A secure authentication and key management scheme for Wireless Sensors Network

In recent years, the adaptation of Wireless Sensor Networks (WSNs) to application areas requiring mobility increased the security threats against confidentiality, integrity and privacy of the information as well as against their connectivity. Since, key management plays an important role in securing both information and connectivity, a proper authentication and key management scheme is required in mobility enabled applications where the authentication of a node with the network is a critical issue. In this paper, we present an authentication and key management scheme supporting node mobility in a heterogeneous WSN that consists of several low capabilities sensor nodes and few high capabilities sensor nodes. We analyze our proposed solution by using MATLAB (analytically) and by simulation (OMNET++ simulator) to show that it has less memory requirement and has good network connectivity and resilience against attacks compared to some existing schemes. We also propose two levels of secure authentication methods for the mobile sensor nodes for secure authentication and key establishment.

Secure Wireless Key Establishment Using Retrodirective Array

In this paper a new method of establishing secret keys for wireless communications is proposed. A retrodirective array (RDA) that is configured to receive and re-transmit at different frequencies is utilized as a relay node. Specifically the analogue RDA is able to respond in ‘real-time’, reducing the required number of time slots for key establishment to two, compared with at least three in previous relay key generation schemes. More importantly, in the proposed architecture equivalent reciprocal wireless channels between legitimate keying nodes can be randomly updated within one channel coherence time period, leading to greatly increased key generation rates (KGRs) in slow fading environment. The secrecy performance of this RDA assisted key generation system is evaluated and it is shown that it outperforms previous relay key generation systems.

Secure Multiple Amplify-and-Forward Relaying with Co-Channel Interference

We investigate the impact of co-channel interference on the security performance of multiple amplify-and-forward (AF) relaying networks, where N intermediate AF relays assist the data transmission from the source to the destination. The relays are corrupted by multiple co-channel interferers, and the information transmitted from the relays to destination can be overheard by the eavesdropper. In order to deal with the interference and wiretap, the best out of N relays is selected for security enhancement. To this end, we derive a novel lower bound on the secrecy outage probability (SOP), which is then utilized to present two best relay selection criteria, based on the instantaneous and statistical channel information of the interfering links. For these criteria and the conventional maxmin criterion, we quantify the impact of co-channel interference and relay selection by deriving the lower bound on the SOP. Furthermore, we derive the asymptotic SOP for each criterion, to explicitly reveal the impact of transmit power allocation among interferers on the secrecy performance, which offers valuable insights into practical design. We demonstrate that all selection criteria achieve full secrecy diversity order N, while the proposed in this paper two criteria outperform the conventional max-min scheme. 

Retrodirective Assisted Secure Wireless Key Establishment

In this paper a new type of architecture for secure wireless key establishment is proposed. A retrodirective array (RDA) that is configured to receive and re-transmit at different frequencies is utilized as a relay node. The RDA is able to respond in ‘real-time’, reducing the required number of time slots to two. More importantly, in this architecture equivalent reciprocal wireless channels between legitimate keying nodes can be randomly updated within one channel coherence time period, leading to greatly increased key generation rates (KGRs) in slow fading environment. The secrecy performance of this RDA assisted key generation system is evaluated under several eavesdropping strategies and it is shown that it outperforms previous relay key generation systems.

Secure and Prepared Newsletter, May 2016, Vol. 12, no. 5

A bi-weekly newsletter for those involved in the fields of homeland security and/or emergency management.

L'attachement de l'enfant, l'abus sexuel et les indices psychopathologiques

Les séquelles engendrées par l’abus sexuel à l’enfance ont fait l’objet de plusieurs études, sans toutefois qu’il n’y ait de consensus. La relation d’attachement a été identifiée comme facteurs pouvant influencer ces séquelles. Ce mémoire doctoral a pour objectif d’explorer la contribution de l’attachement sur les comportements et les symptômes associés à différentes psychopathologies suite à un abus sexuel. Il est aussi souhaité décrire le type d’attachement de l’enfant selon la présence ou l’absence d’un abus sexuel. Des questionnaires et des entrevues ont été complétés par 111 enfants et leur mère, soit 43 enfants ayant subi un abus sexuel et 68 faisant partie du groupe contrôle. Les enfants qui ont subi un abus sexuel présentent plus fréquemment un attachement insécure. Quant aux indices psychopathologiques, l’apport de l’attachement et de l’abus sexuel s’avèrent tous deux significatifs en regard des comportements externalisés et des symptômes dissociatifs. En ce qui concerne les comportements internalisés, seule la présence d’un abus sexuel contribue à expliquer leur augmentation. Enfin, l’attachement s’avère être un contributeur unique en ce qui a trait aux comportements sexualisés et aux symptômes dépressifs.

