Papers by fariba ghaffari
Blockchain-based User Profile and Mobile Number Portability for Beyond 5G Mobile Communication Networks
2022 4th Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS)
NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium
Security considerations and requirements for Cloud computing
2016 8th International Symposium on Telecommunications (IST), 2016
Based on the standard definition of cloud computing developed by NIST, Cloud computing is a model... more Based on the standard definition of cloud computing developed by NIST, Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. Recent studies show security issues in cloud computing are considered as a major concern. There are different models that depict the responsibility of cloud providers and customers for securing the cloud computing environments based on different service models. To the best of our knowledge, despite there are various security standards and segregation of duty models, in most cases binding of security controls to use at each layers of the model is not specified. This problem leads to some ambiguities in how to use the existing security controls in different layers. In this paper, we will combine security standards and segregation of duty models of cloud computing to introduce a reference model and useful guidelines for securing the cloud computing environments. The proposed security reference model considers both the security requirements and controls in each service models and, for all cloud layers. Also, it separates the security responsibilities of cloud provider and cloud customer to manage security controls. Since this paper is concerned primarily all aspects of security requirements, it can be directly useful to individuals who want to provide or use the cloud computing environments.
Sensors
The attention on blockchain technology (BCT) to create new forms of relational reliance has seen ... more The attention on blockchain technology (BCT) to create new forms of relational reliance has seen an explosion of new applications and initiatives, to assure decentralized security and trust. Its potential as a game-changing technology relates to how data gets distributed and replicated over several organizations and countries. This paper provides an introduction to BCT, as well as a review of its technological aspects. A concrete application of outsource access control and pricing procedures in cellular networks, based on a decentralized access control-as-a-service solution for private cellular networks, is also presented. The application can be used by service and content providers, to provide new business models. The proposed method removes the single point of failure from conventional centralized access control systems, increasing scalability while decreasing operational complexity, regarding access control and pricing procedures. Design and implementation details of the new meth...
Private Cellular Network Deployment: Comparison of OpenAirInterface with Magma Core
2022 18th International Conference on Network and Service Management (CNSM), Oct 31, 2022
A New Adaptive Cyber-security Capability Maturity Model
2018 9th International Symposium on Telecommunications (IST)
One of the key indicators of success in deploying business processes in organizations is to pay a... more One of the key indicators of success in deploying business processes in organizations is to pay attention to the organization's current status and its proper targeting for the future. As our need to continuous planning and improvement, the maturity model is presented as a continuous and level-based performance evaluation tool. This model shows not only the current situation, but also the closest and most desirable situation for managers. Also, maturity model determines the amount of progress based on set of specific criteria. Since security is known as a process not a product, the maturity model is also used to measure the level of organization's security. Today, because of the growing importance of security, identifying the factors that can be used to assess the level of cyber security is the ability that organizations are trying to achieve. In this paper, based on the conditions of information security and technology maturity, examining different maturity models and reviewing content literature, we propose a comprehensive framework to defining the criteria for evaluation of organizational maturity.
Modares Journal of Electrical Engineering, 2016
During the past few years, the number of malware designed for Android devices has increased drama... more During the past few years, the number of malware designed for Android devices has increased dramatically. To confront with Android malware, some anomaly detection techniques have been proposed that are able to detect zero-day malware, but they often produce many false alarms that make them impractical for real-world use. In this paper, we address this problem by presenting DroidNMD, an ensemble-based anomaly detection technique that focuses on the network behavior of Android applications in order to detect Android malware. DroidNMD constructs an ensemble classifier consisting of multiple heterogeneous oneclass classifiers and uses an ordered weighted averaging (OWA) operator to aggregate the outputs of the one-class classifiers. Our work is motivated by the observation that combining multiple oneclass classifiers often produces higher overall classification accuracy than any individual one-class classifier. We demonstrate the effectiveness of DroidNMD using a real dataset of Android...
Cloud Security Issues Based on People, Process and Technology Model: A Survey
Combination of utility computing and World Wide Web is base of the cloud computing. The intrinsic... more Combination of utility computing and World Wide Web is base of the cloud computing. The intrinsic features of cloud computing have produced many competitive and computing benefits. The development of cloud computing and the expansion of service providers in this area has led to increase in investment in cloud computing. Large number of users on the one hand and increasing the number of sensitive data on cloud environments on the other hand, caused a dramatic growth in the motivation of malicious activities and as a result of security challenges. Solving the cloud computing security challenges need to proper knowledge of the security issues and the scope of their resolution. Security is a long-term product of interaction between people, process and technology. This categorization is based on possible solutions to security issues. Thus, the division of threats in these three areas can help the managers and security sectors to solve the security problems. Hence, in this paper, along wi...
