User and Machine Authentication and Authorization Infrastructure for Distributed Wireless Sensor Network Testbeds

The intention of an authentication and authorization infrastructure (AAI) is to simplify and unify access to different web resources. With a single login, a user can access web applications at multiple organizations. The Shibboleth authentication and authorization infrastructure is a standards-based, open source software package for web single sign-on (SSO) across or within organizational boundaries. It allows service providers to make fine-grained authorization decisions for individual access of protected online resources. The Shibboleth system is a widely used AAI, but only supports protection of browser-based web resources. We have implemented a Shibboleth AAI extension to protect web services using Simple Object Access Protocol (SOAP). Besides user authentication for browser-based web resources, this extension also provides user and machine authentication for web service-based resources. Although implemented for a Shibboleth AAI, the architecture can be easily adapted to other AAIs.

Exposure to Radio-Frequency Electromagnetic Fields From Broadcast Transmitters and Risk of Childhood Cancer: A Census-based Cohort Study

We investigated the association between exposure to radio-frequency electromagnetic fields (RF-EMFs) from broadcast transmitters and childhood cancer. First, we conducted a time-to-event analysis including children under age 16 years living in Switzerland on December 5, 2000. Follow-up lasted until December 31, 2008. Second, all children living in Switzerland for some time between 1985 and 2008 were included in an incidence density cohort. RF-EMF exposure from broadcast transmitters was modeled. Based on 997 cancer cases, adjusted hazard ratios in the time-to-event analysis for the highest exposure category (>0.2 V/m) as compared with the reference category (<0.05 V/m) were 1.03 (95% confidence interval (CI): 0.74, 1.43) for all cancers, 0.55 (95% CI: 0.26, 1.19) for childhood leukemia, and 1.68 (95% CI: 0.98, 2.91) for childhood central nervous system (CNS) tumors. Results of the incidence density analysis, based on 4,246 cancer cases, were similar for all types of cancer and leukemia but did not indicate a CNS tumor risk (incidence rate ratio = 1.03, 95% CI: 0.73, 1.46). This large census-based cohort study did not suggest an association between predicted RF-EMF exposure from broadcasting and childhood leukemia. Results for CNS tumors were less consistent, but the most comprehensive analysis did not suggest an association.

Broadcast and Band Phosphorus and Potassium Placement for Corn and Soybean Managed with Till or No Till

No-till minimizes the incorporation of crop residue and fertilizer with soil; resulting in wetter, colder soils and the accumulation of organic matter, phosphorus (P), and potassium (K) near the soil surface. Banding of P and Kcould be more effective than broadcast fertilization by counteracting stratification, applying nutrients in the root zone (starter effect), and minimizing reactions with the soil that may reduce their availability to plants. Therefore, a long-term study was established in 1994 to evaluate P and K fertilizer rates and placement methods for grain yield of corn and soybean managed with no-till and chiselplow/disk tillage.

Analysis of frame-compatible subsampling structures for efficient 3DTV broadcast

The evolution of the television market is led by 3DTV technology, and this tendency can accelerate during the next years according to expert forecasts. However, 3DTV delivery by broadcast networks is not currently developed enough, and acts as a bottleneck for the complete deployment of the technology. Thus, increasing interest is dedicated to ste-reo 3DTV formats compatible with current HDTV video equipment and infrastructure, as they may greatly encourage 3D acceptance. In this paper, different subsampling schemes for HDTV compatible transmission of both progressive and interlaced stereo 3DTV are studied and compared. The frequency characteristics and preserved frequency content of each scheme are analyzed, and a simple interpolation filter is specially designed. Finally, the advantages and disadvantages of the different schemes and filters are evaluated through quality testing on several progressive and interlaced video sequences.

