摘要 :
Smart devices have been developed and widely used recently, so they have been applied in the industrial field. If mobile technology is applied to the CAD field, users will be able to obtain many advantages such as high mobility an...
展开
Smart devices have been developed and widely used recently, so they have been applied in the industrial field. If mobile technology is applied to the CAD field, users will be able to obtain many advantages such as high mobility and ease of collaboration. To develop a feature-based CAD system that can be made available on smart devices, we suggested a system using multi-touch inputs in 2012; this was a stand-alone system available without a network. However, the system could not create complex shapes by itself because of the absence of a modeling kernel for the mobile platform and the low computing power of smart devices. To solve this problem of shape creation, this study proposes a client-server system for CAD systems on smart devices. When modeling commands are created from drag-type buttons, at each step, the analyzed modeling commands are sent to the server, the server creates the model and sends it to the smart device, and the smart device visualizes the modeling result. This system can make more complex models than those possible with the existing system. This study compares the developed system with the existing system in order to verify the usability of the new CAD system on smart devices; further, this study suggests how to extend this system to collaborative systems. This CAD system for smart devices can increase the mobility and cooperative nature of CAD systems.
收起
摘要 :
With rapid growth of mobile wireless networks, handheld devices are popularly used by people and many mobile applications have been rapidly developed. Considering the limited computing capability of smart cards or mobile devices, ...
展开
With rapid growth of mobile wireless networks, handheld devices are popularly used by people and many mobile applications have been rapidly developed. Considering the limited computing capability of smart cards or mobile devices, the security scheme design suitable for these mobile devices is a nontrivial challenge. A user authentication scheme is a mechanism to authenticate a remote user over an open network. In 2006, Das et al. proposed an identity (ID)-bascd remote user authentication scheme with smart cards using bilinear pairings. Unfortunately, their scheme is insecure against forgery attack. Recently, Giri and Srivastava proposed an improved scheme to overcome the forgery attack. The computational cost required by the Giri-Srivastava scheme is expensive, especially for smart cards with limited computing capability. In addition, the Giri-Srivastava scheme is unable to be used for a multi-server environment. This paper presents an efficient and secure ID-based remote user authentication scheme using bilinear pairings. Based on the computational Diffie-Hellman assumption, we show that the proposed scheme is secure against existential forgery on adaptively chosen-message and ID attack in the random oracle model. As compared with the recently proposed pairing-based authentication schemes, our scheme has better performance in term of the computational cost and it is suitable for a multi-server environment in distributed networks. Performance analysis and experimental data of related pairing operations on smartcards are given to demonstrate that our scheme is well suited for mobile devices with limited computing capability.
收起
摘要 :
Anonymous password authenticated key exchange (APAKE) protocols allow the server to authenticate its clients without revealing their identities. In this paper, we first construct a basic protocol SAPAKE by using the homomorphic en...
展开
Anonymous password authenticated key exchange (APAKE) protocols allow the server to authenticate its clients without revealing their identities. In this paper, we first construct a basic protocol SAPAKE by using the homomorphic encryption scheme and an auxiliary memory device. Compared with the previous ones, SAPAKE is more suitable for those privacy-sensitive applications (e.g., cloud computing) where reducing server pay load and improving user experience are both essential. Furthermore, we refine SAPAKE by removing the use of the memory device to gain an enhanced extension SAPAKE+ without increasing the resources consumption. SAPAKE+ achieves better user-friendliness than SAPAKE while it requires publishing more public parameters. Both of our protocols are practical due to their low (computation and communication) resources consumption and better user-friendliness, and achieve provable security in the random oracle model.
收起
摘要 :
Session Initial Protocol (SIP) has been widely adopted for signaling and controlling interactive sessions in multimedia communication networks. Despite its various advantages compared to predecessor protocols, the security and pri...
展开
Session Initial Protocol (SIP) has been widely adopted for signaling and controlling interactive sessions in multimedia communication networks. Despite its various advantages compared to predecessor protocols, the security and privacy of the SIP remain challenges due to the risk of real-world public networks. While most SIP applications utilize end-to-end communications, existing studies mainly focus on client-server protocols. In this study, we propose a novel SIP authenticated key agreement protocol for all user-server, user-user, and group communications. An end user employs a short-term token to communicate with either end-users or multimedia servers without connecting to a trusted server. Our security analyzes show that the scheme not only resists all known attacks, but provides the system with many desirable features, including direct end-to-end communications, preserving biometric template privacy, user access control, smart card revocation, and long-term secret updates. The latency of the authenticated key agreement phase is relatively small, and thus this signaling protocol is appropriate for a wide range of real-time applications.
收起
摘要 :
In this paper, we provide a defense mechanism to Kim-Lee-Yoo's ID-based password authentication scheme, which is vulnerable to impersonation attacks and resource exhaustion attacks. Mutual authentication and communication privacy ...
展开
In this paper, we provide a defense mechanism to Kim-Lee-Yoo's ID-based password authentication scheme, which is vulnerable to impersonation attacks and resource exhaustion attacks. Mutual authentication and communication privacy are regarded as essential requirements in today's client/server-based architecture; therefore, a lightweight but secure mutual authentication method is introduced in the proposed scheme. Once the mutual authentication is successful, the session key will be established without any further computation. The proposed defense mechanism not only accomplishes the mutual authentication and the session key establishment, but also inherits the security advantages of Kim-Lee-Yoo's scheme, e.g. it is secure against password guessing attacks and message replay attacks.
