The Experts below are selected from a list of 102210 Experts worldwide ranked by ideXlab platform
Josep Domingo-ferrer - One of the best experts on this subject based on the ideXlab platform.
-
TPP: Traceable Privacy-Preserving Communication and Precise Reward for Vehicle-to-Grid Networks in Smart Grids
2015Co-Authors: Huaqun Wang, Qianhong Wu, Li Xu, Bo Qin, Josep Domingo-ferrerAbstract:In vehicle-to-grid (V2G) networks, Service providers are battery-powered vehicles, and the Service Consumer is the power grid. Security and privacy concerns are major obstacles for V2G networks to be extensively deployed. In 2011, Yang et al. proposed a very interesting privacy-preserving communication and precise reward architecture for V2G networks in smart grids. In this paper, we enhance Yang et al.'s framework with the formal definitions of unforgeability and restrictiveness. Then, we propose a new traceable privacy-preserving communication and precise reward scheme with available cryptographic primitives. The proposed scheme is formally proven secure with well-established assumptions in the random oracle model. Thorough theoretical and experimental analyses demonstrate that our scheme is efficient and practical for secure V2G networks in smart grids.
Shucheng Yu - One of the best experts on this subject based on the ideXlab platform.
-
p 2 privacy preserving communication and precise reward architecture for v2g networks in smart grid
2011Co-Authors: Zhenyu Yang, Shucheng YuAbstract:Vehicle-to-grid (V2G) networks are important components of the smart grid (SG) for their capability of providing better ancillary Services and facilitating the adoption of renewable resources. The operation of the V2G networks is based on continuously monitoring the status of individual battery vehicle (BV) as well as a carefully designed incentive scheme to attract sufficient participating BVs. However, the close monitoring tends to raise privacy concerns from the BV owners about identity and location information leakage, which have not been considered in previous works. In this paper, we make the first attempt to identify the privacy-preserving issues and propose a precise reward scheme in V2G networks, both of which are important towards bringing the concept of V2G network into practice. In V2G networks, it is the Service providers (individual BVs) who need privacy protection rather than the Service Consumer (power grid). This unique characteristic renders privacy protection solutions proposed for conventional network systems not directly applicable. To protect privacy of BVs in V2G networks, we present , a secure communication architecture which achieves privacy-preserving for both BVs' monitoring and rewarding processes. Extensive performance analysis shows that only incurs moderate communication and computational overheads.
Moussa Ouedraogo - One of the best experts on this subject based on the ideXlab platform.
-
Security transparency: the next frontier for security research in the cloud
2015Co-Authors: Moussa Ouedraogo, Severine Mignon, Herve Cholez, Steven Furnell, Eric DuboisAbstract:The recent advances in networking and the ubiquity of the Internet have enabled the emergence of cloud computing as a viable solution for a convenient, elastic and economical usage of Services. In spite of these apparent advantages, the cloud model presents some challenges that hamper its wider adoption, most of which relate to security and privacy. This paper provides a review of the current initiatives devised by both academia and industry for addressing the security concerns inherent to the cloud model. Our analysis of the state of the art reveals that although initiatives such as SLA and virtual machines monitoring, and recent development in encryption mechanisms, have contributed to addressing some of the salient issues of security and privacy in the cloud, larger initiatives, other than standards, aiming at enabling security transparency and a mutual auditability in the cloud remain to be seen. With this in mind, the paper proposes some routes towards related solutions by discussing a number of desiderata for establishing a better security transparency between a Cloud Service Provider (CSP) and a Cloud Service Consumer (CSC). Given the current reluctance of some major businesses to embrace the trend, owing mainly to the devolution of some of the security aspects to a third party, the authors argue that undertaking some initiatives in that direction is a key to sustaining the current momentum of the cloud.
