The Trade-Off Between Performance and Security of Virtualized Trusted Execution Environment on Android

Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for satisfying the inviolable property by taking advantage of hardware security.However,for Android,TEE technologies still contain restrictions and limitations.The first issue is that non-original equipment manufacturer developers have limited access to the functionality of hardware-based TEE.Another issue of hardware-based TEE is the cross-platform problem.Since every mobile device supports different TEE vendors,it becomes an obstacle for developers to migrate their trusted applications to other Android devices.A software-based TEE solution is a potential approach that allows developers to customize,package and deliver the product efficiently.Motivated by that idea,this paper introduces a VTEE model,a software-based TEE solution,on Android devices.This research contributes to the analysis of the feasibility of using a virtualized TEE on Android devices by considering two metrics:computing performance and security.The experiment shows that the VTEE model can host other software-based TEE services and deliver various cryptography TEE functions on theAndroid environment.The security evaluation shows that adding the VTEE model to the existing Android does not addmore security issues to the traditional design.Overall,this paper shows applicable solutions to adjust the balance between computing performance and security.

Food Security Problems and Solutions in China Based on the Strategy of Sustainable Agricultural Development

China attaches great importance to food security.With the strong promotion of the government,Chinas grain output has achieved a great feat from"shortage"to"surplus in bumper years"and then to"rising steadily",achieving a record"increase for the tenth consecutive year".From the current balance of food supply and demand in China,the food security situation can be guaranteed on the whole.However,if we analyze the food security in China from the perspective of agricultural sustainable development strategy,there are some difficulties,such as the reduction of cultivated land area,the decline of cultivated land quality,the fragility of agricultural ecological environment,and the transformation of residentsconsumption structure.This paper analyzes the difficulties faced by the development of food security in China under the strategy of sustainable agricultural development,and puts forward that to implement the strategy of sustainable agricultural development,it is necessary to realize the coordinated development of food security,science and technology,ecological environment,resources and society.

An Immunity-Based IOT Environment Security Situation Awareness Model

To effectively perceive network security situation under IOT environment, an Immunity-based IOT Environment Security Situation Awareness (IIESSA) model is proposed. In IIESSA, some formal definitions for self, non-self, antigen and detector are given. According to the relationship between the antibody-concentration of memory detectors and the intensity of network attack activities, the security situation evaluation method under IOT environment based on artificial immune system is presented. And then according to the situation time series obtained by the mentioned evaluation method, the security situation prediction method based on grey prediction theory is presented for forecasting the intensity and security situation of network attack activities that the IOT environment will be suffered in next step. The experimental results show that IIESSA provides a novel and effective model for perceiving security situation of IOT environment.

Urban Market-Gardening in Parakou (Republic of Benin): Spatial Dynamics, Food Security, Protection of the Environment and Creation of Employments

Nowadays, African cities are subjected to upsets which result from the extraordinary growth of urban populations. The growth of the population of cities has induced some changes in the structure of the activity of those cities. Agriculture which was formerly confined to the countryside henceforth develops in the urban area and occupies a preponderant place as a strategy of survival, of insertion and of food supplying of the city-dwellers. It has become an activity integrated to the urban tissue through systems of occupying and exploitation of land in the urban area. Population growth (4.81%) between 2002 and 2013 is a critical poverty rate (65%) of the population of Parakou city, entailing a misery perceptible in all its social and economic dimensions. The market-gardening activity has integrated itself to the urban tissue. The objective of this study is to understand how urban agriculture through market-gardening can be a solution for rural farmers who have moved to Parakou city. In this study, documentary research, interviews and field observation are used for data collection. The main results to be signaled among others are: evolution and status of the market-gardening areas in Parakou, the reduction of food insecurity with the permanent availability in quantity and in quality of market-gardening products accessible to the population: the protection of the environment through the drainage of the urban area and the preservation of the diversity of vegetables;the increase of the income of the households of the farmers and the creation of employments.

Two Issues in Studying Security Environment

To some extent, China’s security environment depends on if it has active creation, understanding, attention and vigilance on the common interests of the surrounding areas and groups of states, and if it could take timely and proper countermeasures. In my personal view, two principles should be taken into consideration. The first principle is

Novel Architecture of Security Orchestration, Automation and Response in Internet of Blended Environment

New technologies that take advantage of the emergence of massive Internet of Things(IoT)and a hyper-connected network environment have rapidly increased in recent years.These technologies are used in diverse environments,such as smart factories,digital healthcare,and smart grids,with increased security concerns.We intend to operate Security Orchestration,Automation and Response(SOAR)in various environments through new concept definitions as the need to detect and respond automatically to rapidly increasing security incidents without the intervention of security personnel has emerged.To facilitate the understanding of the security concern involved in this newly emerging area,we offer the definition of Internet of Blended Environment(IoBE)where various convergence environments are interconnected and the data analyzed in automation.We define Blended Threat(BT)as a security threat that exploits security vulnerabilities through various attack surfaces in the IoBE.We propose a novel SOAR-CUBE architecture to respond to security incidents with minimal human intervention by automating the BT response process.The Security Orchestration,Automation,and Response(SOAR)part of our architecture is used to link heterogeneous security technologies and the threat intelligence function that collects threat data and performs a correlation analysis of the data.SOAR is operated under Collaborative Units of Blended Environment(CUBE)which facilitates dynamic exchanges of data according to the environment applied to the IoBE by distributing and deploying security technologies for each BT type and dynamically combining them according to the cyber kill chain stage to minimize the damage and respond efficiently to BT.