Analysis of the alternatives for stereo multiplex in 3DTV broadcast delivery

Although 3DTV has led the evolution of television market, its delivery by broadcast networks is still small. Now, 3DTV transmis-sions are usually done by combining both views into one common frame (side by side) to be able to use standard HDTV transmission equipment. Today, orthogonal subsampling is mostly used, but other alternatives will appear soon. Here, different subsampling schemes for both progressive and interlaced 3DTV are considered. For each possible scheme, its pre-served frequency content is analyzed and a simple interpolation filter is designed. The analysis is carried out for progressive and interlaced video and the designed filters are applied on different sequences, showing the advantages and disadvantages of the different options

Secure access control by means of human stress detection

This paper proposes a stress detection system based on fuzzy logic and the physiological signals heart rate and galvanic skin response. The main contribution of this method relies on the creation of a stress template, collecting the behaviour of previous signals under situations with a different level of stress in each individual. The creation of this template provides an accuracy of 99.5% in stress detection, improving the results obtained by current pattern recognition techniques like GMM, k-NN, SVM or Fisher Linear Discriminant. In addition, this system can be embedded in security systems to detect critical situations in accesses as cross-border control. Furthermore, its applications can be extended to other fields as vehicle driver state-of-mind management, medicine or sport training.

Score optimization and template updating in a biometric technique for authentication in mobiles based on gestures

This article focuses on the evaluation of a biometric technique based on the performance of an identifying gesture by holding a telephone with an embedded accelerometer in his/her hand. The acceleration signals obtained when users perform gestures are analyzed following a mathematical method based on global sequence alignment. In this article, eight different scores are proposed and evaluated in order to quantify the differences between gestures, obtaining an optimal EER result of 3.42% when analyzing a random set of 40 users of a database made up of 80 users with real attempts of falsification. Moreover, a temporal study of the technique is presented leeding to the need to update the template to adapt the manner in which users modify how they perform their identifying gesture over time. Six updating schemes have been assessed within a database of 22 users repeating their identifying gesture in 20 sessions over 4 months, concluding that the more often the template is updated the better and more stable performance the technique presents.

University authentication system based on Java card and digital X.509 certificate

This article presents a solution to the problem of strong authentication, portable and expandable using a combination of Java technology and storage of X.509 digital certificate in Java cards to access services offered by an institution, in this case, the technology of the University of Panama, ensuring the authenticity, confidentiality, integrity and non repudiation.

Automatic-dependent surveillance-broadcast experimental deployment using system wide information management

This paper describes an automatic-dependent surveillance-broadcast (ADS-B) implementation for air-to-air and ground-based experimental surveillance within a prototype of a fully automated air traffic management (ATM) system, under a trajectory-based-operations paradigm. The system is built using an air-inclusive implementation of system wide information management (SWIM). This work describes the relations between airborne and ground surveillance (SURGND), the prototype surveillance systems, and their algorithms. System's performance is analyzed with simulated and real data. Results show that the proposed ADS-B implementation can fulfill the most demanding surveillance accuracy requirements.

Secure neighbor discovery in wireless sensor networks using range-free localization techniques

Si una red inalámbrica de sensores se implementa en un entorno hostil, las limitaciones intrínsecas a los nodos conllevan muchos problemas de seguridad. En este artículo se aborda un ataque particular a los protocolos de localización y descubrimiento de vecinos, llevada a cabo por dos nodos que actúan en connivencia y establecen un "agujero de gusano" para tratar de engañar a un nodo aislado, haciéndole creer que se encuentra en la vecindad de un conjunto de nodos locales. Para contrarrestar este tipo de amenazas, se presenta un marco de actuación genéricamente denominado "detection of wormhole attacks using range-free methods" (DWARF) dentro del cual derivamos dos estrategias para de detección de agujeros de gusano: el primer enfoque (DWARFLoc) realiza conjuntamente la localización y la detección de ataques, mientras que el otro (DWARFTest) valida la posición estimada por el nodo una vez finalizado el protocolo de localización. Las simulaciones muestran que ambas estrategias son eficaces en la detección de ataques tipo "agujero de gusano", y sus prestaciones se comparan con las de un test convencional basado en la razón de verosimilitudes.

