Implementation of load management application system using smart grid privacy policy in energy management service environment

As the Smart grid is intelligent power grid, combining information Technology to the existing power grid. Electricity suppliers and consumers exchange real-time information to two-way and is a next-generation power grid to optimize energy efficiency. This paper suggests the implementation of load management application system using smart grid privacy policy in energy management service in energy management service environment. The structure of the privacy policy-based protection system using load management system in the smart grid environment is the structure that serves data in the load management system to the web through the application service network. For this, the privacy policy-based protection system suggested and developed the smart grid privacy policy-based protection system which controls service access by protecting items related to the personal information of the user and setting the privacy protection level for each item.     

Information Theoretically Secure,Enhanced Johnson Noise Based Key Distribution over the Smart Grid with Switched Filters

We introduce a protocol with a reconfigurable filter system to create non-overlapping single loops in the smart power grid for the realization of the Kirchhoff-Law-Johnson-(like)-Noise secure key distribution system. The protocol is valid for one-dimensional radial networks (chain-like power line) which are typical of the electricity distribution network between the utility and the customer. The speed of the protocol (the number of steps needed) versus grid size is analyzed. When properly generalized, such a system has the potential to achieve unconditionally secure key distribution over the smart power grid of arbitrary geometrical dimensions.     

Anonymous Three-Party Password-Authenticated Key Exchange Scheme for Telecare Medical Information Systems

Telecare Medical Information Systems (TMIS) provide an effective way to enhance the medical process between doctors, nurses and patients. For enhancing the security and privacy of TMIS, it is important while challenging to enhance the TMIS so that a patient and a doctor can perform mutual authentication and session key establishment using a third-party medical server while the privacy of the patient can be ensured. In this paper, we propose an anonymous three-party password-authenticated key exchange (3PAKE) protocol for TMIS. The protocol is based on the efficient elliptic curve cryptosystem. For security, we apply the pi calculus based formal verification tool ProVerif to show that our 3PAKE protocol for TMIS can provide anonymity for patient and doctor while at the same time achieves mutual authentication and session key security. The proposed scheme is secure and efficient, and can be used in TMIS.     

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes’ participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.’s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.’s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.     

Robust Biometrics Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.’s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.     

Security-driven scheduling for data-intensive applications on grids

Security-sensitive applications that access and generate large data sets are emerging in various areas including bioinformatics and high energy physics. Data grids provide such data-intensive applications with a large virtual storage framework with unlimited power. However, conventional scheduling algorithms for data grids are unable to meet the security needs of data-intensive applications. In this paper we address the problem of scheduling data-intensive jobs on data grids subject to security constraints. Using a security- and data-aware technique, a dynamic scheduling strategy is proposed to improve quality of security for data-intensive applications running on data grids. To incorporate security into job scheduling, we introduce a new performance metric, degree of security deficiency, to quantitatively measure quality of security provided by a data grid. Results based on a real-world trace confirm that the proposed scheduling strategy significantly improves security and performance over four existing scheduling algorithms by up to 810% and 1478%, respectively.

Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme

With the security requirements of networks, biometrics authenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.’s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks.     

Design and analysis of a distributed grid resource discovery protocol

Computational grids have been emerging as a new paradigm for solving large complex problems over the recent years. The problem space and data set are divided into smaller pieces that are processed in parallel over the grid network and reassembled upon completion. Typically, resources are logged into a resource broker that is somewhat aware of all of the participants available on the grid. The resource broker scheme can be a bottleneck because of the amount of computational power and network bandwidth needed to maintain a fresh view of the grid. In this paper, we propose to place the load of managing the network resource discovery on to the network itself: inside of the routers. In the proposed protocol, the routers contain tables for resources similar to routing tables. These resource tables map IP addresses to the available computing resource values, which are provided through a scoring mechanism. Each resource provider is scored based on the attributes they provide such as the number of processors, processor frequency, amount of memory, hard drive space, and the network bandwidth. The resources are discovered on the grid by the protocol’s discovery packets, which are encapsulated within the TCP/IP packets. The discovery packet visits the routers and look up in the resource tables until a satisfactory resource is found. The protocol is validated by simulations with five different deployment environments.     

