data confidentiality in data-centric software. Dependent information flow types fit within the standard framework of dependent type theory, but, unlike usual dependent types, crucially allow the security level of a type, rather than just the structural data type itself, to depend on runtime values. Our dependent function and dependent sum information flow types provide a direct, natural and elegant way to express and enforce fine grained security policies on programs. Namely programs that manipulate structured data types in which the security level of a structure field may depend on values dynamically stored in other fields The main contribution of this work is an efficient analysis that allows programmers to verify, during the development phase, whether programs have information leaks, that is, it verifies whether programs protect the confidentiality of the information they manipulate. As such, we also implemented a prototype typechecker that can be found at http://ctp.di.fct.unl.pt/DIFTprototype/.

Confidentialité et sécurité pour les applications de télémédecine en droit européen

L’auteur traite ici de la télémédecine, une sorte d’application des technologies de l’information et de la communication aux activités du secteur des soins de santé. Il fait d’abord état des nombreux produits et services qu’offre cette application, allant de la prise de rendez-vous chez le médecin grâce à l’informatique, aux vêtements dits intelligents et qui sont munis de capteurs permettant la délivrance à distance des médicaments directement au patient. Le nombre d’applications de la télémédecine étant quasi illimité, nombreuses deviennent les informations à gérer et qui se rapportent tant aux patients qu’au personnel soignant et qu’à leurs collaborateurs. Cela pose évidemment le problème de la confidentialité et de la sécurité se rapportant à de telles applications. C'est justement cette question qui sera traitée par l’auteur qui nous rappelle d’abord l’importance en Europe de l’encadrement juridique de la télémédecine afin d’assurer la protection des données médicales. Une telle protection a surtout été consacrée à travers des directives émanant de la Communauté européenne où la confidentialité et la sécurité des traitements de données ne sont qu’une partie des règles qui assurent la protection des données médicales.

Elementary Petri net inside RFID distributed database (PNRD)

Usually, a Petri net is applied as an RFID model tool. This paper, otherwise, presents another approach to the Petri net concerning RFID systems. This approach, called elementary Petri net inside an RFID distributed database, or PNRD, is the first step to improve RFID and control systems integration, based on a formal data structure to identify and update the product state in real-time process execution, allowing automatic discovery of unexpected events during tag data capture. There are two main features in this approach: to use RFID tags as the object process expected database and last product state identification; and to apply Petri net analysis to automatically update the last product state registry during reader data capture. RFID reader data capture can be viewed, in Petri nets, as a direct analysis of locality for a specific transition that holds in a specific workflow. Following this direction, RFID readers storage Petri net control vector list related to each tag id is expected to be perceived. This paper presents PNRD cornerstones and a PNRD implementation example in software called DEMIS Distributed Environment in Manufacturing Information Systems.

Agents based e-commerce and securing exchanged information

Mobile agents have been implemented in e-commerce to search and filter information of interest from electronic markets. When the in format ion is very sensitive and critical, it is important to develop a novel security protocol that can efficiently protect the information from malicious tampering as well as unauthorized disclosure or at least detect any malicious act of intruders. In this chapter, we describe robust security techniques that ensure a sound security of information gathered throughout agent's itinerary against various security attacks, as well as truncation attacks. A sound security protocol is described , which implements the various security techniques that would jointly prevent or at least detect any malicious act of intruders. We reason about the soundness of the protocol using Symbolic Trace Analyzer (STA), a formal verification tool that is based on symbolic techniques. We analyze the protocol in key configurations and show that it is free of flaws. We also show that the protocol fulfils the various security requirements of exchanged information in MAS, including data-integrity, data-confidentiality, data authenticity, origin confidentiality and data non-repudiability.

Above the trust and security in cloud computing : a notion towards innovation

While the nascent Cloud Computing paradigm supported by virtualization has the upward new notion of edges, it lacks proper security and trust mechanisms. Edges are like on demand scalability and infinite resource provisioning as per the `pay-as-you-go' manner in favour of a single information owner (abbreviated as INO from now onwards) to multiple corporate INOs. While outsourcing information to a cloud storage controlled by a cloud service provider (abbreviated as CSP from now onwards) relives an information owner of tackling instantaneous oversight and management needs, a significant issue of retaining the control of that information to the information owner still needs to be solved. This paper perspicaciously delves into the facts of the Cloud Computing security issues and aims to explore and establish a secure channel for the INO to communicate with the CSP while maintaining trust and confidentiality. The objective of the paper is served by analyzing different protocols and proposing the one in commensurate with the requirement of the security property like information or data confidentiality along the line of security in Cloud Computing Environment (CCE). To the best of our knowledge, we are the first to derive a secure protocol by successively eliminating the dangling pitfalls that remain dormant and thereby hamper confidentiality and integrity of information that is worth exchanging between the INO and the CSP. Besides, conceptually, our derived protocol is compared with the SSL from the perspectives of work flow related activities along the line of secure trusted path for information confidentiality.

Smart RFID reader protocol for malware detection

Radio frequency identification (RFID) is a remote identification technique promises to revolutionize the way a specific object use to identify in our industry. However, large scale implementation of RFID sought for protection, against Malware threat, information privacy and un-traceability, for low cost RFID tag. In this paper, we propose a framework to provide privacy for tag data and to provide protection for RFID system from malware. In the proposed framework, malware infected tag is detected by analysing individual component of the RFID tag. It uses sanitization technique for analysing individual component. Here authentication based shared unique parameters is used as a method to protect privacy. This authentication protocol will be capable of handling forward and backward security and identifying rogue reader better than existing protocols. Using this framework, the RFID system will be protected from malware and the privacy of the tag will be ensured as well.

Securing RFID systems from SQLIA

While SQL injection attacks have been plaguing web applications for years the threat they pose to RFID systems have only identified recently. Because the architecture of web systems and RFID systems differ considerably the prevention and detection techniques proposed for web applications are not suitable for RFID systems. In this paper we propose a system to secure RFID systems against tag based SQLIA. Our system is optimized for the architecture of RFID systems and consists of a query structure matching technique and tag data cleaning technique. The novelty of the proposed system is that it's specifically aimed at RFID systems and has the ability to detect and prevent second order injections which is a problem most current solutions haven't addressed. The preliminary evaluation of our query matching technique is very promising showing very high detection rate with minimal false positives.

Secure mobile RFID ownership transfer protocol to cover all transfer scenarios

Existing business models require RFID tag to transfer its ownership during its life cycle. As a result, a RFID tags might have many owners during its life cycle. However, the transfer of ownership should ensure that previous owners have no information about current owner's data. Physical ownership does not ensure digital ownership transfer given the wireless nature of communication with RFID tags. Most of the proposed protocol in this nature is implacable to address aU existing RFID tag ownership transfer scenarios. Moreover, they have many security concerns and vulnerabilities. In this paper, we have investigated and discussed all existing business cases and their transfer scenarios. To cover all ownership transfer scenarios, we have presented an ownership transfer protocol. The proposed protocol has used modified DiffieHellman algorithm to perform ownership request validation and authentication of involved parties. Performance comparison shows that our protocol is practical to implement passive low-cost RFID tags, securely performs tag ownership transfer and can be used for all existing ownership transfer scenarios.