-
selecting a cloud Service provider in the age of cybercrime
2013Co-Authors: Moussa Ouedraogo, Haralambos MouratidisAbstract:The benefits of resorting to the cloud, as an efficient way to provide Services, have long been recognised in the academic and industrial literature. However, as more and more companies are beginning to embrace the trend, it has also become clearer that the model offers unprecedented opportunities to cybercriminals: either by enabling them to compromise a myriad of Services in a single shot or by allowing cyber-criminals to amplify their capabilities through a leverage of the technology offered by the cloud. This paper highlights the importance of an informed choice of a Cloud Service Provider (CSP) in minimising one's exposure to the insecurity of a cloud context. The paper proposes a well-defined approach, known as the Complete-Auditable-Reportable or C.A.RE, as a way to minimise one's exposure to the insecurity we live within the cloud. The C.A.RE approach helps to determine the adequacy of a CSP sponsored security by assessing its completeness in addressing most, if not all, risks that a Service may be exposed to; the potential of that security to be adapted upon the identification of a security vulnerability during an audit, and how transparently such information is shared with the concerned Cloud Service Consumer (CSC). A level of assurance is associated to each of the C.A.RE parameters in order to help determine the overall trustworthiness of a CSP. The analysis and comparison of the C.A.RE approach to a well-known guideline as the Cloud Service Security Alliance guidelines, reveals that C.A.RE offers a clear and efficient way in determining a Trusted Cloud Service.
Haralambos Mouratidis - One of the best experts on this subject based on the ideXlab platform.
-
selecting a cloud Service provider in the age of cybercrime
2013Co-Authors: Moussa Ouedraogo, Haralambos MouratidisAbstract:The benefits of resorting to the cloud, as an efficient way to provide Services, have long been recognised in the academic and industrial literature. However, as more and more companies are beginning to embrace the trend, it has also become clearer that the model offers unprecedented opportunities to cybercriminals: either by enabling them to compromise a myriad of Services in a single shot or by allowing cyber-criminals to amplify their capabilities through a leverage of the technology offered by the cloud. This paper highlights the importance of an informed choice of a Cloud Service Provider (CSP) in minimising one's exposure to the insecurity of a cloud context. The paper proposes a well-defined approach, known as the Complete-Auditable-Reportable or C.A.RE, as a way to minimise one's exposure to the insecurity we live within the cloud. The C.A.RE approach helps to determine the adequacy of a CSP sponsored security by assessing its completeness in addressing most, if not all, risks that a Service may be exposed to; the potential of that security to be adapted upon the identification of a security vulnerability during an audit, and how transparently such information is shared with the concerned Cloud Service Consumer (CSC). A level of assurance is associated to each of the C.A.RE parameters in order to help determine the overall trustworthiness of a CSP. The analysis and comparison of the C.A.RE approach to a well-known guideline as the Cloud Service Security Alliance guidelines, reveals that C.A.RE offers a clear and efficient way in determining a Trusted Cloud Service.
Jian Ying Zhang - One of the best experts on this subject based on the ideXlab platform.
-
autonomous Service level agreement negotiation for Service composition provision
2007Co-Authors: Ryszard Kowalczyk, Mohan Baruwal Chhetri, Jian Ying ZhangAbstract:Efficient management of Service level agreements which specify mutually-agreed understandings and expectations of Service provision has been a subject of research for a few years. A critical issue in this area is for Service Consumers and Service providers to effectively achieve agreements on non-functional aspects of Service provision, such as quality of Service. However, this issue has not been well addressed, especially in the context of Service composition provision which implies the establishment of a set of interrelated agreements on quality of Service between the Service Consumer and multiple Service providers offering various Services in the composition. There is a lack of supporting frameworks and techniques to automatically and dynamically achieve agreements on quality of Service constraints for individual Services in a Service composition, aiming at fulfilling composition's end-to-end quality of Service requirements. This paper reports the authors' recent research in addressing this issue, using the agent technology. In this research, the Service level agreements for a Service composition are established through autonomous agent negotiation. To enable this, an innovative framework is proposed in which the Service Consumer is represented by a set of agents who negotiate quality of Service constraints with the Service providers for various Services in the composition. This negotiation is well coordinated in order to achieve end-to-end quality of Service requirements. Based on this framework, a new negotiation protocol is presented to support coordinated negotiation. A utility-function-based decision-making model is proposed based on which agents can proactively decide on the course of further actions. Moreover, this paper also contributes the novel design of the negotiation Web Service on the Service providers' side for the purpose of interoperability. Finally, the prototype implementation for the purpose of proof-of-concept is discussed.