MIPE: a practical memory integrity protection method in a trusted execution environment

With the rapid development of Internet of Things technology and the promotion of embedded devices’ computation performance, smart devices are probably open to security threats and attacks while connecting with rich and novel Internet. Attracting lots of attention in embedded system security community recently, Trusted Execution Environment (TEE), allows for the execution of arbitrary code within environments completely isolated from the rest of a system. However, existing memory protection methods in a TEE are inadequate. In general, the software-based formal methods are not practical and the hardware-based implementation approaches lack of theoretical proof. To address the memory isolation and protection problems in TEE, in this paper, we propose a practical memory integrity protection method on an ARM-based platform, called MIPE, to defend against security threats including kernel data attacks and direct memory access attacks. MIPE utilizes TrustZone technique to create a isolated execution environment, which can protect the sensitive code and data against attacks. To present the integrity protection strategies, we provide the design of MIPE using B method, which is a practical formal method. We also implement MIPE on the Xilinx Zynq ZC702 evaluation board. The evaluation results show that the automatic proof rate of machines using B method is about 78.32%, and the proposed method is effective and feasible in terms of both load time and overhead.     

An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user’s management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.’s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.’s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.’s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties.     

Mutual authentication scheme of IoT devices in fog computing environment

The radical shift in the technology with the advent of connected things has led to the significant proliferation in demand for IoT devices, commonly called ‘smart devices’. These devices are capable of data collection, which can help in umpteen applications, particularly in healthcare. With the tremendous growth in these resource-constrained end devices, there has been a substantial increase in the number of attack varieties. Since these end devices deal with the sensitive data that might cause severe damage if not handled properly. Hence, defending its integrity, preserving its privacy, and maintaining its confidentiality as well as availability is of utmost importance. However, there are many protocols, models, architecture tools, etc. proposed to provide security. Nevertheless, almost every solution propound so far is not fully resilient and lacks in giving full protection to the system in some way or the other. So here, we have proposed a lightweight anonymous mutual authentication scheme for end devices and fog nodes.

     

Resilient sensor authentication in SCADA by integrating physical unclonable function and blockchain

Industrial Control Systems and Supervisory Control and Data Acquisition (ICS/SCADA) systems are profound backbones of the national critical infrastructures and are essential to the sustainability of society since they help monitoring and controlling the cyber-enable services, such as energy, transportation, healthcare, etc. Modern SCADA systems continue to use the legacy communication protocols that lack adequate security mechanisms to provide trusted device authentication and ensure data flow integrity. Furthermore, advent of state-of-the-art network-capable sensor technology exposes many unique vulnerabilities to the adversaries. Thus, integrity of the data originated from field sensors along with their identity must be managed carefully in order to enhance reliability of ICS/SCADA ecosystems. In this paper, we present a blockchain-based SRAM PUF Authentication and Integrity (BloSPAI) protocol that aims to ensure a continuous authentication of field sensors and provide a robust data flow integrity process by leveraging distributed ledger and hardware security primitives. The prototype of the protocol has been implemented in a sensor-integrated Raspberry PI testbed that is interfaced with a permissioned blockchain network. We discuss the performance and overhead aspects of the proposed BloSPAI protocol and compare with state-of-art cybersecurity solutions. Through experimental evaluation demonstrates the relationship between the size of the blockchain network impacts the throughput in terms of time to commit transactions and overall systems setup time.

     

Preparation of macromolecular complexes for cryo-electron microscopy

This protocol describes the preparation of frozen-hydrated single-particle specimens of macromolecular complexes. First, it describes how to create a grid surface coated with holey carbon by first inducing holes in a Formvar film to act as a template for the holey carbon that is stable under cryo-electron microscopy (cryo-EM) conditions and is sample-friendly. The protocol then describes the steps required to deposit the homogeneous sample on the grid and to plunge-freeze the grid into liquid ethane at the temperature of liquid nitrogen, so that it is suitable for cryo-EM visualization. It takes 4-5 h to make several hundred holey carbon grids and about 1 h to make the frozen-hydrated grids. The time required for sample purification varies from hours to days, depending on the sample and the specific procedure required. A companion protocol details how to collect cryo-EM data using an FEI Tecnai transmission electron microscope that can subsequently be processed to obtain a three-dimensional reconstruction of the macromolecular complex.     

