The secured access is studied in this paper for the network of the image remote sensing.Each sensor in this network encounters the information security when uploading information of the images wirelessly from the sens...The secured access is studied in this paper for the network of the image remote sensing.Each sensor in this network encounters the information security when uploading information of the images wirelessly from the sensor to the central collection point.In order to enhance the sensing quality for the remote uploading,the passive reflection surface technique is employed.If one eavesdropper that exists nearby this sensor is keeping on accessing the same networks,he may receive the same image from this sensor.Our goal in this paper is to improve the SNR of legitimate collection unit while cut down the SNR of the eavesdropper as much as possible by adaptively adjust the uploading power from this sensor to enhance the security of the remote sensing images.In order to achieve this goal,the secured energy efficiency performance is theoretically analyzed with respect to the number of the passive reflection elements by calculating the instantaneous performance over the channel fading coefficients.Based on this theoretical result,the secured access is formulated as a mathematical optimization problem by adjusting the sensor uploading power as the unknown variables with the objective of the energy efficiency maximization while satisfying any required maximum data rate of the eavesdropper sensor.Finally,the analytical expression is theoretically derived for the optimum uploading power.Numerical simulations verify the design approach.展开更多
Global food security is a pressing issue that affects the stability and well-being of communities worldwide.While existing Internet of Things(IoT)enabled plant monitoring systems have made significant strides in agric...Global food security is a pressing issue that affects the stability and well-being of communities worldwide.While existing Internet of Things(IoT)enabled plant monitoring systems have made significant strides in agricultural monitoring,they often face limitations such as high power consumption,restricted mobility,complex deployment requirements,and inadequate security measures for data access.This paper introduces an enhanced IoT application for agricultural monitoring systems that address these critical shortcomings.Our system strategically combines power efficiency,portability,and secure access capabilities,assisting farmers in monitoring and tracking crop environmental conditions.The proposed system includes a remote camera that captures images of surrounding plants and a sensor module that regularly monitors various environmental factors,including temperature,humidity,and soil moisture.We implement power management strategies to minimize energy consumption compared to existing solutions.Unlike conventional systems,our implementation utilizes the Amazon Web Services(AWS)cloud platform for reliable data storage and processing while incorporating comprehensive security measures,including Two-Factor Authentication(2FA)and JSON Web Tokens(JWT),features often overlooked in current agricultural IoT solutions.Users can access this secure monitoring system via a developed Android application,providing convenient mobile access to the gathered plant data.We validate our system’s advantages by implementing it with two potted garlic plants on Okayama University’s rooftop.Our evaluation demonstrates high sensor reliabil-ity,with strong correlations between sensor readings and reference data,achieving determination coefficients(R2)of 0.979 for temperature and 0.750 for humidity measurements.The implemented power management strategies extend battery life to 10 days on a single charge,significantly outperforming existing systems that typically require daily recharging.Furthermore,our dual-layer security implementation utilizing 2FA and JWT successfully protects sensitive agricultural data from unauthorized access.展开更多
Due to the rapid development of broadband access technologies, the broadband access networks have wider and wider application. However, with the development, the security issue became a public concern. Under the envir...Due to the rapid development of broadband access technologies, the broadband access networks have wider and wider application. However, with the development, the security issue became a public concern. Under the environment of access network, customers, access equipment and networks all face various threats, especially those from the user side. Such technologies and solutions as port positioning, fraud prevention on Medium Access Control (MAC) addresses and monitoring of illegal services might be the solution to the security problem existing in the current networks.展开更多
Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking (ICN) is an emerging approach to satisfy this demand, w...Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking (ICN) is an emerging approach to satisfy this demand, where big data is cached ubiquitously in the network and retrieved using data names. However, existing authentication and authorization schemes rely mostly on centralized servers to provide certification and mediation services for data retrieval. This causes considerable traffic overhead for the secure distributed sharing of data. To solve this problem, we employ identity-based cryptography (IBC) to propose a Distributed Authentication and Authorization Scheme (DAAS), where an identity-based signature (IBS) is used to achieve distributed verifications of the identities of publishers and users. Moreover, Ciphertext-Policy Attribnte-based encryption (CP-ABE) is used to enable the distributed and fine-grained authorization. DAAS consists of three phases: initialization, secure data publication, and secure data retrieval, which seamlessly integrate authentication and authorization with the in- terest/data communication paradigm in ICN. In particular, we propose trustworthy registration and Network Operator and Authority Manifest (NOAM) dissemination to provide initial secure registration and enable efficient authentication for global data retrieval. Meanwhile, Attribute Manifest (AM) distribution coupled with automatic attribute update is proposed to reduce the cost of attribute retrieval. We examine the performance of the proposed DAAS, which shows that it can achieve a lower bandwidth cost than existing schemes.展开更多
