This work is a sequel of the studies in the analysis of vulnerabilities in computer systems. It applied boolean algebras to develop a mathematical model describing the exploits of the NVD data source when using the classification based on the concept of measurement. Quasimeasure has been offered for the boolean algebra, proved that she is a measure from the point of view of measure theory. Shows that the algebraic structure is also algebra of events.

Анализ уязвимостей вычислительных систем на основе алгебраических структур и потоков данных National Vulnerability Database

Artificial intelligence based anomaly detection of energy consumption in buildings: A review, current trends and new perspectives

Cloud computing has gained huge attention over the past decades because of continuously increasing demands. There are several advantages to organizations moving toward cloud-based data storage solutions. These include simplified IT infrastructure and management, remote access from effectively anywhere in the world with a stable Internet connection and the cost efficiencies that cloud computing can bring. The associated security and privacy challenges in cloud require further exploration. Researchers from academia, industry, and standards organizations have provided potential solutions to these challenges in the previously published studies. The narrative review presented in this survey provides cloud security issues and requirements, identified threats, and known vulnerabilities. In fact, this work aims to analyze the different components of cloud computing as well as present security and privacy problems that these systems face. Moreover, this work presents new classification of recent security solutions that exist in this area. Additionally, this survey introduced various types of security threats which are threatening cloud computing services and also discussed open issues and propose future directions. This paper will focus and explore a detailed knowledge about the security challenges that are faced by cloud entities such as cloud service provider, the data owner, and cloud user.

A survey on security challenges in cloud computing: issues, threats, and solutions

Reactive defense mechanisms, such as intrusion detection systems, have made significant efforts to secure a system or network for the last several decades. However, the nature of reactive security mechanisms has limitations because potential attackers cannot be prevented in advance. We are facing a reality with the proliferation of persistent, advanced, intelligent attacks while defenders are often way behind attackers in taking appropriate actions to thwart potential attackers. The concept of moving target defense (MTD) has emerged as a proactive defense mechanism aiming to prevent attacks. In this work, we conducted a comprehensive, in-depth survey to discuss the following aspects of MTD: key roles, design principles, classifications, common attacks, key methodologies, important algorithms, metrics, evaluation methods, and application domains. We discuss the pros and cons of all aspects of MTD surveyed in this work. Lastly, we highlight insights and lessons learned from this study and suggest future work directions. The aim of this paper is to provide the overall trends of MTD research in terms of critical aspects of defense systems for researchers who seek to develop proactive, adaptive MTD mechanisms.

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

The purpose of this paper is to provide a source of information on thermal energy use in buildings, its drivers, and their past, present and future trends on a global and regional basis. Energy use in buildings forms a large part of global and regional energy demand. The importance of heating and cooling in total building energy use is very diverse with this share varying between 18% and 73%. Biomass is still far the dominant fuel when a global picture is considered; the role of electricity is substantially growing, and the direct use of coal is disappearing from this sector, largely replaced by electricity and natural gas in the most developed regions. This paper identifies the different drivers of heating and cooling energy demand, and decomposes this energy demand into key drivers based on a Kaya identity approach: number of households, persons per household, floor space per capita and specific energy consumption for residential heating and cooling; and GDP, floor space per GDP, and specific energy consumption for commercial buildings. This paper also reviews the trends in the development of these drivers for the present, future – and for which data were available, for the past – in 11 world regions as well as globally. Results show that in a business-as-usual scenario, total residential heating and cooling energy use is expected to more or less stagnate, or slightly decrease, in the developed parts of the world. In contrast, commercial heating and cooling energy use will grow in each world region. Finally, the results show that per capita total final residential building energy use has been stagnating in the vast majority of world regions for the past three decades, despite the very significant increases in energy service levels in each of these regions.

Heating and cooling energy trends and drivers in buildings

The Electronic Health Records (EHR) sharing system is the state of art for delivering healthcare. The tools within the system can predict outcomes during the patient's lifetime, monitor how effective are treatments, track therapies and detect human errors. For main industry stakeholders, the priority is to ensure integrity and interoperability across the care continuum. Achieving this priority is still challenging considering an enormous amount of EHR data, security issues, and heterogeneity of healthcare information systems. To overcome these challenges, this work proposes BiiMED: a Blockchain framework for Enhancing Data Interoperability and Integrity regarding EHR-sharing. The proposed solutions include an access management system allowing the exchange of EHRs between different medical providers and a decentralized Trusted Third Party Auditor (TTPA) for ensuring data integrity. This work establishes a foundation for further research on dynamic data interoperability and integrity verification in a fully decentralized environment.

