Intelligent video surveillance system using two-factor human information

Recently, with the increase of terror and crime the utilization of security surveillance systems including CCTV increases. However, the issues of privacy invasion occurred by exposing the data recorded through video surveillance system have been raised. In this paper, the intelligent video surveillance system which can prevent the invasion of privacy and complement the monitoring function which will be declined by privacy protection is proposed. The proposed system checks the identification using the smart card and camera at the entrance and extracts the height and color information of object. Inside of the building where only a camera is installed without smart card terminal installed checks the identification using height and color information of object. With the implemented identification function the proposed system sorts the object receiving the privacy protection, implements the monitoring function and provides monitoring and protection function at the same time.     

Security and Privacy for Distributed Multimedia Sensor Networks

There is a critical need to provide privacy and security assurances for distributed multimedia sensor networking in applications including military surveillance and healthcare monitoring. Such guarantees enable the widespread adoption of such information systems, leading to large-scale societal benefit. To effectively address protection and reliability issues, secure communications and processing must be considered from system inception. Due to the emerging nature of broadband sensor systems, this provides fertile research ground for proposing more paradigm-shifting approaches. This paper discusses issues in designing for security and privacy in distributed multimedia sensor networks. We introduce the heterogeneous lightweight sensornets for trusted visual computing framework for distributed multimedia sensor networks. Protection issues within this architecture are analyzed, leading to the development of open research problems including secure routing in emerging free-space optical sensor networks and distributed privacy for vision-rich sensor networking. Proposed solutions to these problems are presented, demonstrating the necessary interaction among signal processing, networking, and cryptography.     

Blockchain-inspired lightweight trust-based system in vehicular networks

A decentralized application runs on the blockchain network without the intervention of a central authority. Transparency in transactions and security in vehicular networks are the issues for central systems. The proposed system uses blockchain-based smart contracts, which eliminate the requirement for any third-party verification. Additionally, with signature verification and reduced overhead, smart contracts also help in a fast and secure transaction. This study suggests a trust-based system paradigm where certificate authority (CA) is employed for vehicle registration. We also propose a blockchain-based system that provides efficient two-way authentication and key agreement through encryption and digital signatures. The analysis of the proposed model reveals that it is an efficient way of establishing distributed trust management, which helps in preserving vehicle privacy. The proposed scheme is tested in Automated Validation of Internet Security-sensitive Protocols (AVISPA), and security parameters verification in Network Simulator 2(NS2) also shows that the proposed scheme is more effective in comparison with existing schemes in terms of authentication cost, storage cost, and overhead.     

IoT/CPS的安全体系结构及关键技术

物联网（IoT）和信息物理融合系统（CPS）作为下一代网络的核心技术,被业界广泛关注。与传统网络不同,IoT/CPS异构融合、协同自治、开放互连的网络特性带来了巨大的系统安全方面的挑战。挑战包括安全协议的无缝衔接、用户隐私保护等。研发新的安全模型、关键安全技术和方法是IoT/CPS发展中的重点。文章基于IoT/CPS安全需求和威胁模型,提出了一种层次化的安全体系结构,并针对隐私保护、跨网认证和安全控制等IoT/CPS的关键安全技术展开讨论。     

BDN-GWMNN: Internet of Things (IoT) Enabled Secure Smart City Applications

Nowadays, next-generation networks such as the Internet of Things (IoT) and 6G are played a vital role in providing an intelligent environment. The development of technologies helps to create smart city applications like the healthcare system, smart industry, and smart water plan, etc. Any user accesses the developed applications; at the time, security, privacy, and confidentiality arechallenging to manage. So, this paper introduces the blockchain-defined networks with a grey wolf optimized modular neural network approach for managing the smart environment security. During this process, construction, translation, and application layers are created, in which user authenticated based blocks are designed to handle the security and privacy property. Then the optimized neural network is applied to maintain the latency and computational resource utilization in IoT enabled smart applications. Then the efficiency of the system is evaluated using simulation results, in which system ensures low latency, high security (99.12%) compared to the multi-layer perceptron, and deep learning networks.

