Catálogo de publicaciones - libros

In a ubiquitous computing environment, every service should have the characteristic of context-awareness and location information is an important factor to grasp a user’s context. Thus, location privacy is an major security issue of ubiquitous computing environment. Most research on location privacy is focused on protecting the location information itself. However, not only prohibiting acquirement of the sensitive information illegally but also forbidding abuse of the information obtained legally is important to protect user privacy. In order to satisfy this claim, we propose a new privacy-aware service protocol for a ubiquitous computing environment. The proposed protocol decouples the relation between a user’s identity and location. Moreover, it uses anonymous communication channel to hide the user’s service consume pattern.

Nowadays, computer network systems play an increasingly important role in our society. They have become the target of a wide array of malicious attacks that can turn into actual intrusions. This is the reason why computer security has become an essential concern for network administrators. Intrusions can wreak havoc on LANs. And the time and cost to repair the damage can grow to extreme proportions. Instead of using passive measures to fix and patch security holes, it is more effective to adopt proactive measures against intrusions. Recently, several IDS have been proposed and they are based on various technologies. However, these techniques, which have been used in many systems, are useful only for detecting the existing patterns of intrusion. It can not detect new patterns of intrusion. Therefore, it is necessary to develop a new technology of IDS that can find new patterns of intrusion. This paper investigates the asymmetric costs of false errors to enhance the detection systems performance. The proposed method utilizes a network model considering the cost ratio of false errors. Compared with false positive, this scheme accomplishes both security and system performance objectives. The results of our empirical experiment show that the network model provides high accuracy in detection. In addition, the simulation results show that effectiveness of probe detection can be enhanced by considering the costs of false errors.

In this paper, we study the web technologies that allow ubiquitous spaces to create dynamic web pages in accordance with user profiles. Especially, we explore the server-side scripting approach, the most popular technology for dynamic web pages. This approach mainly adopts the execute-while-parsing model, which suffers from the interpretation overhead. Recently, the compilethen- execute model was proposed to address the overhead. This paper compares and analyzes the two models, while performing benchmark test in Microsoft ASP and ASP.NET environment. The benchmark results show that, due to the high initialization overhead, the compile-then-execute model cannot substantially improve the execute-while-parsing model. Also, the best performance can be achieved through optimization rather than compiled execution. Based on the results of the benchmark test, we develop a speedup model, which estimates the maximum performance improvement achievable by the compile-then-execute model.

In this paper, we propose multimedia service system, called UMS ( Ubiquitous Multimedia Service), for smart and secure service based on context in intelligent ubiquitous home. The proposed system provides user centric multimedia service based on context including user location, user preference and device status information. In addition, the proposed system supports ubi-home super-distribution which contents can distribute safely and consume from the central intelligent and secure media center to the end terminal in intelligent ubi-home. Furthermore, we propose and apply a VTDC algorithm for customized contents to multimedia players. Finally, a prototype of USN device is designed and implemented to realize intelligent Ubi-home supporting smart service.

Due to the stateless nature of the internet, it is an intricate problem to determine the source of spoofed attacking packets. To handle this problem we utilize the IP traceback mechanism to know the actual source of an IP datagram. While many IP traceback techniques have been proposed but most of the previous studies focus and offer solutions for DDoS attacks done on IPv4 environment. Significant difference exists between IPv4 and IPv6 Networks. Therefore, the mechanisms for tracing the origin of attacks in IPv6 networks have abundant differences from those of IPv4 networks. In this paper, we proposed an efficient Lightweight IPv6 traceback algorithm. We also discussed the problems related to previously proposed IPv4 traceback schemes and presented the Error Correction and Modified Path MTU calculation algorithm to make our scheme more practical.

The lack of verifying source address in Internet makes it easy for attackers to spoof the source IP address. One of challenges of Internet has been recognized is building mechanisms in routers to verify the source address. This paper discusses Source Address Spoofing Prevention (SASP) mechanisms, presents a formal description on SASP network and SASP router, proposes a hierarchical SASP architecture, and presents some design principles of SASP mechanisms.

In this paper, we present FBAC (Flexible Bound Admission Control) algorithm using softness profile to reduce handover blocking probability over WLAN and WAAN (Wide Area Access Network). FBAC algorithm utilizes dynamic resource allocation scheme to decrease the blocking probability of vertical handover connections within the limited capacity of system. Based on FBAC algorithm, we derive the handover blocking probability as new traffic load and handover traffic load increase. In order to evaluate the performance, we compare FBAC algorithm against traditional non-bounded and fixed bound schemes. Numerical results show that the FBAC scheme improves handover blocking probability in ubiquitous environment.

The new algorithmic technique which allow higher efficiency in the precise calculation of the reliability of an undirected graph with absolutely reliable nodes and unreliable edges is considered in this paper. As graph’s reliability we mean its probabilistic connectivity. The proposed technique is based on the reduction of the dimension of a calculated graph by considering its node’s cuts. Comprehensive computer simulation results show the advantages of the proposed algorithms, that the calculation time decreases significantly in comparison with existent methods.

Even though its advantages such as non-volatility, fast write access time and solid-state shock resistance, NAND flash memory suffers from out-place-update, limited erase cycles, and page-based I/O operations. How to provide fast mounting and consistency of file system and data for flash memory file systems has become important research topics in recent years. In this paper, we design and propose a new flash memory file system called RFFS (Reliable Flash File System), which targets NAND flash memory based embedded systems that require fast mounting and fault tolerant file system. We have experimented on the performance of RFFS and the results showed that RFFS could improve the mounting time by 65%–76% compared with YAFFS. Also RFFS improved mounting time after sudden system faults by 89%–92% compared with JFFS2.

The method of broadcast encryption has been applied to the transmission of digital information such as multimedia, software, and paid TV on the open network. In this broadcast encryption method, only previously authorized users can gain access to digital information. When broadcast message is transmitted, authorized users can first decode the session key using the previously given private key and get digital information using this session key. This way, users retrieve a message or a session key using the key transmitted by broadcasters. For their part, broadcasters need to generate and distribute keys. Broadcasters should also carry out efficient key renewal when users subscribe or unsubscribe. This paper introduces how to generate and distribute key efficiently and how key renewal works. The proposal uses two methods: (1) the server generates keys without the consent of users by anticipating users, and; (2) the server and users generate keys by mutual agreement. The advantage of the two proposed methods is that the receiver can decode broadcast message using a secret key. Even if the key is renewed later, the user can efficiently renew using only a single set of information.