The mega-constellation is a major future development direction for space-based technologies in communications,navigation,remote sensing,and other fields.However,there are marked security threats to the mega-constellat...The mega-constellation is a major future development direction for space-based technologies in communications,navigation,remote sensing,and other fields.However,there are marked security threats to the mega-constellation.Traditional password-based security protection techniques are inefficient for vast node access authentication because they lack a unified management system and methodology.To address the aforementioned issues,this work presents a mega-constellation node security access authentication technique based on sharding blockchain via the“1+N+1”mega-constellation security and trustworthiness architecture.We build a distributed node security access authentication system based on functional domains and functional cross-domains,and we develop mathematical models for the complexity of messaging and space,the throughput of transactions,and the overall estimation of sharding blockchain systems.The results demonstrate that every indicator outperforms conventional blockchain techniques,which has major implications for mega-constellation by creating a complete link security and trustworthiness system.A universal solution for the number of consensus nodes I and the number of shards N is found,which can be used to guide parameter design in mega-constellation sharding blockchain systems.展开更多
In cloud computing applications, users' data and applications are hosted by cloud providers. This paper proposed an access control scheme that uses a combination of discretionary access control and cryptographic tech...In cloud computing applications, users' data and applications are hosted by cloud providers. This paper proposed an access control scheme that uses a combination of discretionary access control and cryptographic techniques to secure users' data and applications hosted by cloud providers. Many cloud applications require users to share their data and applications hosted by cloud providers. To facilitate resource sharing, the proposed scheme allows cloud users to delegate their access permissions to other users easily. Using the access control policies that guard the access to resources and the credentials submitted by users, a third party can infer information about the cloud users. The proposed scheme uses cryptographic techniques to obscure the access control policies and users' credentials to ensure the privacy of the cloud users. Data encryption is used to guarantee the confidentiality of data. Compared with existing schemes, the proposed scheme is more flexible and easy to use. Experiments showed that the proposed scheme is also efficient.展开更多
With the continuous development of satellite communication and Internet of things technology,more and more devices can access space information networks(SIN)and enjoy satellite services everywhere in the world.However...With the continuous development of satellite communication and Internet of things technology,more and more devices can access space information networks(SIN)and enjoy satellite services everywhere in the world.However,due to the openness of the air-to-ground channel,the device will face a series of security threats when accessing SIN,such as replay attacks,eavesdropping attacks,impersonation attacks,and man-in-the-middle attacks.These security threats will lead to illegal entity access and further endanger the reliability and availability of the system.Although scholars have proposed many enhanced security access authentication protocols,most of them have been proved to have security vulnerabilities.In addition,with the development of quantum computing,the previous authentication protocols based on some asymmetric cryptographic mechanisms such as discrete logarithm and elliptic curve cryptographic mechanisms may face new security challenges.In this context,this paper proposes a novel antiquantum access authentication protocol based on ring learning with errors(RLWE),which meets more security requirements and greatly reduces the authentication delay through prenegotiation.Through the security analysis and performance analysis,it is shown that our protocol can be more suitable for delaysensitive IoT devices to access SIN while ensuring higher security.展开更多
A power balance static random-access memory(SRAM) for resistance to differential power analysis(DPA) is proposed. In the proposed design, the switch power consumption and short-circuit power consumption are balanc...A power balance static random-access memory(SRAM) for resistance to differential power analysis(DPA) is proposed. In the proposed design, the switch power consumption and short-circuit power consumption are balanced by discharging and pre-charging the key nodes of the output circuit and adding an additional shortcircuit current path. Thus, the power consumption is constant in every read cycle. As a result, the DPA-resistant ability of the SRAM is improved. In 65 nm CMOS technology, the power balance SRAM is fully custom designed with a layout area of 5863.6 μm^2.The post-simulation results show that the normalized energy deviation(NED) and normalized standard deviation(NSD) are 0.099% and 0.04%, respectively. Compared to existing power balance circuits, the power balance ability of the proposed SRAM has improved 53%.展开更多
基金supported in part by Jiangsu Province High Level“333”Program (0401206044)National Natural Science Foundation of China (61801243,62072255)+4 种基金Program for Scientific Research Foundation for Talented Scholars of Jinling Institute of Technology (JIT-B-202031)University Incubator Foundation of Jinling Institute of Technology (JIT-FHXM-202110)Open Project of Fujian Provincial Key Lab.of Network Security and Cryptology (NSCL-KF2021-02)Open Foundation of National Railway Intelligence Transportation System Engineering Tech.Research Center (RITS2021KF02)China Postdoctoral Science Foundation (2019M651914)。