     

An Introduction to Distributed Smart Cameras

Distributed smart cameras (DSCs) are real-time distributed embedded systems that perform computer vision using multiple cameras. This new approach has emerged thanks to a confluence of simultaneous advances in four key disciplines: computer vision, image sensors, embedded computing, and sensor networks. Processing images in a network of distributed smart cameras introduces several complications. However, we believe that the problems DSCs solve are much more important than the challenges of designing and building a distributed video system. We argue that distributed smart cameras represent key components for future embedded computer vision systems and that smart cameras will become an enabling technology for many new applications. We summarize smart camera technology and applications, discuss current trends, and identify important research challenges.      

IP2DM: integrated privacy‐preserving data management architecture for smart grid V2G networks

With the development of battery vehicles, vehicle‐to‐grid (V2G) networks are becoming more and more important in smart grid. Although battery vehicles are environmentally friendly and flexible to use two‐way communication and two‐way electricity flow, they also raise privacy‐preservation challenges, such as location and movement privacy. On the one hand, utility companies have to monitor the grid and analyze user data to control the power production, distribution, scheduling, and billing process, while typical users need to access their data later online. On the other hand, users are not willing to provide their personal data because they do not trust the system security of the utility companies where their data stored, and it may potentially expose their privacy. Therefore, in this paper, we study data management of V2G networks in smart grid with privacy‐preservation to benefit both the customers and the utility companies. Both data aggregation and data publication of V2G networks are protected in the proposed architecture. To check its security, we analyze this architecture in several typical V2G networks attacks. We conduct several experiments to show that the proposed architecture is effective and efficient, and it can enhance user privacy protection while providing enough information for utility companies to analyze and monitor the grid. Copyright © 2016 John Wiley & Sons, Ltd.     

Applications of information networks

The present and projected applications of computer-communication networks or information networks include electronic mail, teleconferencing "the office of the future," management information systems, modeling, "computerized commerce," monitoring of patients, military command and control, home security, education, and news. This paper briefly examines 30 such applications and the network capabilities they require. It presents a way of estimating the relative importance of various network characteristics and of predicting the suitability of a network or network architecture for a given set of applications. The paper then considers several issues that relate to the political, social, and economic impacts of networks. Among the issues are privacy, security, compatibility, impact on productivity, the roles of networks in international technology transfer and economic competition, and the confluence or collision of the fields of computers and telecommunications.     

Security and privacy in 6G networks: New areas and new challenges

With the deployment of more and more 5g networks, the limitations of 5g networks have been found, which undoubtedly promotes the exploratory research of 6G networks as the next generation solutions. These investigations include the fundamental security and privacy problems associated with 6G technologies. Therefore, in order to consolidate and solidify this foundational research as a basis for future investigations, we have prepared a survey on the status quo of 6G security and privacy. The survey begins with a historical review of previous networking technologies and how they have informed the current trends in 6G networking. We then discuss four key aspects of 6G networks – real-time intelligent edge computing, distributed artificial intelligence, intelligent radio, and 3D intercoms – and some promising emerging technologies in each area, along with the relevant security and privacy issues. The survey concludes with a report on the potential use of 6G. Some of the references used in this paper along and further details of several points raised can be found at: security-privacyin5g-6g.github.io.     

物联网的问题和挑战

如今,随着物联网应用范围的不断扩大,其发展已经体现出了多面性。这是从基于计算机的网络模式向智能对象的完全分布式网络的重大转变,这种变化带来了体系结构和安全等问题。文章从物联网的概念、结构、挑战和安全隐私方面对其进行了介绍。     

云计算、物联网、智慧地球及其相关法律问题

本文分别简单介绍云计算、物联网和智慧球三者的概念及发展状况,并对三者可能涉及的法律问题展开讨论。云计算虽处于发展初期,但已有一定规模的应用;物联网技术相对比较成熟,电子标签已得到广泛应用;智慧地球是一种建立在云计算和物联网基础之上的未来地球发展的战略模式。云计算、物联网和智慧地球因其自身的技术牦羔,存在隐私、安全等方面的隐患。解决这些问题除了依靠技术手段,相关的法律制定尤为重要。     

Provable analysis and improvement of smart card–based anonymous authentication protocols

Nowadays, authentication protocols are essential for secure communications specially for roaming networks, distributed computer networks, and remote wireless communication. The numerous users in these networks rise vulnerabilities. Thus, privacy‐preserving methods have to be run to provide more reliable services and sustain privacy. Anonymous authentication is a method to remotely authenticate users with no revelation about their identity. In this paper, we analyze 2 smart card–based protocols that the user's identity is anonymous. However, we represent that they are vulnerable to privileged insider attack. It means that the servers can compromise the users' identity for breaking their privacy. Also, we highlight that the Wen et al protocol has flaws in both stolen smart card and stolen server attacks and the Odelu et al protocol is traceable. Then, we propose 2 modified anonymous authentication protocols. Finally, we analyze our improved protocols with both heuristic and formal methods.     