Blockchain technology for healthcare: Enhancing shared electronic health record interoperability and integrity

https://espace.library.uq.edu.au/view/UQ:5176be9/UQ5176be9_OA.pdf

Systematic identification of threats in the cloud: A Survey

As the Internet of Things (IoT) is evolving, one of its rapidly developing components is the transformation of standard Vehicle Ad-hoc Networks (VANETs) into the Internet of Vehicles (IoV). Due to the exceptional progress in computation and communication technologies, the IoV has attracted the attention of researchers and commercial companies. Nevertheless, the primary issue regarding the IoV, and in particular to Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I), is establishing secure and instant payments and communications. To respond to this challenge, this work proposes a Blockchain-based solution for establishing secure payment and communication (PSEV) in order to study the use of Blockchain as middle-ware between different participants of intelligent transportation systems. The proposed framework employs Ethereum to develop a solution aimed at facilitating Vehicle-to-Everything (V2X) communications and parking payments. Moreover, the solution includes Android auto and application modules for automating the communication process. It was experimentally tested to assess its computational costs, communication expenses and the real-time aspect (RTA). The results of computational tests revealed that the developed solution is faster and more scalable than the existing solutions.

Blockchain for the Internet of Vehicles: How to Use Blockchain to Secure Vehicle-to-Everything (V2X) Communication and Payment?

The use of Blockchain technology has recently become widespread. It has emerged as an essential tool in various academic and industrial fields, such as healthcare, transportation, finance, cybersecurity, and supply chain management. It is regarded as a decentralized, trustworthy, secure, transparent, and immutable solution that innovates data sharing and management. This survey aims to provide a systematic review of Blockchain application to intelligent transportation systems in general and the Internet of Vehicles (IoV) in particular. The survey is divided into four main parts. First, the Blockchain technology including its opportunities, relative taxonomies, and applications is introduced; basic cryptography is also discussed. Next, the evolution of Blockchain is presented, starting from the primary phase of pre-Bitcoin (fundamentally characterized by classic cryptography systems), followed by the Blockchain 1.0 phase, (characterized by Bitcoin implementation and common consensus protocols), and finally, the Blockchain 2.0 phase (characterized by the implementation of smart contracts, Ethereum, and Hyperledger). We compared and identified the strengths and limitations of each of these implementations. Then, the state of the art of Blockchain-based IoV solutions (BIoV) is explored by referring to a large and trusted source database from the Scopus data bank. For a well-structured and clear discussion, the reviewed literature is classified according to the research direction and implemented IoV layer. Useful tables, statistics, and analysis are also presented. Finally, the open problems and future directions in BIoV research are summarized.

https://ieeexplore.ieee.org/ielx7/6287639/9668973/09706476.pdf

Blockchain Technology for Intelligent Transportation Systems: A Systematic Literature Review

Existing security risk evaluation approaches (e.g., asset-based) do not consider specific security requirements of individual cloud computing clients in the security risk evaluation. In this paper, we propose a threat-specific risk evaluation approach that uses various security attributes of the cloud (e.g., vulnerability information, the probability of an attack, and the impact of each attack associated with the identified threat(s)) as well as the client-specific security requirements in the cloud. Our approach allows a security administrator of the cloud provider to make fine-grained decisions for selecting mitigation strategies in order to protect the outsourced computing assets of individual clients based on their specific security needs against specific threats. This is different from the existing asset-based approaches where they do not have the functionalities to provide the security evaluation of the cloud with respect to specific threats. On the other hand, the proposed approach enables security administrators to compute a range of more effective client-specific countermeasures with respect to the importance of security requirements and threats. The experimental evaluation results demonstrate that effective security solutions vary due to specific threats prioritized by different clients for an application in the cloud. Further, the proposed approach is not limited to only the cloud-based systems, but can easily be adopted to other networked systems. We have also developed a software tool to support the proposed approach.

Noora Fetais

Papers

Blockchain technology for healthcare: Enhancing shared electronic health record interoperability and integrity

Systematic identification of threats in the cloud: A Survey

Blockchain for the Internet of Vehicles: How to Use Blockchain to Secure Vehicle-to-Everything (V2X) Communication and Payment?

Blockchain Technology for Intelligent Transportation Systems: A Systematic Literature Review

Threat-Specific Security Risk Evaluation in the Cloud