文摘The secured access is studied in this paper for the network of the image remote sensing.Each sensor in this network encounters the information security when uploading information of the images wirelessly from the sensor to the central collection point.In order to enhance the sensing quality for the remote uploading,the passive reflection surface technique is employed.If one eavesdropper that exists nearby this sensor is keeping on accessing the same networks,he may receive the same image from this sensor.Our goal in this paper is to improve the SNR of legitimate collection unit while cut down the SNR of the eavesdropper as much as possible by adaptively adjust the uploading power from this sensor to enhance the security of the remote sensing images.In order to achieve this goal,the secured energy efficiency performance is theoretically analyzed with respect to the number of the passive reflection elements by calculating the instantaneous performance over the channel fading coefficients.Based on this theoretical result,the secured access is formulated as a mathematical optimization problem by adjusting the sensor uploading power as the unknown variables with the objective of the energy efficiency maximization while satisfying any required maximum data rate of the eavesdropper sensor.Finally,the analytical expression is theoretically derived for the optimum uploading power.Numerical simulations verify the design approach.
基金supported by the budget of GIC project at Okayama University.
文摘Global food security is a pressing issue that affects the stability and well-being of communities worldwide.While existing Internet of Things(IoT)enabled plant monitoring systems have made significant strides in agricultural monitoring,they often face limitations such as high power consumption,restricted mobility,complex deployment requirements,and inadequate security measures for data access.This paper introduces an enhanced IoT application for agricultural monitoring systems that address these critical shortcomings.Our system strategically combines power efficiency,portability,and secure access capabilities,assisting farmers in monitoring and tracking crop environmental conditions.The proposed system includes a remote camera that captures images of surrounding plants and a sensor module that regularly monitors various environmental factors,including temperature,humidity,and soil moisture.We implement power management strategies to minimize energy consumption compared to existing solutions.Unlike conventional systems,our implementation utilizes the Amazon Web Services(AWS)cloud platform for reliable data storage and processing while incorporating comprehensive security measures,including Two-Factor Authentication(2FA)and JSON Web Tokens(JWT),features often overlooked in current agricultural IoT solutions.Users can access this secure monitoring system via a developed Android application,providing convenient mobile access to the gathered plant data.We validate our system’s advantages by implementing it with two potted garlic plants on Okayama University’s rooftop.Our evaluation demonstrates high sensor reliabil-ity,with strong correlations between sensor readings and reference data,achieving determination coefficients(R2)of 0.979 for temperature and 0.750 for humidity measurements.The implemented power management strategies extend battery life to 10 days on a single charge,significantly outperforming existing systems that typically require daily recharging.Furthermore,our dual-layer security implementation utilizing 2FA and JWT successfully protects sensitive agricultural data from unauthorized access.
文摘Due to the rapid development of broadband access technologies, the broadband access networks have wider and wider application. However, with the development, the security issue became a public concern. Under the environment of access network, customers, access equipment and networks all face various threats, especially those from the user side. Such technologies and solutions as port positioning, fraud prevention on Medium Access Control (MAC) addresses and monitoring of illegal services might be the solution to the security problem existing in the current networks.
文摘Big data has a strong demand for a network infrastructure with the capability to support data sharing and retrieval efficiently. Information-centric networking (ICN) is an emerging approach to satisfy this demand, where big data is cached ubiquitously in the network and retrieved using data names. However, existing authentication and authorization schemes rely mostly on centralized servers to provide certification and mediation services for data retrieval. This causes considerable traffic overhead for the secure distributed sharing of data. To solve this problem, we employ identity-based cryptography (IBC) to propose a Distributed Authentication and Authorization Scheme (DAAS), where an identity-based signature (IBS) is used to achieve distributed verifications of the identities of publishers and users. Moreover, Ciphertext-Policy Attribnte-based encryption (CP-ABE) is used to enable the distributed and fine-grained authorization. DAAS consists of three phases: initialization, secure data publication, and secure data retrieval, which seamlessly integrate authentication and authorization with the in- terest/data communication paradigm in ICN. In particular, we propose trustworthy registration and Network Operator and Authority Manifest (NOAM) dissemination to provide initial secure registration and enable efficient authentication for global data retrieval. Meanwhile, Attribute Manifest (AM) distribution coupled with automatic attribute update is proposed to reduce the cost of attribute retrieval. We examine the performance of the proposed DAAS, which shows that it can achieve a lower bandwidth cost than existing schemes.
