|
مجال التميز |
تميز دراسي وبحثي |
|
|
|
|
البحوث المنشورة |
|
|
البحث (1): |
|
|
عنوان البحث: |
Investigating the security factors in cloud computing adoption: towards developing an integrated framework |
|
رابط إلى البحث: |
|
|
تاريخ النشر: |
06/06/2016 |
|
موجز عن البحث: |
There are several benefits of using cloud computing in organizations and government agencies such as cost saving and flexibility in getting resources. Cloud computing plays a significant changing in organizations since it allows the users to access the service anytime and everywhere via networks, with paying for using only. In developing countries, such as Saudi Arabia, the cloud computing is still in its early time not widely adopted, compared to countries in the west. In order to promote the adoption of cloud computing, it is important to recognize an important and specific issue related to cloud computing is the potential and perceived security factors that posed by implementing the technology. Hence, the aim of this study is to investigate the security factors that influence organization and government agencies to adopt cloud computing in a Saudi Arabia context. This paper proposed a framework identifies the key factors for the successful adoption of cloud computing, focused on risks, social and security benefits when implementing security in the cloud services. The proposed framework is involving of three categories, social factors category, cloud security risks category and perceived cloud security benefits. The finding showed that all the proposed factors in the framework were statistically significant, except one factors under perceived cloud security benefits were not statically significant. |
|
|
|
|
البحث (2): |
|
|
عنوان البحث: |
Toward Confirming a Framework for Securing the Virtual Machine Image in Cloud Computing |
|
رابط إلى البحث: |
|
|
تاريخ النشر: |
11/04/2017 |
|
موجز عن البحث: |
The concept of cloud computing has arisen thanks to academic work in the fields of utility computing, distributed computing, virtualisation, and web services. By using cloud computing, which can be accessed from anywhere, newly-launched businesses can minimise their start-up costs. Among the most important notions when it comes to the construction of cloud computing is virtualisation. While this concept brings its own security risks, these risks are not necessarily related to the cloud. The main disadvantage of using cloud computing is linked to safety and security. This is because anybody which chooses to employ cloud computing will use someone else’s hard disk and CPU in order to sort and store data. In cloud environments, a great deal of importance is placed on guaranteeing that the virtual machine image is safe and secure. Indeed, a previous study has put forth a framework with which to protect the virtual machine image in cloud computing. As such, the present study is primarily concerned with confirming this theoretical framework so as to ultimately secure the virtual machine image in cloud computing. This will be achieved by carrying out interviews with experts in the field of cloud security. |
|
|
|
|
البحث (3): |
|
|
عنوان البحث: |
Validation of an Adaptive Risk-based Access Control Model for the Internet of Things |
|
رابط إلى البحث: |
|
|
تاريخ النشر: |
04/01/2017 |
|
موجز عن البحث: |
The Internet of Things (IoT) has spread into multiple dimensions that incorporate different physical and virtual things. These things are connected together using different communication technologies to provide unlimited services. These services help not only to improve the quality of our daily lives, but also to provide a communication platform for increasing object collaboration and information sharing. Like all new technologies, the IoT has many security challenges that stand as a barrier to the successful implementation of IoT applications. These challenges are more complicated due to the dynamic and heterogeneous nature of IoT systems. However, authentication and access control models can be used to address the security issue in the IoT. To increase information sharing and availability, the IoT requires a dynamic access control model that takes not only access policies but also real-time contextual information into account when making access decisions. One of the dynamic features is the security risk. This paper proposes an Adaptive Risk-Based Access Control (AdRBAC) model for the IoT and discusses its validation using expert reviews. The proposed AdRBAC model conducts a risk analysis to estimate the security risk value associated with each access request when making an access decision. This model has four inputs/risk factors: user context, resource sensitivity, action severity and risk history. These risk factors are used to estimate a risk value associated with the access request to make the access decision. To provide the adaptive features, smart contracts will be used to monitor the user behaviour during access sessions to detect any malicious actions from the granted users. To validate and refine the proposed model, twenty IoT security experts from inside and outside the UK were interviewed. The experts have suggested valuable information that will help to specify the appropriate risk factors and risk estimation technique for implantation of the AdRBAC model. |
|
|
|
| البحث (4): | |
| عنوان البحث: | Blockchain with Internet of Things: Benefits, Challenges, and Future Directions |
| رابط إلى البحث: | Click Here |
| تاريخ النشر: | 08/06/2018 |