收起
摘要 :
Problem statement: The emerging technology in broadband telecommunication and mobile devices has increased the use of mobile applications. However, the use of mobile application is affected with low bandwidth or disrupted broadban...
展开
Problem statement: The emerging technology in broadband telecommunication and mobile devices has increased the use of mobile applications. However, the use of mobile application is affected with low bandwidth or disrupted broadband telecommunication due to building blockage or out of coverage area. Approach: We proposed a Disruption-Tolerant Mobile Application Model (DTMA) that enables remote data access and overcomes constraint due to dysfunctional telecommunication. The interview process of Educational Service Officer at the Malaysian Educational Service Commissioner (MESC) is selected as the case study. Design of the mobile application is based on the Smart Client and wireless Internet application concepts. The main components of the model are mobile devices with its own processing power, data storage, business logic and Web service. These features enable the application to become disruption-tolerant, which can be run even when communication line is not available or disrupted. In order to prove that the proposed model is effective, a prototype based on the DTMA model is developed and evaluated. Results: The prototype is known as Mobile Interview Information System (MIIS) and it was developed using Visual Basic and .Net's programming language in .NET Framework. Visual Studio is used as the platform. Users have performed MIIS testing and DTMA usability assessment in a real environment. The test showed that MIIS based on the DTMA model is disruption-tolerant. MIIS enables information to be accessed and updated even in a disrupted network. MIIS also enables information to be accessed and transmitted from or to the MESC's headquarter via mobile devices. Further, MIIS enables the interview process to be implemented in a more efficient manner without any disruption. Conclusion: Mobile application developed based on the proposed DTMA model was proved to be disruption tolerant. Such application can save time, operational cost and improve the business process in terms of data integrity, mobile access and high availability.
收起
摘要 :
We propose two new authentication schemes for the cloud that support private attribute-based authentication services. The basic scheme is non-anonymous attribute-based authentication scheme. The extended scheme of the basic scheme...
展开
We propose two new authentication schemes for the cloud that support private attribute-based authentication services. The basic scheme is non-anonymous attribute-based authentication scheme. The extended scheme of the basic scheme is fully anonymous attribute-based authentication scheme to realize full anonymity and unlinkability services. In the proposed schemes, a user is authenticated by the remote server if the intersection of the set of his/her assigned attributes and the server's required attributes exceeds a satisfactory predefined level. Unlike existing attribute-based encryption and signature schemes that require the user to perform significant amount of elliptic curve bilinear pairings and modular exponentiations, and require the user to hold a significantly long decryption/signature key, in our schemes the user is not required to perform any bilinear pairings. With a fixed length private key, independent of the number of attributes, the cloud user performs only few exponentiations by which he/she is able to authenticate himself/herself to the remote server and establish a session key with the server with the condition that he/she satisfies a predefined level of the server's attributes requirement. Therefore, our schemes are suitable for implementation on devices with limited resources. We provide the rigorous security of the proposed schemes and complexity analysis of our schemes. Finally, the security and performance comparisons of our schemes with the existing related schemes show that our schemes outperform other existing schemes.
收起
摘要 :
By exploiting the computing power and local data of distributed clients, federated learning (FL) features ubiquitous properties such as reduction of communication overhead and preserving data privacy. In each communication round o...
展开
By exploiting the computing power and local data of distributed clients, federated learning (FL) features ubiquitous properties such as reduction of communication overhead and preserving data privacy. In each communication round of FL, the clients update local models based on their own data and upload their local updates via wireless channels. However, latency caused by hundreds to thousands of communication rounds remains a bottleneck in FL. To minimize the training latency, this work provides a multi-armed bandit-based framework for online client scheduling (CS) in FL without knowing wireless channel state information and statistical characteristics of clients. Firstly, we propose a CS algorithm based on the upper confidence bound policy (CS-UCB) for ideal scenarios where local datasets of clients are independent and identically distributed (i.i.d.) and balanced. An upper bound of the expected performance regret of the proposed CS-UCB algorithm is provided, which indicates that the regret grows logarithmically over communication rounds. Then, to address non-ideal scenarios with non-i.i.d. and unbalanced properties of local datasets and varying availability of clients, we further propose a CS algorithm based on the UCB policy and virtual queue technique (CS-UCB-Q). An upper bound is also derived, which shows that the expected performance regret of the proposed CS-UCB-Q algorithm can have a sub-linear growth over communication rounds under certain conditions. Besides, the convergence performance of FL training is also analyzed. Finally, simulation results validate the efficiency of the proposed algorithms.
收起
摘要 :
An optimization model that incorporates demand in the paradigm of smart grids and distributed generation is formulated. The objective is to transform the demand into an active agent that helps minimizing costs incurred by a distri...
展开
An optimization model that incorporates demand in the paradigm of smart grids and distributed generation is formulated. The objective is to transform the demand into an active agent that helps minimizing costs incurred by a distribution company for energy purchases and capacity payments, in a cost based marginal pricing scheme, also extrapolated to market based bids. The development of a secondary market for ancillary services offered by demand is proposed, with local intelligence and distributed generation, operating in a similar way to a day ahead market. Existing resources from the demand-side are provided to allow hourly market adjustments. The demand uncertain future is modeled via preference models using discrete choice methods. Portfolios of incentives, tailored to demand needs and preferences, are built. Consumption profiles of users are identified from synthetic curves and real consumption profiles, associated to large customers. NYISO time series data are used to illustrate the mechanism operation. The optimization model may be easily integrated into any management model of a market operator or within electricity distribution and traders. The only requirement for proper incorporation is the use of two-way communications for coordinating with the customers in the smart-grid and distributed generation paradigm.
收起