Availability analysis and case study of mobile-OTP key generation using skip sampling of voice

As the applications of mobile and ubiquitous technologies have become more extensive, the communication security issues of those applications are emerging as the most important concern. Therefore, studies are active in relation with various techniques and system applications for individual security elements. In this paper, we proposed a new technique which uses the voice features in order to generate mobile one time passwords (OTPs) and generated safe and variable and safe passwords for one time use, using voice information of biometrics, which is used for powerful personal authentication optionally. Also, we performed the availability analysis on homomorphic variability of voice feature points using dendrogram and distribution of 15 users’ voice skip sampling of feature points for the proposed password generation method. And we have described the application cases of the proposed mobile-OTP using skip sampling of voice signal.     

Visualization of macromolecular complexes using cryo-electron microscopy with FEI Tecnai transmission electron microscopes

This protocol details the steps used for visualizing the frozen-hydrated grids as prepared following the accompanying protocol entitled 'Preparation of macromolecular complexes for visualization using cryo-electron microscopy.' This protocol describes how to transfer the grid to the microscope using a standard cryo-transfer holder or, alternatively, using a cryo-cartridge loading system, and how to collect low-dose data using an FEI Tecnai transmission electron microscope. This protocol also summarizes and compares the various options that are available in data collection for three-dimensional (3D) single-particle reconstruction. These options include microscope settings, choice of detectors and data collection strategies both in situations where a 3D reference is available and in the absence of such a reference (random-conical and common lines).     

A decentralized fault tolerance model based on level of performance for grid environment

Computational grids have the potential for solving large-scale scientific problems using heterogeneous and geographically distributed resources. At this scale, computer resources and network failures are no more exceptions, but belong to the normal system behavior. Therefore, one of the most valuable characteristics of grid tools, apart from the performance they can achieve, is fault tolerance, which is a significant and complex issue in grid computing systems. In this paper, we propose a fault tolerant model for grid computing systems namely DCFT. This model is based on dynamic colored graphs without replication of computer resources. The proposed faut tolerance model consists of two stages. In the first stage, each node is described by a state vector. We color each attribute of the state vector as three colors (green, blue and red) based on its level of performance. In the second stage, we classify the nodes of a grid into three categories: the identical computer resources in term of performance, the more efficient ones and the less efficient ones. We used the colors of the nodes to develop a new strategy for fault tolerance based on the level of performance. A simulation of the proposed model using SimGrid simulator and Graphstream is conducted. Experimental results show that the proposed model performs very well in a large grid environment.     

Life cycle assessment of an offshore grid interconnecting wind farms and customers across the North Sea

Purpose

This study aims to contribute to an improved understanding of the environmental implications of offshore power grid and wind power development pathways. To achieve this aim, we present two assessments. First, we investigate the impacts of a North Sea power grid enabling enhanced trade and integration of offshore wind power. Second, we assess the benefit of the North Sea grid and wind power through a comparison of scenarios for power generation in affected countries.

Methods

The grid scenario explored in the first assessment is the most ambitious scenario of the Windspeed project and is the result of cost minimization analysis using a transmission-expansion-planning model. We develop a hybrid life cycle inventory for array cables; high voltage, direct current (HVDC) links; and substations. The functional unit is 1 kWh of electricity transmitted. The second assessment compares two different energy scenarios of Windspeed for the North Sea and surrounding countries. Here, we utilize a life cycle inventory for offshore grid components together with an inventory for a catalog of power generation technologies from Ecoinvent and couple these inventories with grid configurations and electricity mixes determined by the optimization procedure in Windspeed.

Results and discussion

Developing, operating, and dismantling the grid cause emissions of 2.5 g CO₂-Eq per kWh electricity transmission or 36 Mt CO₂-Eq in total. HVDC cables are the major cause of environmental damage, causing, for example, half of total climate change effects. The next most important contributors are substations and array cabling used in offshore wind parks. Toxicity and eutrophication effects stem largely from leakages from disposed copper and iron mine tailings and overburden. Results from the comparison of two scenarios demonstrate a substantial environmental benefit from the North Sea grid extension and the associated wind power development compared with an alternative generation of electricity from fossil fuels. Offshore grid and wind power, however, entail an increased use of metals and, hence, a higher metal depletion indicator.