Reflections on China's Neighboring Security Environment

There is a Chinese saying that goes like this, when stormy weather comes, a giant dragon will rise. It is the feature of the present era. When China begins to rise, it will advance at an enormous inertial force. It has become the important factor that influences world future trend. In the meanwhile, changes in international situation also exerted increasing influence on China. Therefore it is of special significance to discuss and assess the international environment that China faces.

Information Security Management Measures for College Archives Under the Network Environment

The construction of archives in colleges and universities in China is in the process of development and improvement.With the development information technology,the informatization of college archives has been accelerated.Network technology is developing rapidly in our country,and the number of network users has increased significantly.The use of network technology in university archives management can improve the management efficiency and quality of archives,but the safety factor has dropped significantly.For example,the archival system may face many problems such as virus infection,system paralysis,or cyberattacks,which affects the security of the university archives.Therefore,this paper presents an analysis of these problems in detail,and proposes corresponding solutions,so as to optimize and improve the information security management of college archives.

Practical Approaches to Securing an IT Environment

There are a number of IT Security journals available in the literature but none of these research papers have practically specified approaches to secure the IT environment at large. In this paper, more emphases will be laid on the practical ways to secure our IT environments and with some useful real-life scenarios. In today, securing our IT environment has become the key factor in the industry due to an increasing number of attackers invading and stealing the intellectual properties;thereby, rendering most IT industries to go out of businesses. They may find that understanding and translating IT security recommendations to implementable practices can be overwhelming. While this is a worthwhile and important task, there are also more practical ways to ensure you are using IT security best practices in your business. Therefore, the need to properly secure our IT environments in order to mitigate those attacks by using the right tools in all IT domains will be fully discussed in this research. This paper will focus more on protection of LAN-WAN Domain as a use case.

Improved Secure Identification-Based Multilevel Structure of Data Sharing in Cloud Environments

The Cloud Computing Environment(CCE)developed for using the dynamic cloud is the ability of software and services likely to grow with any business.It has transformed the methodology for storing the enterprise data,accessing the data,and Data Sharing(DS).Big data frame a constant way of uploading and sharing the cloud data in a hierarchical architecture with different kinds of separate privileges to access the data.With the requirement of vast volumes of storage area in the CCEs,capturing a secured data access framework is an important issue.This paper proposes an Improved Secure Identification-based Multilevel Structure of Data Sharing(ISIMSDS)to hold the DS of big data in CCEs.The complex file partitioning technique is proposed to verify the access privilege context for sharing data in complex CCEs.An access control Encryption Method(EM)is used to improve the encryption.The Complexity is measured to increase the authentication standard.The active attack is protected using this ISIMSDS methodology.Our proposed ISIMSDS method assists in diminishing the Complexity whenever the user’s population is increasing rapidly.The security analysis proves that the proposed ISIMSDS methodology is more secure against the chosen-PlainText(PT)attack and provides more efficient computation and storage space than the related methods.The performance of the proposed ISIMSDS methodology provides more efficiency in communication costs such as encryption,decryption,and retrieval of the data.

The Connotation and Extension of Agricultural Water Resources Security

The objective of this study is to define agricultural water resources security and its connotation and extension. The definitions of water security, water resources security, and water environment security were summarized, and their relationship was differentiated and analyzed. Based on these, the elements of the conception of agricultural water resources security were hashed and the conception was defined. Agricultural water resources security is the provision of water resource that ensures protection of agriculture against threat, hazards, destruction, and loss. Moreover, the connotation and extension of agricultural water resources security were ascertained. In detail, the connotation of the definition has natural attributes, socioeconomic attributes, and cultural attributes. The extensions of agricultural water resources security include both broad and narrow ones, as well as, food security, agroenvironmental security, agroeconomic security, rural society security, etc. The definition will serve as the frame of reference for developing the researches, limiting the frame of the theory, and founding a appraising system for agricultural water resources security.