| موجز عن البحث: | The Internet of Things (IoT) has extended the internet connectivity to reach not just computers and humans, but most of our environment things. The IoT has the potential to connect billions of objects simultaneously which has the impact of improving information sharing needs that result in improving our life. Although the IoT benefits are unlimited, there are many challenges facing adopting the IoT in the real world due to its centralized server/client model. For instance, scalability and security issues that arise due to the excessive numbers of IoT objects in the network. The server/client model requires all devices to be connected and authenticated through the server, which creates a single point of failure. Therefore, moving the IoT system into the decentralized path may be the right decision. One of the popular decentralization systems is blockchain. The Blockchain is a powerful technology that decentralizes computation and management processes which can solve many of IoT issues, especially security. This paper provides an overview of the integration of the blockchain with the IoT with highlighting the integration benefits and challenges. The future research directions of blockchain with IoT are also discussed. We conclude that the combination of blockchain and IoT can provide a powerful approach which can significantly pave the way for new business models and distributed applications. |
|
المؤتمرات العلمية: |
|
|
المؤتمر (1): |
|
|
عنوان المؤتمر: |
IEEE International Conference on Smart Cloud 2016 |
|
تاريخ الإنعقاد: |
18/11/2016 |
|
مكان الإنعقاد: |
New York, USA |
|
طبيعة المشاركة: |
Paper presentation |
|
عنوان المشاركة: |
A Framework to Secure the Virtual Machine Image in Cloud Computing |
|
ملخص المشاركة: |
Cloud computing which uses outsourcing and remote processing of applications first appeared about ten years ago. Cloud Computing built on research in virtualization, distributed computing, utility computing, and web services. It reduces the information technology overhead for starting a new business and it can be accessed from anywhere. One of the concepts used for constructing cloud computing is virtualization, which has its own security risks, but they are not specific to the cloud. The key drawback to adopting cloud computing is security since clients use someone else’s CPU and hard disk for processing and storing data. This paper proposes a security framework to secure Virtual Machine Images in a virtualization layer in the cloud environment. Securing the virtual machine image is significant as it will most probably affect the security of cloud computing. |
|
|
|
|
المؤتمر (2): |
|
|
عنوان المؤتمر: |
5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering 2017 |
|
تاريخ الإنعقاد: |
06-10/04/2017 |
|
مكان الإنعقاد: |
San Fransisco, USA |
|
طبيعة المشاركة: |
Paper presentation |
|
عنوان المشاركة: |
A Framework for Cloud Forensic Readiness in Organizations |
|
ملخص المشاركة: |
Many have argued that cloud computing is one of the fastest growing and most transformative technologies in the history of computing. It has radically changed the way in which information technologies can manage, access, deliver and create services. It has also brought numerous benefits to end-users and organizations. However, this rapid growth in cloud computing adoption has also seen it become a new arena for cybercrime. This has, in turn, led to new technical, legal and organizational challenges. In addition to the large number of attacks which affect cloud computing and the decentralized nature of data processing in the cloud, many concerns have been raised. One of these concerns is how to conduct a proper digital investigation in cloud environments and be ready to collect data proactively before an incident occurs in order to save time, money and effort. This paper proposes the technical, legal and organizational factors that influence digital forensic readiness for Infrastructure as a Service consumers. |
|
|
|
|
الرابط: |
|
|
|
|
|
المؤتمر (3): |
|
|
عنوان المؤتمر: |
IoTBDS 2017 : 2nd International Conference on Internet of Things, Big Data and Security |
|
تاريخ الإنعقاد: |
24/04/2017 |
|
مكان الإنعقاد: |
Porto, Portugal |
|
طبيعة المشاركة: |
Paper presentation |
|
عنوان المشاركة: |
IoT Forensic: Bridging the Challenges in Digital Forensic and the Internet of Things |
|
ملخص المشاركة: |
The smart devices have been used in the most major domain like the healthcare, transportation, smart home, smart city and more. However, this technology has been exposed to many vulnerabilities, which may lead to cybercrime through the devices. With the IoT constraints and low-security mechanisms applied, the device could be easily been attacked, treated and exploited by cyber criminals where the smart devices could provide wrong data where it can lead to wrong interpretation and actuation to the legitimate users. To comply with the IoT characteristics, two approaches towards of having the investigation for IoT forensic is proposed by emphasizing the pre-investigation phase and implementing the real-time investigation to ensure the data and potential evidence is collected and preserved throughout the investigation. |
|
|
|
|
المؤتمر (4): |
|
|
عنوان المؤتمر: |
IoTBDS 2017: 2nd International Conference on Internet of Things, Big Data and Security |
|
تاريخ الإنعقاد: |
24/04/2017 |
|
مكان الإنعقاد: |
Porto, Portugal |
|
طبيعة المشاركة: |
Paper presentation |
|
عنوان المشاركة: |
An Overview of Risk Estimation Techniques in Risk-based Access Control for the Internet of Things |
|
ملخص المشاركة: |
The Internet of Things (IoT) represents a modern approach where boundaries between real and digital domains are progressively eliminated by changing over consistently every physical device to smart object ready to provide valuable services. These services provide a vital role in different life domains but at the same time create new challenges particularly in security and privacy. Authentication and access control models are considered as the essential elements to address these security and privacy challenges. Risk-based access control model is one of the dynamic access control models that provides more flexibility in accessing system resources. This model performs a risk analysis to estimate the security risk associated with each access request and uses the estimated risk to make the access decision. One of the essential elements in this model is the risk estimation process. Estimating risk is a complex operation that requires the consideration of a variety of factors in the access control environment. Moreover, the interpretation and estimation of the risk might vary depending on the working domain. This paper presents a review of different risk estimation techniques. Existing risk-based access control models are discussed and compared in terms of the risk estimation technique, risk factors, and the evaluation domain. Requirements for choosing the appropriate risk estimation technique for the IoT system are also demonstrated. |