Secure and Prepared Newsletter, June/July 2016, Vol. 12, no. 6

A bi-weekly newsletter for those involved in the fields of homeland security and/or emergency management.

Conception d'un programme favorisant le développement de la relation d'attachement entre les enseignants du préscolaire et du 1er cycle du primaire et leurs élèves

La présente recherche s’intéresse au développement de la relation d’attachement en milieu scolaire. Bien que certains auteurs affirment que l’attachement influence le développement et la personnalité d’un enfant de même que ses prédispositions à apprendre, dans le milieu de l’éducation, il semble demeurer peu connu et exploité. Un programme a donc été conçu afin de soutenir les enseignants du préscolaire et du 1er cycle du primaire qui désirent développer la relation d'attachement avec leurs élèves.

Secure Web Service Clients on Mobile Devices

Enterprise apps on mobile devices typically need to communicate with other system components by consuming web services. Since most of the current mobile device platforms (such as Android) do not provide built-in features for consuming SOAP services, extensions have to be designed. Additionally in order to accommodate the typical enhanced security requirements of enterprise apps, it is important to be able to deal with SOAP web service security extensions on client side. In this article we show that neither the built-in SOAP capabilities for Android web service clients are sufficient for enterprise apps nor are the necessary security features supported by the platform as is. After discussing different existing extensions making Android devices SOAP capable we explain why none of them is really satisfactory in an enterprise context. Then we present our own solution which accommodates not only SOAP but also the WS-Security features on top of SOAP. Our solution heavily relies on code generation in order to keep the flexibility benefits of SOAP on one hand while still keeping the development effort manageable for software development. Our approach provides a good foundation for the implementation of other SOAP extensions apart from security on the Android platform as well. In addition our solution based on the gSOAP framework may be used for other mobile platforms in a similar manner.

Role of assessment components and recent adverse outcomes in risk estimation and prediction: use of the Short Term Assessment of Risk and Treatability (START) in an adult secure inpatient mental health service

The Short Term Assessment of Risk and Treatability is a structured judgement tool used to inform risk estimation for multiple adverse outcomes. In research, risk estimates outperform the tool's strength and vulnerability scales for violence prediction. Little is known about what its’component parts contribute to the assignment of risk estimates and how those estimates fare in prediction of non-violent adverse outcomes compared with the structured components. START assessment and outcomes data from a secure mental health service (N=84) was collected. Binomial and multinomial regression analyses determined the contribution of selected elements of the START structured domain and recent adverse risk events to risk estimates and outcomes prediction for violence, self-harm/suicidality, victimisation, and self-neglect. START vulnerabilities and lifetime history of violence, predicted the violence risk estimate; self-harm and victimisation estimates were predicted only by corresponding recent adverse events. Recent adverse events uniquely predicted all corresponding outcomes, with the exception of self-neglect which was predicted by the strength scale. Only for victimisation did the risk estimate outperform prediction based on the START components and recent adverse events. In the absence of recent corresponding risk behaviour, restrictions imposed on the basis of START-informed risk estimates could be unwarranted and may be unethical.

X-Secure: protecting users from big bad wolves

In 2014 over 70% of people in Great Britain accessed the Internet every day. This resource is an optimal vector for malicious attackers to penetrate home computers and as such compromised pages have been increasing in both number and complexity. This paper presents X-Secure, a novel browser plug-in designed to present and raise the awareness of inexperienced users by analysing web-pages before malicious scripts are executed by the host computer. X-Secure was able to detect over 90% of the tested attacks and provides a danger level based on cumulative analysis of the source code, the URL, and the remote server, by using a set of heuristics, hence increasing the situational awareness of users browsing the internet.