Task Scheduling for Multi-Cloud Computing Subject to Security and Reliability Constraints

The rise of multi-cloud systems has been spurred.For safety-critical missions,it is important to guarantee their security and reliability.To address trust constraints in a heterogeneous multi-cloud environment,this work proposes a novel scheduling method called matching and multi-round allocation(MMA)to optimize the makespan and total cost for all submitted tasks subject to security and reliability constraints.The method is divided into two phases for task scheduling.The first phase is to find the best matching candidate resources for the tasks to meet their preferential demands including performance,security,and reliability in a multi-cloud environment;the second one iteratively performs multiple rounds of re-allocating to optimize tasks execution time and cost by minimizing the variance of the estimated completion time.The proposed algorithm,the modified cuckoo search(MCS),hybrid chaotic particle search(HCPS),modified artificial bee colony(MABC),max-min,and min-min algorithms are implemented in CloudSim to create simulations.The simulations and experimental results show that our proposed method achieves shorter makespan,lower cost,higher resource utilization,and better trade-off between time and economic cost.It is more stable and efficient.

A Review of Anomaly Detection Systems in Cloud Networks and Survey of Cloud Security Measures in Cloud Storage Applications

Cloud computing has become one of the most projecting words in the IT world due to its design for providing computing service as a utility. The typical use of cloud computing as a resource has changed the scenery of computing. Due to the increased flexibility, better reliability, great scalability, and decreased costs have captivated businesses and individuals alike because of the pay-per-use form of the cloud environment. Cloud computing is a completely internet dependent technology where client data are stored and maintained in the data center of a cloud provider like Google, Amazon, Apple Inc., Microsoft etc. The Anomaly Detection System is one of the Intrusion Detection techniques. It’s an area in the cloud environment that is been developed in the detection of unusual activities in the cloud networks. Although, there are a variety of Intrusion Detection techniques available in the cloud environment, this review paper exposes and focuses on different IDS in cloud networks through different categorizations and conducts comparative study on the security measures of Dropbox, Google Drive and iCloud, to illuminate their strength and weakness in terms of security.

A PRIVACY-PRESERVING AUTHENTICATION SCHEME USING BIOMETRICS FOR PERVASIVE COMPUTING ENVIRONMENTS

In pervasive computing environments,users can get services anytime and anywhere,but the ubiquity and mobility of the environments bring new security challenges.The user and the service provider do not know each other in advance,they should mutually authenticate each other.The service provider prefers to authenticate the user based on his identity while the user tends to stay anonymous.Privacy and security are two important but seemingly contradictory objectives.As a result,a user prefers not to expose any sensitive information to the service provider such as his physical location,ID and so on when being authenticated.In this paper,a highly flexible mutual authentication and key establishment protocol scheme based on biometric encryption and Diffie-Hellman key exchange to secure interactions between a user and a service provider is proposed.Not only can a user's anonymous authentication be achieved,but also the public key cryptography operations can be reduced by adopting this scheme.Different access control policies for different services are enabled by using biometric encryption technique.The correctness of the proposed authentication and key establishment protocol is formally verified based on SVO logic.

Design of an Information Security Service for Medical Artificial Intelligence

The medical convergence industry has gradually adopted ICT devices,which has led to legacy security problems related to ICT devices.However,it has been difficult to solve these problems due to data resource issues.Such problems can cause a lack of reliability in medical artificial intelligence services that utilize medical information.Therefore,to provide reliable services focused on security internalization,it is necessary to establish a medical convergence environment-oriented security management system.This study proposes the use of system identification and countermeasures to secure systemreliabilitywhen using medical convergence environment information in medical artificial intelligence.We checked the life cycle of medical information and the flow and location of information,analyzed the security threats that may arise during the life cycle,and proposed technical countermeasures to overcome such threats.We verified the proposed countermeasures through a survey of experts.Security requirements were defined based on the information life cycle in the medical convergence environment.We also designed technical countermeasures for use in the security management systems of hospitals of diverse sizes.

Close Relationship between the Frangibility of Mountain Eco-Environment and Mountain Disasters:A Case Study of Dongchuan,Kunming in Yunnan Province

Anatomical details are given in this article, which is performed by investigating the relationship between through the frangibility of mountain eco-environment and the status of irrational land-use in typical region of debris flow in Dongchuan district, Kunming city, yunnan Province. This analysis is extended to the relationship between vicissitude of mountain disasters and the frangibility of mountain environment. The relatively coupling action of a vicious circle is a evolving characteristic by debris flow sand-gravel there. The eco-security is being faced with serious challenge. The tactics of eco-security has been constructed since 1980s. Thus, the eco-environrnent can gradually be repaired and optimized to achieve a fine circle.

The intelligent security system based on the public switch telephone network

This paper elaborates the design and development of the intelligent security system based on the public switch telephone network.The system includes two parts:security detection emission,and radio reception and signal process connected to the phone line with the telephone set at home or in the office.The core of radio reception and signal process is Micro Control Unit,which, in coordination with other peripheral circuits such as telephone line interface,signaling tone detection,dual tone multi-frequency(DTMF)reception and emission,and voice notification,informs the subscriber of the alarm via voice through Public Switch Telephone Network(PSTN).In addition,the subscriber can easily modify telephone numbers stored in the system.