|
|
|
|
المؤتمر (5): |
|
|
عنوان المؤتمر: |
7th International Conference on Cloud Computing and Services Science – CLOSER 2017 |
|
تاريخ الإنعقاد: |
24/04/2017 |
|
مكان الإنعقاد: |
Porto, Portugal |
|
طبيعة المشاركة: |
Paper presentation |
|
عنوان المشاركة: |
The Impact of Cloud Forensic Readiness on Security |
|
ملخص المشاركة: |
The rapid increase in the use of cloud computing has led it to become a new arena for cybercrime. Since cloud environments are, to some extent, a new field for digital forensics, a number of technical, legal and organisational challenges have been raised. Although security and digital forensics share the same concerns, when an attack occurs, the fields of security and digital forensics are considered different disciplines. This paper argues that cloud security and digital forensics in cloud environments are converging fields. As a result, unifying security and forensics by being forensically ready and including digital forensics aspects in security mechanisms would enhance the security level in cloud computing, increase forensic capabilities and prepare organizations for any potential attack. |
|
|
|
|
المؤتمر (6): |
|
|
عنوان المؤتمر: |
IEEE International Conference on Internet of Things (iThings) 2017 |
|
تاريخ الإنعقاد: |
21/06/2017 |
|
مكان الإنعقاد: |
Exeter, UK |
|
طبيعة المشاركة: |
Paper presentation |
|
عنوان المشاركة: |
Developing an adaptive Risk-based access control model for the Internet of Things |
|
ملخص المشاركة: |
The Internet of Things (IoT) is creating a revolution in the number of connected devices. Cisco reported that there were 25 billion IoT devices in 2015 and modest estimation that this number will almost double by 2020. Society has become dependent on these billions of devices, devices that are connected and communicating with each other all the time with information constantly share between users, services, and internet providers. The emergent IoT devices as a technology are creating a huge security rift between users and usability, sacrificing usability for security created a number of major issues. First, IoT devices are classified under Bring Your Own Device (BYOD) that blows any organization security boundary and make them a target for espionage or tracking. Second, the size of the data generated from IoT makes big data problems pale in comparison not to mention IoT devices need a real-time response. Third, is incorporating secure access and control for IoT devices ranging from edge nodes devices to application level (business intelligence reporting tools) is a challenge because it has to account for several hardware and application levels. Establishing a secure access control model between different IoT devices and services is a major milestone for the IoT. This is important because data leakage and unauthorized access to data have a high impact on our IoT devices. However, traditional access control models with the static and rigid infrastructure cannot provide the required security for the IoT infrastructure. |
|
|
|
|
المؤتمر (7): |
|
|
عنوان المؤتمر: |
IEEE International Conference on Internet of Things (iThings) 2017 |
|
تاريخ الإنعقاد: |
21/06/2017 |
|
مكان الإنعقاد: |
Exeter, UK |
|
طبيعة المشاركة: |
Paper presentation |
|
عنوان المشاركة: |
Integration of Cloud Computing with Internet of Things: Challenges and Open Issues |
|
ملخص المشاركة: |
The Internet of Things (IoT) is becoming the next Internet-related revolution. It allows billions of devices to be connected and communicate with each other to share information that improves the quality of our daily lives. On the other hand, Cloud Computing provides on-demand, convenient and scalable network access which makes it possible to share computing resources; indeed, this, in turn, enables dynamic data integration from various data sources. There are many issues standing in the way of the successful implementation of both Cloud and IoT. The integration of Cloud Computing with the IoT is the most effective way on which to overcome these issues. The vast number of resources available on the Cloud can be extremely beneficial for the IoT, while the Cloud can gain more publicity to improve its limitations with real world objects in a more dynamic and distributed manner. This paper provides an overview of the integration of the Cloud into the IoT by highlighting the integration benefits and implementation challenges. Discussion will also focus on the architecture of the resultant Cloud-based IoT paradigm and its new applications scenarios. Finally, open issues and future research directions are also suggested. |
المرفقات
- https://uksacb.org/wp-content/uploads/2018/05/An-Overview-of-Risk-estimation-techniques-in-risk-based-access-control-for-the-Internet-of-Things.pdf
- https://uksacb.org/wp-content/uploads/2018/05/IoT-Forensic-2.pdf
- https://uksacb.org/wp-content/uploads/2018/05/Risk-based-access-control-model-2.pdf
- https://uksacb.org/wp-content/uploads/2018/05/SmartCloud_AttendLetter-2.pdf
- https://uksacb.org/wp-content/uploads/2018/05/An-Overview-of-Risk-estimation-techniques-in-risk-based-access-control-for-the-Internet-of-Things.pdf
- https://uksacb.org/wp-content/uploads/2018/05/IoT-Forensic-2.pdf
- https://uksacb.org/wp-content/uploads/2018/05/Risk-based-access-control-model-2.pdf
- https://uksacb.org/wp-content/uploads/2018/05/SmartCloud_AttendLetter-2.pdf
