Poster Abstract : A public key technology platform for wireless sensor networks

Communication security for wireless sensor networks (WSN) is a challenge due to the limited computation and energy resources available at nodes. We describe the design and implementation of a public-key (PK) platform based on a standard Trusted Platform Module (TPM) chip that extends the capability of a standard node. The result facilitates message security services such as confidentiality, authenticity and integrity. We present results including computation time, energy consumption and cost.

Attribute-based authenticated key exchange

We introduce the concept of attribute-based authenticated key exchange (AB-AKE) within the framework of ciphertext policy attribute-based systems. A notion of AKE-security for AB-AKE is presented based on the security models for group key exchange protocols and also taking into account the security requirements generally considered in the ciphertext policy attribute-based setting. We also extend the paradigm of hybrid encryption to the ciphertext policy attribute-based encryption schemes. A new primitive called encapsulation policy attribute-based key encapsulation mechanism (EP-AB-KEM) is introduced and a notion of chosen ciphertext security is de�ned for EP-AB-KEMs. We propose an EP-AB-KEM from an existing attribute-based encryption scheme and show that it achieves chosen ciphertext security in the generic group and random oracle models. We present a generic one-round AB-AKE protocol that satis�es our AKE-security notion. The protocol is generically constructed from any EP-AB-KEM that satis�es chosen ciphertext security. Instantiating the generic AB-AKE protocol with our EP-AB-KEM will result in a concrete one-round AB-AKE protocol also secure in the generic group and random oracle models.

Generic one round group key exchange in the standard model

Minimizing complexity of group key exchange (GKE) protocols is an important milestone towards their practical deployment. An interesting approach to achieve this goal is to simplify the design of GKE protocols by using generic building blocks. In this paper we investigate the possibility of founding GKE protocols based on a primitive called multi key encapsulation mechanism (mKEM) and describe advantages and limitations of this approach. In particular, we show how to design a one-round GKE protocol which satisfies the classical requirement of authenticated key exchange (AKE) security, yet without forward secrecy. As a result, we obtain the first one-round GKE protocol secure in the standard model. We also conduct our analysis using recent formal models that take into account both outsider and insider attacks as well as the notion of key compromise impersonation resilience (KCIR). In contrast to previous models we show how to model both outsider and insider KCIR within the definition of mutual authentication. Our analysis additionally implies that the insider security compiler by Katz and Shin from ACM CCS 2005 can be used to achieve more than what is shown in the original work, namely both outsider and insider KCIR.

Certificateless key agreement in the standard model

We show how to construct a certificateless key agreement protocol from the certificateless key encapsulation mechanism introduced by \cite{lippold-ICISC_2009} in ICISC 2009 using the \cite{DBLP:conf/acisp/BoydCNP08} protocol from ACISP 2008. We introduce the Canetti-Krawczyk (CK) model for certificateless cryptography, give security notions for Type I and Type II adversaries in the CK model, and highlight the differences to the existing e$^2$CK model discussed by \cite{DBLP:conf/pairing/LippoldBN09}. The resulting CK model is more relaxed thus giving more power to the adversary than the original CK model.

QoS-oriented sesource allocation and scheduling of multiple composite web services in a hybrid cloud using a random-key genetic algorithm

In cloud computing resource allocation and scheduling of multiple composite web services is an important challenge. This is especially so in a hybrid cloud where there may be some free resources available from private clouds but some fee-paying resources from public clouds. Meeting this challenge involves two classical computational problems. One is assigning resources to each of the tasks in the composite web service. The other is scheduling the allocated resources when each resource may be used by more than one task and may be needed at different points of time. In addition, we must consider Quality-of-Service issues, such as execution time and running costs. Existing approaches to resource allocation and scheduling in public clouds and grid computing are not applicable to this new problem. This paper presents a random-key genetic algorithm that solves new resource allocation and scheduling problem. Experimental results demonstrate the effectiveness and scalability of the algorithm.