Conclusions

We present the first life cycle assessment of a large offshore power grid, using the results of an energy planning model as input. HVDC links are the major cause of environmental damage. There are differences across impact categories with respect to which components or types of activities that are responsible for damage. The North Sea grid and wind power are environmentally beneficial by an array of criteria if displacing fossil fuels, but cause substantial metal use.     

Robust IoT-based nursing-care support system with smart bio-objects

Background

The significant advancement in the mobile sensing technologies has brought great interests on application development for the Internet-of-Things (IoT). With the advantages of contactlessness data retrieval and efficient data processing of intelligent IoT-based objects, versatile innovative types of on-demand medical relevant services have promptly been developed and deployed. Critical characteristics involved within the data processing and operation must thoroughly be considered. To achieve the efficiency of data retrieval and the robustness of communications among IoT-based objects, sturdy security primitives are required to preserve data confidentiality and entity authentication.

Methods

A robust nursing-care support system is developed for efficient and secure communication among mobile bio-sensors, active intelligent objects, the IoT gateway and the backend nursing-care server in which further data analysis can be performed to provide high-quality and on-demand nursing-care service.

Results

We realize the system implementation with an IoT-based testbed, i.e. the Raspberry PI II platform, to present the practicability of the proposed IoT-oriented nursing-care support system in which a user-friendly computation cost, i.e. 6.33 ms, is required for a normal session of our proposed system. Based on the protocol analysis we conducted, the security robustness of the proposed nursing-care support system is guaranteed.

Conclusions

According to the protocol analysis and performance evaluation, the practicability of the proposed method is demonstrated. In brief, we can claim that our proposed system is very suitable for IoT-based environments and will be a highly competitive candidate for the next generation of nursing-care service systems.

     

基于生态-经济比较优势视角的建设用地空间优化配置研究——以扬州市为例

随着生态空间日益萎缩,生态环境不断恶化,经济发展与生态保护矛盾日趋加剧。为了协调经济发展空间与生态保护空间的矛盾问题,促进生态、经济协调持续发展,综合运用景观生态学方法与经济学原理,从"生态-经济"比较优势视角对建设用地指标进行空间优化配置。运用景观安全格局方法构建区域综合生态安全格局,据此计算空间单元的生态重要性指数,采用最小累积阻力模型对区域建设用地开发经济适宜性进行评价,计算空间单元的建设用地开发经济适宜性指数;其次运用生态重要性指数与经济适宜性指数计算建设用地开发比较优势度,以比较优势约束性满足程度为目标函数构建建设用地空间优化配置模型,并用蒙特卡洛(Monte Carol)法对之求解。以江苏省扬州市为例作了实证研究。结果显示,未来扬州市建设用地向南部经济发达地区集中,北部地区主要承担生态保护功能;建设用地配置结果呈现出经济发展与生态保护的错位格局,有助于扬州市生态保护与经济发展。从"生态-经济"比较优势视角提出了建设用地空间优化配置方法,为土地利用规划及生态保护规划编制提供了科学依据。     

Efficient TPA-based auditing scheme for secure cloud storage

In recent years, how to design efficient auditing protocol to verify the integrity of users’ data, which is stored in cloud services provider (CSP), becomes a research focus. Homomorphic message authentication code (MAC) and homomorphic signature are two popular techniques to respectively design private and public auditing protocols. On the one hand, it is not suitable for the homomorphic-MAC-based auditing protocols to be outsourced to third-party auditor (TPA), who has more professional knowledge and computational abilities, although they have high efficiencies. On the other hand, the homomorphic-signature-based ones are very suitable for employing TPA without compromising user’s signing key but have very low efficiency (compared to the former case). In this paper, we propose a new auditing protocol, which perfectly combines the advantages of above two cases. In particular, it is almost as efficient as a homomorphic-MAC-based protocol proposed by Zhang et al. recently. Moreover, it is also suitable for outsourcing to TPA because it does not compromise the privacy of users’ signing key, which can be seen from our security analysis. Finally, numerical analysis and experimental results demonstrate the high-efficiency of our protocol.