Security and Privacy in IoT: A Survey

The Internet of Things (IoT) is a network of globally connected physical objects, which are associated with each other via Internet. The IoT foresees the interconnection of few trillions of intelligent objects around us, uniquely and addressable every day, these objects have the ability to accumulate process and communicate data about themselves and their surrounding environment. The best examples of IoT systems are health care, building smart city with advance construction management system, public and defense surveillance and data acquisition. Recent advancement in the technology has developed smart and intelligent sensor nodes and RFIDs lead to a large number of wireless networks with smart and intelligent devices (object, or things) connected to the Internet continuously transmit the data. So to provide security and privacy to this data in IoT is a very challenging task, which is to be concerned at highest priority for several current and future applications of IoT. Devices such as smart phone, WSNs and RFIDs etc., are the major components of IoT network which are basically resource constrained devices. Design and development of security and privacy management schemes for these devices is guided by factors like good performance, low power consumption, robustness to attacks, tampering of the data and end to end security. Security schemes in IoT provide unauthorized access to information or other objects by protecting against alterations or destruction. Privacy schemes maintain the right to control about the collected information for its usage and purpose. In this paper, we have surveyed major challenges such as Confidentiality, Integrity, Authentication, and Availability for IoT in a brief manner.

     

Modeling privacy issues in distributed enterprise resource planning systems

With extensive usage and dependence on communication networks, ‘privacy’ issues in enterprise distributed systems have become fundamentally important. Privacy concerns have flooded the market especially in the public domain, and with the changing environment of software usage and involvement of malicious substances associated with any network, it becomes essential to safeguard and ascertain privacy among users and incorporate the same safeguard to protect privacy in software as well. The methodologies and tools architecting distributed enterprise resource planning (ERP) systems are primarily new and are vulnerable to malicious attacks. This paper aims at identifying some of critical privacy issues by collecting data from ERP practitioners. This work models variables associated with ERP with the variables of privacy to establish a robust adoption of ERP practices. Privacy issues concerning ERP are listed. Several variables associated with the development, implementation, and control of ERP are identified in the existing literature. A questionnaire instrument was distributed among a set of ERP practitioners. The response data collected thereby were analyzed statistically. Based upon the statistical analysis, an attempt has been made in the paper to make a ranking of the privacy factors. The observations are discussed in detail, and some specific conclusions have been made. Copyright © 2014 John Wiley & Sons, Ltd.     

基于物联网技术的智能电网数据安全问题研究进展

为了保护智能电网设备中的核心数据与用户的个人隐私,分布式计算和同态加密等多项物联网安全技术逐渐受到了关注。近年来,物联网技术的发展推动了电网智能化的快速普及,而智能电网的应用又促进了物联网技术的更新。文中通过介绍智能电网所面临的多种攻击方法,回顾、梳理了智能电网数据安全问题的研究背景和现状。在此基础上,探讨与分析了虚假数据注入攻击及个人隐私保护问题的定义,展望了智能电网数据安全技术未来的研究方向和思路。     

Breakthrough in privacy concerns and lawful access conflicts

The widespread use and misuse of communication systems, especially in the era of speedy transmission of audio/visual information facilitated by the World Wide Web, creates a need for the regulation of information flow. This is in order to ensure a high level of consistency in information security and integrity. On the other hand, ensuring that users have access to security techniques that meet their needs, so that they can trust in the security of information and communications systems while maintaining the confidentiality and integrity of data on such systems, is a must. For example, in many countries, law enforcement can lawfully access stored data or intercept communications under certain conditions. The important law enforcement tools necessary to carry out these exercises could be hampered by the use of uncontrolled cryptography, which may prevent lawful access to either plaintext or cryptographic keys of encrypted data. The privacy and integrity of data on communications systems are of vital importance. This paper addresses the issue at stake in communication security and the user's right to information on legal and social ramifications. This work describes how vital security techniques may be to information technology especially in the Internet era and how there could be a balance to individual privacy [Computers System and Network Security: Principles and Practice, 1999] and public safety in communication. This is one of the most essential issues at stake in communication security. It evaluates the threat caused by intrusion/violations of privacy rights by law enforcement agents and presents a better strategy of how crime can be traced and how criminals might be arrested by law enforcement agents without violating users' privacy rights. We propose an idea called SPLC – solution to privacy and lawful access conflict. SPLC realizes/instills online users' confidence and makes the Internet a fraud-free environment for e-commerce and other online activity.     

