Poster Abstract : A public key technology platform for wireless sensor networks

Communication security for wireless sensor networks (WSN) is a challenge due to the limited computation and energy resources available at nodes. We describe the design and implementation of a public-key (PK) platform based on a standard Trusted Platform Module (TPM) chip that extends the capability of a standard node. The result facilitates message security services such as confidentiality, authenticity and integrity. We present results including computation time, energy consumption and cost.

Workplace design in the knowledge economy : a case of the NetWorkPlace™©

This thesis explores a way to inform the architectural design process for contemporary workplace environments. It reports on both theoretical and practical outcomes through an exclusively Australian case study of a network enterprise comprised of collaborative, yet independent business entities. The internet revolution, substantial economic and cultural shifts, and an increased emphasis on lifestyle considerations have prompted a radical re-ordering of organisational relationships and the associated structures, processes, and places of doing business. The social milieu of the information age and the knowledge economy is characterised by an almost instantaneous flow of information and capital. This has culminated in a phenomenon termed by Manuel Castells as the network society, where physical locations are joined together by continuous communication and virtual connectivity. A new spatial logic encompassing redefined concepts of space and distance, and requiring a comprehensive shift in the approach to designing workplace environments for today’s adaptive, collaborative organisations in a dynamic business world, provides the backdrop for this research. Within the duality of space and an augmentation of the traditional notions of place, organisational and institutional structures pose new challenges for the design professions. The literature revealed that there has always been a mono-organisational focus in relation to workplace design strategies. The phenomenon of inter-organisational collaboration has enabled the identification of a gap in the knowledge relative to workplace design. This new context generated the formulation of a unique research construct, the NetWorkPlace™©, which captures the complexity of contemporary employment structures embracing both physical and virtual work environments and practices, and provided the basis for investigating the factors that are shaping and defining interactions within and across networked organisational settings. The methodological orientation and the methods employed follow a qualitative approach and an abductively driven strategy comprising two distinct components, a cross-sectional study of the whole of the network and a longitudinal study, focusing on a single discrete workplace site. The complexity of the context encountered dictated that a multi-dimensional investigative framework was required to be devised. The adoption of a pluralist ontology and the reconfiguration of approaches from traditional paradigms into a collaborative, trans-disciplinary, multi-method epistemology provided an explicit and replicatable method of investigation. The identification and introduction of the NetWorkPlace™© phenomenon, by necessity, spans a number of traditional disciplinary boundaries. Results confirm that in this context, architectural research, and by extension architectural practice, must engage with what other disciplines have to offer. The research concludes that no single disciplinary approach to either research or practice in this area of design can suffice. Pierre Bourdieau’s philosophy of ‘practice’ provides a framework within which the governance and technology structures, together with the mechanisms enabling the production of social order in this context, can be understood. This is achieved by applying the concepts of position and positioning to the corporate power dynamics, and integrating the conflict found to exist between enterprise standard and ferally conceived technology systems. By extending existing theory and conceptions of ‘place’ and the ‘person-environment relationship’, relevant understandings of the tensions created between Castells’ notions of the space of place and the space of flows are established. The trans-disciplinary approach adopted, and underpinned by a robust academic and practical framework, illustrates the potential for expanding the range and richness of understanding applicable to design in this context. The outcome informs workplace design by extending theoretical horizons, and by the development of a comprehensive investigative process comprising a suite of models and techniques for both architectural and interior design research and practice, collectively entitled the NetWorkPlace™© Application Framework. This work contributes to the body of knowledge within the design disciplines in substantive, theoretical, and methodological terms, whilst potentially also influencing future organisational network theories, management practices, and information and communication technology applications. The NetWorkPlace™© as reported in this thesis, constitutes a multi-dimensional concept having the capacity to deal with the fluidity and ambiguity characteristic of the network context, as both a topic of research and the way of going about it.

Decentralised Data Fusion with Parzen Density Estimates

Decentralised sensor networks typically consist of multiple processing nodes supporting one or more sensors. These nodes are interconnected via wireless communication. Practical applications of Decentralised Data Fusion have generally been restricted to using Gaussian based approaches such as the Kalman or Information Filter This paper proposes the use of Parzen window estimates as an alternate representation to perform Decentralised Data Fusion. It is required that the common information between two nodes be removed from any received estimates before local data fusion may occur Otherwise, estimates may become overconfident due to data incest. A closed form approximation to the division of two estimates is described to enable conservative assimilation of incoming information to a node in a decentralised data fusion network. A simple example of tracking a moving particle with Parzen density estimates is shown to demonstrate how this algorithm allows conservative assimilation of network information.

Human identification at a distance using iris and face

This research has successfully applied super-resolution and multiple modality fusion techniques to address the major challenges of human identification at a distance using face and iris. The outcome of the research is useful for security applications.