基金the specific grant from China’s National Social Science Foundation (U23B2025 and U22B2014).
文摘The mega-constellation is a major future development direction for space-based technologies in communications,navigation,remote sensing,and other fields.However,there are marked security threats to the mega-constellation.Traditional password-based security protection techniques are inefficient for vast node access authentication because they lack a unified management system and methodology.To address the aforementioned issues,this work presents a mega-constellation node security access authentication technique based on sharding blockchain via the“1+N+1”mega-constellation security and trustworthiness architecture.We build a distributed node security access authentication system based on functional domains and functional cross-domains,and we develop mathematical models for the complexity of messaging and space,the throughput of transactions,and the overall estimation of sharding blockchain systems.The results demonstrate that every indicator outperforms conventional blockchain techniques,which has major implications for mega-constellation by creating a complete link security and trustworthiness system.A universal solution for the number of consensus nodes I and the number of shards N is found,which can be used to guide parameter design in mega-constellation sharding blockchain systems.
文摘In cloud computing applications, users' data and applications are hosted by cloud providers. This paper proposed an access control scheme that uses a combination of discretionary access control and cryptographic techniques to secure users' data and applications hosted by cloud providers. Many cloud applications require users to share their data and applications hosted by cloud providers. To facilitate resource sharing, the proposed scheme allows cloud users to delegate their access permissions to other users easily. Using the access control policies that guard the access to resources and the credentials submitted by users, a third party can infer information about the cloud users. The proposed scheme uses cryptographic techniques to obscure the access control policies and users' credentials to ensure the privacy of the cloud users. Data encryption is used to guarantee the confidentiality of data. Compared with existing schemes, the proposed scheme is more flexible and easy to use. Experiments showed that the proposed scheme is also efficient.
基金supported by the National Natural Science Foundation of China under Grant 61672092.
文摘With the continuous development of satellite communication and Internet of things technology,more and more devices can access space information networks(SIN)and enjoy satellite services everywhere in the world.However,due to the openness of the air-to-ground channel,the device will face a series of security threats when accessing SIN,such as replay attacks,eavesdropping attacks,impersonation attacks,and man-in-the-middle attacks.These security threats will lead to illegal entity access and further endanger the reliability and availability of the system.Although scholars have proposed many enhanced security access authentication protocols,most of them have been proved to have security vulnerabilities.In addition,with the development of quantum computing,the previous authentication protocols based on some asymmetric cryptographic mechanisms such as discrete logarithm and elliptic curve cryptographic mechanisms may face new security challenges.In this context,this paper proposes a novel antiquantum access authentication protocol based on ring learning with errors(RLWE),which meets more security requirements and greatly reduces the authentication delay through prenegotiation.Through the security analysis and performance analysis,it is shown that our protocol can be more suitable for delaysensitive IoT devices to access SIN while ensuring higher security.
基金Project supported by the Zhejiang Provincial Natural Science Foundation of China(No.LQ14F040001)the National Natural Science Foundation of China(Nos.61274132,61234002)the K.C.Wong Magna Fund in Ningbo University,China
文摘A power balance static random-access memory(SRAM) for resistance to differential power analysis(DPA) is proposed. In the proposed design, the switch power consumption and short-circuit power consumption are balanced by discharging and pre-charging the key nodes of the output circuit and adding an additional shortcircuit current path. Thus, the power consumption is constant in every read cycle. As a result, the DPA-resistant ability of the SRAM is improved. In 65 nm CMOS technology, the power balance SRAM is fully custom designed with a layout area of 5863.6 μm^2.The post-simulation results show that the normalized energy deviation(NED) and normalized standard deviation(NSD) are 0.099% and 0.04%, respectively. Compared to existing power balance circuits, the power balance ability of the proposed SRAM has improved 53%.
