The rapid development of IoT technology has led to the usage of various devices in our daily life. Along with the ever-increasing rise of the Internet of Things, the use of appropriate methods for establishing secure communications in health care systems is vital. The adoption of high-security optimal mechanisms for this purpose has been more effective regarding the efficiency of medical information systems; hence, many studies are being conducted in this field today. One of the most important components is the RFID cards that can be used for communication between entities in the environment. In healthcare systems, patient information is critical and nobody should have access to this information. Thus, providing security for these networks is essential. Recently, good researches have been done in the area of authentication for medical information systems, using RFID technology, which has a low computational cost. In this paper, we propose a novel method based on elliptic curve cryptography for vital and efficient and scalable authentication between RFID cards, card readers, and servers. This proposed method maintains security and has less computational cost and low elliptic curve point multiplication running time compared to similar recent methods.
Cloud service providers offer their customers with on-demand and cost-effective services, scalable computing, and network infrastructures. Enterprises migrate their services to the cloud to utilize the benefit of cloud computing such as eliminating the capital expense of their computing need. There are security vulnerabilities and threats in the cloud. Many researches have been proposed to analyze the cloud security using Graphical Security Models (GSMs) and security metrics. In addition, it has been widely researched in finding appropriate defensive strategies for the security of the cloud. Moving Target Defense (MTD) techniques can utilize the cloud elasticity features to change the attack surface and confuse attackers. Most of the previous work incorporating MTDs into the GSMs are theoretical and the performance was evaluated based on the simulation. In this paper, we realized the previous framework and designed, implemented and tested a cloud security assessment tool in a real cloud platform named UniteCloud. Our security solution can (1) monitor cloud computing in real-time, (2) automate the security modeling and analysis and visualize the GSMs using a Graphical User Interface via a web application, and (3) deploy three MTD techniques including Diversity, Redundancy, and Shuffle on the real cloud infrastructure. We analyzed the automation process using the APIs and showed the practicality and feasibility of automation of deploying all the three MTD techniques on the UniteCloud.
The main idea behind social participatory sensing is to leverage social friends as crowd workers to participate in mo bile sensing tasks. A main challenge, however, is the recruitment of sufficient number of well-suited participants. Contributing sensing data requires time and monetary cost and may potentially impose privacy risks. This may lead to the unwillingness of the participants to contribute without obtaining explicit incentives. In this paper, we propose an incentive scheme for social participatory sensing. The goal is to address the participation insufficiency by allocating rewards to contributors, hence attracting greater num ber of suitable participants. Specifically, the scheme first identifies a set of candidates as potential participants based on certain suitability factors such as expertise, reputation, pairwise privacy, etc. It then selects the most suitable participants considering their desired bids and the task budget. Once their contributions are delivered, participants are rewarded. The reward allocated to a participant depends on the quality of his own contribution as well as the contributions made by his social friends (who are motivated to participate by him). This is shown to be effective in attracting a greater amount of participation since it encourages participants to invite their friends in order to receive more reward. Simulation results demonstrate the efficacy of our proposed incentive scheme in terms of selecting sufficient number of well-suited participants.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.