A review on smart home present state and challenges: linked to context-awareness internet of things (IoT)

The smart home is considered as an essential domain in Internet of Things (IoT) applications, it is an interconnected home where all types of things interact with each other via the Internet. This helps to automate the home by making it smart and interconnected. However, at the same time, it raises a great concern of the privacy and security for the users due to its capability to be controlled remotely. Hence, the rapid technologically growth of IoT raises abundant challenges such as how to provide the home users with safe and secure services keeping privacy in the account and how to manage the smart home successfully under the controlled condition to avoid any further secrecy or theft of personal data. A number of the research papers are available to address these critical issues, researchers presented different approaches to overcome these stated issues. This research review will analyze smart home approaches, challenges and will suggest possible solutions for them and illustrate open issues that still need to be addressed.

     

A secure spectrum auction scheme without the trusted party based on the smart contract

With the development of communication 5G networks and technologies, spectrum resources are increasingly scarce. The scarcity of the spectrum resource makes market-driven spectrum auction become an important means of spectrum allocation, and due to the complexity of the network environment, the security of spectrum auctions can not be ignored. Most existing secure spectrum auction schemes introduce a semi-honest agent to complete spectrum auction. However, the hypothetical semi-honest model does not guarantee the security of spectrum auction in the actual application scenario, which may lead to potential security threats: the agent may reveal the privacy of bidders, agent or auctioneer may collude with the bidder to manipulate the spectrum auction, and so on. In this paper, a secure spectrum auction scheme without a trusted party is proposed based on the smart contract technology, and the smart contract written into the blockchain replaces the traditional semi-honest agent to cooperate with the auctioneer server to complete the auction. In order to ensure the security of our scheme, a secure spectrum auction protocol is designed, in which the Software Guard Extensions (SGX) technology and Paillier cryptosystem are used to protect the privacy of bidders. Public verification is provided in our protocol by using extensive Pedersen commitment, which prevents the auctioneer server and the bidder from colluding with each other and verifies group bid sum values. Finally, the security analysis is given to propose several types of attacks that can be defended. Besides, theoretical analysis and simulation experiments of our protocol are also provided.     

Critical issues in Internet commerce

In this article the authors identify reliability, privacy, and security as critical issues in electronic commerce. In other work, designers of information systems have identified other issues as critical, such as the ability to provide offline verification. It is widely agreed that an electronic currency system must provide divisibility, scalability in number of users, conservation of money or tamper resistance, exchangeability or interoperability, and availability. However, by returning to the fundamental definition of money and the essential nature of electronic information systems, the authors argue that privacy, reliability, and security are also critical issues. It is argued that these issues are particularly important in Internet commerce. The authors conclude by noting how some proposed Internet commerce systems provide, or fail to provide, security, reliability, and privacy     

Security for Industrial Communication Systems

Modern industrial communication networks are increasingly based on open protocols and platforms that are also used in the office IT and Internet environment. This reuse facilitates development and deployment of highly connected systems, but also makes the communication system vulnerable to electronic attacks. This paper gives an overview of IT security issues in industrial automation systems which are based on open communication systems. First, security objectives, electronic attack methods, and the available countermeasures for general IT systems are described. General security objectives and best practices are listed. Particularly for the TCP/IP protocol suite, a wide range of cryptography-based secure communication protocols is available. The paper describes their principles and scope of application. Next, we focus on industrial communication systems, which have a number of security-relevant characteristics distinct from the office IT systems. Confidentiality of transmitted data may not be required; however, data and user authentication, as well as access control are crucial for the mission critical and safety critical operation of the automation system. As a result, modern industrial automation systems, if they include security measures at all, emphasize various forms of access control. The paper describes the status of relevant specifications and implementations for a number of standardized automation protocols. Finally, we illustrate the application of security concepts and tools by brief case studies describing security issues in the configuration and operation of substations, plants, or for remote access.