Integrated access control for smart buildings using building information models

This thesis investigates the use of building information models for access control and security applications in critical infrastructures and complex building environments. It examines current problems in security management for physical and logical access control and proposes novel solutions that exploit the detailed information available in building information models. The project was carried out as part of the Airports of the Future Project and the research was modelled based on real-world problems identified in collaboration with our industry partners in the project.

Cryptographic hash functions

Cryptographic hash functions are an important tool of cryptography and play a fundamental role in efficient and secure information processing. A hash function processes an arbitrary finite length input message to a fixed length output referred to as the hash value. As a security requirement, a hash value should not serve as an image for two distinct input messages and it should be difficult to find the input message from a given hash value. Secure hash functions serve data integrity, non-repudiation and authenticity of the source in conjunction with the digital signature schemes. Keyed hash functions, also called message authentication codes (MACs) serve data integrity and data origin authentication in the secret key setting. The building blocks of hash functions can be designed using block ciphers, modular arithmetic or from scratch. The design principles of the popular Merkle–Damgård construction are followed in almost all widely used standard hash functions such as MD5 and SHA-1.

A Scalable High Throughput Firewall in FPGA

High end network security applications demand high speed operation and large rule set support. Packet classification is the core functionality that demands high throughput in such applications. This paper proposes a packet classification architecture to meet such high throughput. We have implemented a Firewall with this architecture in reconflgurable hardware. We propose an extension to Distributed Crossproducting of Field Labels (DCFL) technique to achieve scalable and high performance architecture. The implemented Firewall takes advantage of inherent structure and redundancy of rule set by using our DCFL Extended (DCFLE) algorithm. The use of DCFLE algorithm results in both speed and area improvement when it is implemented in hardware. Although we restrict ourselves to standard 5-tuple matching, the architecture supports additional fields. High throughput classification invariably uses Ternary Content Addressable Memory (TCAM) for prefix matching, though TCAM fares poorly in terms of area and power efficiency. Use of TCAM for port range matching is expensive, as the range to prefix conversion results in large number of prefixes leading to storage inefficiency. Extended TCAM (ETCAM) is fast and the most storage efficient solution for range matching. We present for the first time a reconfigurable hardware implementation of ETCAM. We have implemented our Firewall as an embedded system on Virtex-II Pro FPGA based platform, running Linux with the packet classification in hardware. The Firewall was tested in real time with 1 Gbps Ethernet link and 128 sample rules. The packet classification hardware uses a quarter of logic resources and slightly over one third of memory resources of XC2VP30 FPGA. It achieves a maximum classification throughput of 50 million packet/s corresponding to 16 Gbps link rate for the worst case packet size. The Firewall rule update involves only memory re-initialization in software without any hardware change.

A Scalable High Throughput Firewall in FPGA

High end network security applications demand high speed operation and large rule set support. Packet classification is the core functionality that demands high throughput in such applications. This paper proposes a packet classification architecture to meet such high throughput. We have Implemented a Firewall with this architecture in reconfigurable hardware. We propose an extension to Distributed Crossproducting of Field Labels (DCFL) technique to achieve scalable and high performance architecture. The implemented Firewall takes advantage of inherent structure and redundancy of rule set by using, our DCFL Extended (DCFLE) algorithm. The use of DCFLE algorithm results In both speed and area Improvement when It is Implemented in hardware. Although we restrict ourselves to standard 5-tuple matching, the architecture supports additional fields.High throughput classification Invariably uses Ternary Content Addressable Memory (TCAM) for prefix matching, though TCAM fares poorly In terms of area and power efficiency. Use of TCAM for port range matching is expensive, as the range to prefix conversion results in large number of prefixes leading to storage inefficiency. Extended TCAM (ETCAM) is fast and the most storage efficient solution for range matching. We present for the first time a reconfigurable hardware Implementation of ETCAM. We have implemented our Firewall as an embedded system on Virtex-II Pro FPGA based platform, running Linux with the packet classification in hardware. The Firewall was tested in real time with 1 Gbps Ethernet link and 128 sample rules. The packet classification hardware uses a quarter of logic resources and slightly over one third of memory resources of XC2VP30 FPGA. It achieves a maximum classification throughput of 50 million packet/s corresponding to 16 Gbps link rate for file worst case packet size. The Firewall rule update Involves only memory re-initialiization in software without any hardware change.

