KINDI Center for Computing Research
http://hdl.handle.net/10576/68
2024-03-29T01:46:36ZDesign and Implementation of a Threat-Specific Security Risk Assessment Tool
http://hdl.handle.net/10576/52820
Design and Implementation of a Threat-Specific Security Risk Assessment Tool
Nhlabatsi, Armstrong; Hussein, Alaa; Fetais, Noora; Khan, Khaled M.
Security threats posed to individual cloud computing clients vary depending on their specific security requirements. However, Cloud Providers apply generic security risk assessment approaches which result do not consider client-specific security requirements. This results into unrealistic and inaccurate security risk evaluation. In this paper, we describe the detailed design and implementation of a security risk assessment tool. The tool supports a threat-specific method to security risk evaluation. The threat-specific method enables Cloud Providers to evaluate the security risk of their tenants based tenant-specific threats as dictated by their particular security requirements. Evaluation shows that the tool is highly usable, but lacks in scaleability.
2020-01-01T00:00:00ZWatermarking: A review of software and hardware techniques
http://hdl.handle.net/10576/52822
Watermarking: A review of software and hardware techniques
Sleit, Azzam; Fetais, Noora
Watermarking is a well-known technique traditionally used in banknotes and other documents to discourage counterfeiting. It usually consists of semi-transparent symbols embedded on paper. Similar concepts were applied to digital audio-visual Intellectual Properties (IPs). Several researchers have investigated digital watermarking with various contributions, implemented on both software and hardware platforms. In 1990, the modern study of digital watermarking was started by Tanaka et al. [1]. They suggested hiding information in multi-level dithered images as a form of secured military communications. Following that work, digital image watermarking arose, and recently the development of video watermarking algorithms became a growing field of research. Despite the fact that it is easier to implement a watermarking algorithm on a software platform, there is a strong motivation for a move towards hardware implementation. The hardware implementation offers several distinct advantages over the software implementation in terms low power, real-time, reliable and, secure watermarking systems.
2018-01-01T00:00:00ZA Practical Universal Consortium Blockchain Paradigm for Patient Data Portability on the Cloud Utilizing Delegated Identity Management
http://hdl.handle.net/10576/52821
A Practical Universal Consortium Blockchain Paradigm for Patient Data Portability on the Cloud Utilizing Delegated Identity Management
Sabir, Abdulbadi; Fetais, Noora
This paper presents a blockchain system that exploits the base modular features of the Hyperledger Fabric framework to allow for a new, patient-centric, practical data portability paradigm. The system empowers patients by allowing them to choose the entities they trust in the partially decentralized model, in an attempt to minimize the drawbacks associated with the resultant partial centralization. Data is stored in the cloud, and a fingerprint of the data is stored on the blockchain, allowing for data provenance, integrity, auditability and entity accountability. A simple yet effective method of identity management delegation is detailed, which accounts for and addresses human error in private key management in a practical manner.
2020-01-01T00:00:00ZThreat-specific security risk evaluation in the cloud
http://hdl.handle.net/10576/52819
Threat-specific security risk evaluation in the cloud
Nhlabatsi, Armstrong; Hong, Jin B.; Kim, Dong Seong; Fernandez, Rachael; Hussein, Alaa; Fetais, Noora; Khan, Khaled M.
Existing security risk evaluation approaches (e.g., asset-based) do not consider specific security requirements of individual cloud computing clients in the security risk evaluation. In this paper, we propose a threat-specific risk evaluation approach that uses various security attributes of the cloud (e.g., vulnerability information, the probability of an attack, and the impact of each attack associated with the identified threat(s)) as well as the client-specific security requirements in the cloud. Our approach allows a security administrator of the cloud provider to make fine-grained decisions for selecting mitigation strategies in order to protect the outsourced computing assets of individual clients based on their specific security needs against specific threats. This is different from the existing asset-based approaches where they do not have the functionalities to provide the security evaluation of the cloud with respect to specific threats. On the other hand, the proposed approach enables security administrators to compute a range of more effective client-specific countermeasures with respect to the importance of security requirements and threats. The experimental evaluation results demonstrate that effective security solutions vary due to specific threats prioritized by different clients for an application in the cloud. Further, the proposed approach is not limited to only the cloud-based systems, but can easily be adopted to other networked systems. We have also developed a software tool to support the proposed approach.
2021-01-01T00:00:00Z