Design and analysis of group key exchange protocols

A group key exchange (GKE) protocol allows a set of parties to agree upon a common secret session key over a public network. In this thesis, we focus on designing efficient GKE protocols using public key techniques and appropriately revising security models for GKE protocols. For the purpose of modelling and analysing the security of GKE protocols we apply the widely accepted computational complexity approach. The contributions of the thesis to the area of GKE protocols are manifold. We propose the first GKE protocol that requires only one round of communication and is proven secure in the standard model. Our protocol is generically constructed from a key encapsulation mechanism (KEM). We also suggest an efficient KEM from the literature, which satisfies the underlying security notion, to instantiate the generic protocol. We then concentrate on enhancing the security of one-round GKE protocols. A new model of security for forward secure GKE protocols is introduced and a generic one-round GKE protocol with forward security is then presented. The security of this protocol is also proven in the standard model. We also propose an efficient forward secure encryption scheme that can be used to instantiate the generic GKE protocol. Our next contributions are to the security models of GKE protocols. We observe that the analysis of GKE protocols has not been as extensive as that of two-party key exchange protocols. Particularly, the security attribute of key compromise impersonation (KCI) resilience has so far been ignored for GKE protocols. We model the security of GKE protocols addressing KCI attacks by both outsider and insider adversaries. We then show that a few existing protocols are not secure against KCI attacks. A new proof of security for an existing GKE protocol is given under the revised model assuming random oracles. Subsequently, we treat the security of GKE protocols in the universal composability (UC) framework. We present a new UC ideal functionality for GKE protocols capturing the security attribute of contributiveness. An existing protocol with minor revisions is then shown to realize our functionality in the random oracle model. Finally, we explore the possibility of constructing GKE protocols in the attribute-based setting. We introduce the concept of attribute-based group key exchange (AB-GKE). A security model for AB-GKE and a one-round AB-GKE protocol satisfying our security notion are presented. The protocol is generically constructed from a new cryptographic primitive called encapsulation policy attribute-based KEM (EP-AB-KEM), which we introduce in this thesis. We also present a new EP-AB-KEM with a proof of security assuming generic groups and random oracles. The EP-AB-KEM can be used to instantiate our generic AB-GKE protocol.

Key competitiveness indicators for new real estate developers

Purpose – The paper aims to explore the key competitiveness indicators (KCIs) that provide the guidelines for helping new real estate developers (REDs) achieve competitiveness during their inception stage in which the organisations start their business. Design/methodology/approach – The research was conducted using a combination of various methods. A literature review was undertaken to provide a proper theoretical understanding of organisational competitiveness within RED's activities and developed a framework of competitiveness indicators (CIs) for REDs. The Delphi forecasting method is employed to investigate a group of 20 experts' perception on the relative importance between CIs. Findings – The results show that the KCIs of new REDs are capital operation capability, entrepreneurship, land reserve capability, high sales revenue from the first real estate development project, and innovation capability. Originality/value – The five KCIs of new REDs are new. In practical terms, the examination of these KCIs would help the business managers of new REDs to effectively plan their business by focusing their efforts on these key indicators. The KCIs can also help REDs provide theoretical constructs of the knowledge base on organisational competitiveness from a dynamic perspective, and assist in providing valuable experiences and in formulating feasible strategies for survival and growth.

Ecological and social characterization of key resource areas in Kenyan rangelands

Key resource areas (KRAs), defined as dry season foraging zones for herbivores, were studied relative to the more extensive outlying rangeland areas (non-KRAs) in Kenya. Field surveys with pastoralists, ranchers, scientists and government officials delineated KRAs on the ground. Identified KRAs were mapped based on global positioning and local experts' information on KRAs accessibility and ecological attributes. Using the map of known KRAs and non-KRAs, we examined characteristics of soils, climate, topography, land use/cover attributes at KRAs relative to non-KRAs. How and why do some areas (KRAs) support herbivores during droughts when forage is scarce in other areas of the landscape? We hypothesized that KRAs have fundamental ecological and socially determined attributes that enable them to provide forage during critical times and we sought to characterize some of those attributes in this study. At the landscape level, KRAs took different forms based on forage availability during the dry season but generally occurred in locations of the landscape with aseasonal water availability and/or difficult to access areas during wet season forage abundance. Greenness trends for KRAs versus non-KRAs were evaluated with a 22-year dataset of Normalized Difference Vegetation Index (NDVI). Field surveys of KRAs provided qualitative information on KRAs as dry season foraging zones. At the scale of the study, soil attributes did not significantly differ for KRAs compared to non-KRAs. Slopes of KRA were generally steeper compared to non-KRAs and elevation was higher at KRAs. Field survey respondents indicated that animals and humans generally avoid difficult to access hilly areas using them only when all other easily accessible rangeland is depleted of forage during droughts. Understanding the nature of KRAs will support identification, protection and restoration of critical forage hotspots for herbivores by strengthening rangeland inventory, monitoring, policy formulation, and conservation efforts to improve habitats and human welfare. (c) 2007 Elsevier Ltd. All rights reserved.