Redefine: Runtime Reconfigurable Polymorphic ASIC

Emerging embedded applications are based on evolving standards (e.g., MPEG2/4, H.264/265, IEEE802.11a/b/g/n). Since most of these applications run on handheld devices, there is an increasing need for a single chip solution that can dynamically interoperate between different standards and their derivatives. In order to achieve high resource utilization and low power dissipation, we propose REDEFINE, a polymorphic ASIC in which specialized hardware units are replaced with basic hardware units that can create the same functionality by runtime re-composition. It is a ``future-proof'' custom hardware solution for multiple applications and their derivatives in a domain. In this article, we describe a compiler framework and supporting hardware comprising compute, storage, and communication resources. Applications described in high-level language (e.g., C) are compiled into application substructures. For each application substructure, a set of compute elements on the hardware are interconnected during runtime to form a pattern that closely matches the communication pattern of that particular application. The advantage is that the bounded CEs are neither processor cores nor logic elements as in FPGAs. Hence, REDEFINE offers the power and performance advantage of an ASIC and the hardware reconfigurability and programmability of that of an FPGA/instruction set processor. In addition, the hardware supports custom instruction pipelining. Existing instruction-set extensible processors determine a sequence of instructions that repeatedly occur within the application to create custom instructions at design time to speed up the execution of this sequence. We extend this scheme further, where a kernel is compiled into custom instructions that bear strong producer-consumer relationship (and not limited to frequently occurring sequences of instructions). Custom instructions, realized as hardware compositions effected at runtime, allow several instances of the same to be active in parallel. A key distinguishing factor in majority of the emerging embedded applications is stream processing. To reduce the overheads of data transfer between custom instructions, direct communication paths are employed among custom instructions. In this article, we present the overview of the hardware-aware compiler framework, which determines the NoC-aware schedule of transports of the data exchanged between the custom instructions on the interconnect. The results for the FFT kernel indicate a 25% reduction in the number of loads/stores, and throughput improves by log(n) for n-point FFT when compared to sequential implementation. Overall, REDEFINE offers flexibility and a runtime reconfigurability at the expense of 1.16x in power and 8x in area when compared to an ASIC. REDEFINE implementation consumes 0.1x the power of an FPGA implementation. In addition, the configuration overhead of the FPGA implementation is 1,000x more than that of REDEFINE.

Anomaly detection in compressed H.264/AVC video

Real time anomaly detection is the need of the hour for any security applications. In this article, we have proposed a real time anomaly detection for H.264 compressed video streams utilizing pre-encoded motion vectors (MVs). The proposed work is principally motivated by the observation that MVs have distinct characteristics during anomaly than usual. Our observation shows that H.264 MV magnitude and orientation contain relevant information which can be used to model the usual behavior (UB) effectively. This is subsequently extended to detect abnormality/anomaly based on the probability of occurrence of a behavior. The performance of the proposed algorithm was evaluated and bench-marked on UMN and Ped anomaly detection video datasets, with a detection rate of 70 frames per sec resulting in 90x and 250x speedup, along with on-par detection accuracy compared to the state-of-the-art algorithms.

Characterizing a resonator bolometer array

High-background applications such as climate monitoring, biology and security applications demand a large dynamic range. Under such conditions ultra-high sensitivity is not required. The resonator bolometer is a novel detector which is well-suited for these conditions. This device takes advantage of the high-density frequency multiplexing capabilities of superconducting microresonators while allowing for the use of high-Tc superconductors in fabrication, which enables a modest (1-4 K) operating temperature and larger dynamic range than is possible with conventional microresonators. The moderate operating temperature and intrinsic multiplexability of this device reduce cost and allow for large pixel counts, making the resonator bolometer especially suitable for the aforementioned applications. A single pixel consists of a superconducting microresonator whose light-absorbing area is placed on a thermally isolated island. Here we present experimental results and theoretical calculations for a prototype resonator bolometer array. Intrinsic device noise and noise equivalent power (NEP) under both dark and illuminated conditions are presented. Under dark conditions the device sensitivity is limited by the thermal noise fluctuations from the bolometer legs. Under the experimental illuminated conditions the device was photon noise limited.

Human respiration rate estimation using ultra-wideband distributed cognitive radar system

It has been shown that remote monitoring of pulmonary activity can be achieved using ultra-wideband (UWB) systems, which shows promise in home healthcare, rescue, and security applications. In this paper, we first present a multi-ray propagation model for UWB signal, which is traveling through the human thorax and is reflected on the air/dry-skin/fat/muscle interfaces. A geometry-based statistical channel model is then developed for simulating the reception of UWB signals in the indoor propagation environment. This model enables replication of time-varying multipath profiles due to the displacement of a human chest. Subsequently, a UWB distributed cognitive radar system (UWB-DCRS) is developed for the robust detection of chest cavity motion and the accurate estimation of respiration rate. The analytical framework can serve as a basis in the planning and evaluation of future measurement programs. We also provide a case study on how the antenna beamwidth affects the estimation of respiration rate based on the proposed propagation models and system architecture

Efficient advanced encryption standard implementation using lookup and normal basis

A new type of advanced encryption standard (AES) implementation using a normal basis is presented. The method is based on a lookup technique that makes use of inversion and shift registers, which leads to a smaller size of lookup for the S-box than its corresponding implementations. The reduction in the lookup size is based on grouping sets of inverses into conjugate sets which in turn leads to a reduction in the number of lookup values. The above technique is implemented in a regular AES architecture using register files, which requires less interconnect and area and is suitable for security applications. The results of the implementation are competitive in throughput and area compared with the corresponding solutions in a polynomial basis.