Care planning for aggression management in a specialist secure mental health service: user involvement

This paper describes an audit of prevention and management of violence and aggression care plans and incident reporting forms which aimed to: (i) report the compliance rate of completion of care plans; (ii) identify the extent to which patients contribute to and agree with their care plan; (iii) describe de-escalation methods documented in care plans; and (iv) ascertain the extent to which the de-escalation methods described in the care plan are recorded as having been attempted in the event of an incident. Care plans and incident report forms were examined for all patients in men's and women's mental health care pathways who were involved in aggressive incidents between May and October 2012. In total, 539 incidents were examined, involving 147 patients and 121 care plans. There was no care plan in place at the time of 151 incidents giving a compliance rate of 72%. It was documented that 40% of patients had contributed to their care plans. Thematic analysis of de-escalation methods documented in the care plans revealed five de-escalation themes: staff interventions, interactions, space/quiet, activities and patient strategies/skills. A sixth category, coercive strategies, was also documented. Evidence of adherence to de-escalation elements of the care plan was documented in 58% of incidents. The reasons for the low compliance rate and very low documentation of patient involvement need further investigation. The inclusion of coercive strategies within de-escalation documentation suggests that some staff fundamentally misunderstand de-escalation.

Experiences of women in secure care who have been prescribed clozapine for borderline personality disorder

Background: Clozapine is an atypical antipsychotic medicine which can cause significant side-effects. It is often prescribed off-license in severe cases of borderline personality disorder contrary to national treatment guidelines. Little is known about the experiences of those who take clozapine for borderline personality disorder. We explored the lived-experience of women in secure inpatient care who were prescribed clozapine for borderline personality disorder. Findings: Adult females (N=20) participated in audio-taped semi-structured interviews. Transcripts were subject to thematic analysis. The central themes related to evaluation, wellbeing, understanding and self-management; for many, their subjective wellbeing on clozapine was preferred to prior levels of functioning and symptomatology, sometimes profoundly so. The negative and potentially adverse effects of clozapine were explained as regrettable but relatively unimportant. Conclusions: When psychological interventions are, at least initially, ineffective then clozapine treatment is likely to be evaluated positively by a group of women with borderline personality disorder in secure care despite the potential disadvantages.

A new distributed MIKEY mode to secure e-health applications.

Securing e-health applications in the context of Internet of Things (IoT) is challenging. Indeed, resources scarcity in such environment hinders the implementation of existing standard based protocols. Among these protocols, MIKEY (Multimedia Internet KEYing) aims at establishing security credentials between two communicating entities. However, the existing MIKEY modes fail to meet IoT specificities. In particular, the pre-shared key mode is energy efficient, but suffers from severe scalability issues. On the other hand, asymmetric modes such as the public key mode are scalable, but are highly resource consuming. To address this issue, we combine two previously proposed approaches to introduce a new hybrid MIKEY mode. Indeed, relying on a cooperative approach, a set of third parties is used to discharge the constrained nodes from heavy computational operations. Doing so, the pre-shared mode is used in the constrained part of the network, while the public key mode is used in the unconstrained part of the network. Preliminary results show that our proposed mode is energy preserving whereas its security properties are kept safe.

Distributed and compressed MIKEY mode to secure end-to-end communications in the Internet of things.

Multimedia Internet KEYing protocol (MIKEY) aims at establishing secure credentials between two communicating entities. However, existing MIKEY modes fail to meet the requirements of low-power and low-processing devices. To address this issue, we combine two previously proposed approaches to introduce a new distributed and compressed MIKEY mode for the Internet of Things. Indeed, relying on a cooperative approach, a set of third parties is used to discharge the constrained nodes from heavy computational operations. Doing so, the preshared mode is used in the constrained part of network, while the public key mode is used in the unconstrained part of the network. Furthermore, to mitigate the communication cost we introduce a new header compression scheme that reduces the size of MIKEY’s header from 12 Bytes to 3 Bytes in the best compression case. Preliminary results show that our proposed mode is energy preserving whereas its security properties are preserved untouched.