Security Metrics: Principles and Security Assessment Methods
Nowadays, Information Technology is one of the important parts of human life and also of organiza... more Nowadays, Information Technology is one of the important parts of human life and also of organizations. Organizations face problems such as IT problems. To solve these problems, they have to improve their security sections. Thus there is a need for security assessments within organizations to ensure security conditions. The use of security standards and general metric can be useful for measuring the safety of an organization; however, it should be noted that the general metric which are applied to businesses in general cannot be effective in this particular situation. Thus it's important to select metric standards for different businesses to improve both cost and organizational security. The selection of suitable security measures lies in the use of an efficient way to identify them. Due to the numerous complexities of these metric and the extent to which they are defined, in this paper that is based on comparative study and the benchmarking method, taxonomy for security measure...
An Intelligent RFID-Enabled Authentication Protocol in VANET
Privacy is the key challenge in VANET which means that vehicles should be anonymous and untraceab... more Privacy is the key challenge in VANET which means that vehicles should be anonymous and untraceable to everyone except trusted entities. There are many solutions to provide security and privacy. One of these methods is RFID authentication protocols by which the tag and servers confirm the validity of the other party before sending data. One of the attacks that violates user privacy is the tracking attack. This attack can be done against authentication protocols. Kumar et al. developed an intelligent RFID-enabled authentication protocol in 2016. In this paper, at first we will show that the designed protocol is vulnerable to tracking attack and cannot meet the security features of untraceability and forward security. After this, the improved version of this protocol will be presented and we will show that the improved protocol has been able to meet the security features - untraceability and forward security- with the same computing.
As the first step in preserving system security, Authentication and Access Control (AAC) plays a ... more As the first step in preserving system security, Authentication and Access Control (AAC) plays a vital role in all businesses. Recently, emerging the blockchain and smart contract technology has attracted significant scientific interest in research areas like authentication and access control processes. In the context of authentication and access control, blockchain can offer greater data and rule confidentiality and integrity, as well as increasing the availability of the system by removing the single point of failure in the procedure. To categorize and find the most important open problems in this research area, having a comprehensive review is crucial. To the best of our knowledge, for the first time in this survey, we aim to describe the current state of the art in deploying blockchain and smart contracts specifically in authentication and access control. Following an introduction to AAC and blockchain technology, we present a brief background of distributed ledger technology, a...
IEEE Access
The dramatic rise in internet-based service provisioning has highlighted the importance of deploy... more The dramatic rise in internet-based service provisioning has highlighted the importance of deploying scalable access control methods, facilitating service authorization for eligible users. Existing centralized methods suffer from single-point-of-failure, low scalability, and high computational overhead. In addition, in these methods, users pay for the service provider as well as the network provider independently for a specific service, imposing extra cost for the user. New business models are needed to resolve such shortcomings. The realization of these models calls for sophisticated access control methods which consider the requirements of all parties who want to: 1) access a service; 2) provide that service; and 3) provide the network connection. Blockchain is an enabling technology that provides unprecedented opportunities to novel distributed access control methods for new business models. We propose an Attribute-based access control solution by leveraging Blockchain to share network providers' and service providers' resources. Our solution offers access flexibility based on the requirements of the parties while fulfilling reliability, accountability, and immutability. Besides, it decreases the overall service cost which is beneficial for each party. Our solution makes it possible for service providers to outsource their access control procedures without requiring a trusted third party. The experiments confirm that our solution can provide a fast, comprehensive, and scalable access control mechanism.
Proceedings of the SIGCOMM '21 Poster and Demo Sessions
Authentication and access control are among the vital procedures to build efficient networks. Exi... more Authentication and access control are among the vital procedures to build efficient networks. Existing centralized solutions suffer from vulnerabilities to DoS attacks, high maintenance costs, and high computational load. Blockchain can provide unprecedented opportunities to improve existing methods. In this paper, we propose a Blockchain-based access control mechanism for providing access to network resources. Removing the single point of failure, decreasing the computational cost and load, high scalability and immutability, and trustful payment are some of the main advantages of the proposed model. CCS CONCEPTS • Security and privacy → Access control; Mobile and wireless security; • Networks → Network management.
Identity and access management using distributed ledger technology: A survey
International Journal of Network Management
Uploads
Papers by fariba ghaffari