Authentication in mobile devices through hand gesture recognition

This article proposes an innovative biometric technique based on the idea of authenticating a person on a mobile device by gesture recognition. To accomplish this aim, a user is prompted to be recognized by a gesture he/she performs moving his/her hand while holding a mobile device with an accelerometer embedded. As users are not able to repeat a gesture exactly in the air, an algorithm based on sequence alignment is developed to correct slight differences between repetitions of the same gesture. The robustness of this biometric technique has been studied within 2 different tests analyzing a database of 100 users with real falsifications. Equal Error Rates of 2.01 and 4.82% have been obtained in a zero-effort and an active impostor attack, respectively. A permanence evaluation is also presented from the analysis of the repetition of the gestures of 25 users in 10 sessions over a month. Furthermore, two different gesture databases have been developed: one made up of 100 genuine identifying 3-D hand gestures and 3 impostors trying to falsify each of them and another with 25 volunteers repeating their identifying 3- D hand gesture in 10 sessions over a month. These databases are the most extensive in published studies, to the best of our knowledge.

Time and space partition platform for safe and secure flight software.

There are a number of research and development activities that are exploring Time and Space Partition (TSP) to implement safe and secure flight software. This approach allows to execute different real-time applications with different levels of criticality in the same computer board. In order to do that, flight applications must be isolated from each other in the temporal and spatial domains. This paper presents the first results of a partitioning platform based on the Open Ravenscar Kernel (ORK+) and the XtratuM hypervisor. ORK+ is a small, reliable real-time kernel supporting the Ada Ravenscar Computational model that is central to the ASSERT development process. XtratuM supports multiple virtual machines, i.e. partitions, on a single computer and is being used in the Integrated Modular Avionics for Space study. ORK+ executes in an XtratuM partition enabling Ada applications to share the computer board with other applications.

Secure transmission of information by digital chaotic signals

Protecting signals is one of the main tasks in information transmission. A large number of different methods have been employed since many centuries ago. Most of them have been based on the use of certain signal added to the original one. When the composed signal is received, if the added signal is known, the initial information may be obtained. The main problem is the type of masking signal employed. One possibility is the use of chaotic signals, but they have a first strong limitation: the need to synchronize emitter and receiver. Optical communications systems, based on chaotic signals, have been proposed in a large number of papers. Moreover, because most of the communication systems are digital and conventional chaos generators are analogue, a conversion analogue-digital is needed. In this paper we will report a new system where the digital chaos is obtained from an optically programmable logic structure. This structure has been employed by the authors in optical computing and some previous results in chaotic signals have been reported. The main advantage of this new system is that an analogue-digital conversion is not needed. Previous works by the authors employed Self-Electrooptical Effect Devices but in this case more conventional structures, as semiconductor laser amplifiers, have been employed. The way to analyze the characteristics of digital chaotic signals will be reported as well as the method to synchronize the chaos generators located in the emitter and in the receiver.

Secure optical networks based on quantum key distribution and weakly trusted repeaters

Abstract—In this paper we explore how recent technologies can improve the security of optical networks. In particular, we study how to use quantum key distribution(QKD) in common optical network infrastructures and propose a method to overcome its distance limitations. QKD is the first technology offering information theoretic secretkey distribution that relies only on the fundamental principles of quantum physics. Point-to-point QKDdevices have reached a mature industrial state; however, these devices are severely limited in distance, since signals at the quantum level (e.g., single photons) are highly affected by the losses in the communication channel and intermediate devices. To overcome this limitation, intermediate nodes (i.e., repeaters) are used. Both quantum-regime and trusted, classical repeaters have been proposed in the QKD literature, but only the latter can be implemented in practice. As a novelty, we propose here a new QKD network model based on the use of not fully trusted intermediate nodes, referred to as weakly trusted repeaters. This approach forces the attacker to simultaneously break several paths to get access to the exchanged key, thus improving significantly the security of the network. We formalize the model using network codes and provide real scenarios that allow users to exchange secure keys over metropolitan optical networks using only passive components. Moreover, the theoretical framework allows one to extend these scenarios not only to accommodate more complex trust constraints, but also to consider robustness and resiliency constraints on the network.