Mahmud Hossain

Bio: Mahmud Hossain is an academic researcher from University of Alabama at Birmingham. The author has contributed to research in topics: Universal Plug and Play & Service provider. The author has an hindex of 9, co-authored 24 publications receiving 1889 citations. Previous affiliations of Mahmud Hossain include University of Alabama & Temple University.

Boot-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of IoT Nodes

Abstract: The Internet of Things (IoT) devices perform security-critical operations and deal with sensitive information in the IoT-based systems. Therefore, the increased deployment of smart devices will make them targets for cyber attacks. Adversaries can perform malicious actions, leak private information, and track devices' and their owners' location by gaining unauthorized access to IoT devices and networks. However, conventional security protocols are not primarily designed for resource constrained devices and therefore cannot be applied directly to IoT systems. In this paper, we propose Boot-IoT – a privacy-preserving, lightweight, and scalable security scheme for limited resource devices. Boot-IoT prevents a malicious device from joining an IoT network. Boot-IoT enables a device to compute a unique identity for authentication each time the device enters a network. Moreover, during device to device communication, Boot-IoT provides a lightweight mutual authentication scheme that ensures privacy-preserving identity usages. We present a detailed analysis of the security strength of BootIoT. We implemented a prototype of Boot-IoT on IoT devices powered by Contiki OS and provided an extensive comparative analysis of Boot-IoT with contemporary authentication methods. Our results show that Boot-IoT is resource efficient and provides better scalability compared to current solutions.

A conceptual framework for an IoT-based health assistant and its authorization model

Abstract: This paper proposes a framework for an IoT-based health prescription assistant (HPA), which helps each patient to follow the doctors recommendations properly. The paper also designs a security system that ensures user authentication and protected access to resources and services. Based on the OpenID standard, an access control mechanism is implemented to prevent unauthorized access to medical devices. Once the authentication is successful, the user is issued an authorization ticket, which this paper calls a security access token (SAT). The SAT contains a set of privileges that grants the user access to medical IoT devices and their services and/or resources. The SAT is encrypted to guard against forgery. A medical IoT device verifies the SAT prior to serving a request, and thus, ensures protected access

User-agent based access control for DLNA devices

Abstract: DLNA based media sharing is very popular nowadays. In current DLNA specification, a DLNA device advertises its presence to everyone in the network. Any control point application receiving the advertisement can access/control the device. However, with increasing popularity and availability of public Wi-Fi hotspots, it is necessary for devices to have some sort of access control. DLNA specification has no mandatory authentication procedure. So a device receiving a request from any unwanted control point cannot block/verify its access. The UPnP recommended authentication procedure is computationally expensive and complex for most personal devices. So, in this paper we propose a simple User-Agent based access control system that is effective to protect devices from unwanted control point applications.

Litigo: A Cost-Driven Model for Opaque Cloud Services

Abstract: Cloud computing provides software, platform, and infrastructure as a service that helps organizations to perform several resource intensive tasks. The services offered by a cloud service provider are limited by provider-specific options in terms of the pre-specified configurations. Moreover, it is sometimes expensive to pay a fixed amount of money without any format of negotiation or price-matching deals for the cloud-based services and resources. Conversely, the negotiator-based model for opaque services has gained popularity in various markets, such as, for flights, hotels, and rentals. We posit that a similar opaque inventory for cloud-based services and resources is the next generation niche for consumer acquisition and service delivery in the cloud computing market. Such a model will facilitate the clients with flexible resource and service provisioning at reasonable prices, and will also allow a higher revenue and increase resource utilization for cloud service providers. In this paper, we propose Litigo, a cost-driven model for opaque service platforms for cloud computing. The Litigo component acts as a middle-man to deliver cloud-based services from a set of cloud service providers to the end users. We present a detailed cost model and comparison between establishing a cloud service vs. an opaque cloud service. Our empirical framework allows a Litigo service provider to analyze the profit model and creates the market niche accordingly. We performed extensive analysis using simulated model verification for Litigo. The proposed model delivers an opaque cloud as a service to clients at a reasonable price by maximizing the resource utilization and revenue of cloud service providers.

An Overview of Internet of Things (IoT) and Data Analytics in Agriculture: Benefits and Challenges

Abstract: The surge in global population is compelling a shift toward smart agriculture practices. This coupled with the diminishing natural resources, limited availability of arable land, increase in unpredictable weather conditions makes food security a major concern for most countries. As a result, the use of Internet of Things (IoT) and data analytics (DA) are employed to enhance the operational efficiency and productivity in the agriculture sector. There is a paradigm shift from use of wireless sensor network (WSN) as a major driver of smart agriculture to the use of IoT and DA. The IoT integrates several existing technologies, such as WSN, radio frequency identification, cloud computing, middleware systems, and end-user applications. In this paper, several benefits and challenges of IoT have been identified. We present the IoT ecosystem and how the combination of IoT and DA is enabling smart agriculture. Furthermore, we provide future trends and opportunities which are categorized into technological innovations, application scenarios, business, and marketability.

Internet of Things for Smart Healthcare: Technologies, Challenges, and Opportunities

Abstract: Internet of Things (IoT) technology has attracted much attention in recent years for its potential to alleviate the strain on healthcare systems caused by an aging population and a rise in chronic illness. Standardization is a key issue limiting progress in this area, and thus this paper proposes a standard model for application in future IoT healthcare systems. This survey paper then presents the state-of-the-art research relating to each area of the model, evaluating their strengths, weaknesses, and overall suitability for a wearable IoT healthcare system. Challenges that healthcare IoT faces including security, privacy, wearability, and low-power operation are presented, and recommendations are made for future research directions.