A Fat Client OS Architecture Supported by Semi-network Resources

Purpose–This study is to explore a way toretainthe strengths and eliminatethe weaknesses of the existingarchitecture oflocal OS and cloud OS,then create an innovativeone, which is referredto as semi-network OS architecture.Method–The elements of semi-network OS architecture includes networkresources, localresources, and semi-mobile hardware resources; among them, networkresources are the expanded portionof OS, which is used to ensure the scalability of OS; local resources are the base portion of OS, which is used to ensure the stability of local computing, as well as the autonomy of user operations; the semi-mobile hardware resource is OSPU, which is used to ensure the positioning and security of dataflow.Results–Thefat client OS relies on the network shared resources,local exclusive resources,and semi-mobilehardware resources (OSPU), not relies solely on a single resource, to perform its tasks on a fat client, in thisarchitecture, most of the system files of OS on a fat client isderived from OS server, which is a network shared resources, and the rest of system files of OS is derived from OSPUof a fat client, which is a non-network resource, so the architecture of OShas "semi-network" attribute, wherein the OSPU is a key subordinate component for data processing and security verification,the OS server is a storage place rather than operating a placeof system files, and system files that stored on a server can only be downloaded to a fat client to carry out their mission.Conclusion–A complete OS is divided into base portion and expanded portion, and this "portion" division of OS enables a fat client to be dually supported by remote network resources and local non-network resources, therefore, it is expected to make a fat client more flexible, safer and more reliable, and more convenient to be operated.

Can Formal Security Verification Really Be Optional? Scrutinizing the Security of IMD Authentication Protocols

The need for continuous monitoring of physiological information of critical organs of the human body, combined with the ever-growing field of electronics and sensor technologies and the vast opportunities brought by 5G connectivity, have made implantable medical devices (IMDs) the most necessitated devices in the health arena. IMDs are very sensitive since they are implanted in the human body, and the patients depend on them for the proper functioning of their vital organs. Simultaneously, they are intrinsically vulnerable to several attacks mainly due to their resource limitations and the wireless channel utilized for data transmission. Hence, failing to secure them would put the patient’s life in jeopardy and damage the reputations of the manufacturers. To date, various researchers have proposed different countermeasures to keep the confidentiality, integrity, and availability of IMD systems with privacy and safety specifications. Despite the appreciated efforts made by the research community, there are issues with these proposed solutions. Principally, there are at least three critical problems. (1) Inadequate essential capabilities (such as emergency authentication, key update mechanism, anonymity, and adaptability); (2) heavy computational and communication overheads; and (3) lack of rigorous formal security verification. Motivated by this, we have thoroughly analyzed the current IMD authentication protocols by utilizing two formal approaches: the Burrows–Abadi–Needham logic (BAN logic) and the Automated Validation of Internet Security Protocols and Applications (AVISPA). In addition, we compared these schemes against their security strengths, computational overheads, latency, and other vital features, such as emergency authentications, key update mechanisms, and adaptabilities.

DAM-SE: A Blockchain-Based Optimized Solution for the Counterattacks in the Internet of Federated Learning Systems

The rapid development in network technology has resulted in the proliferation of Internet of Things (IoT). This trend has led to a widespread utilization of decentralized data and distributed computing power. While machine learning can benefit from the massive amount of IoT data, privacy concerns and communication costs have caused data silos. Although the adoption of blockchain and federated learning technologies addresses the security issues related to collusion attacks and privacy leakage in data sharing, the “free-rider attacks” and “model poisoning attacks” in the federated learning process require auditing of the training models one by one. However, that increases the communication cost of the entire training process. Hence, to address the problem of increased communication cost due to node security verification in the blockchain-based federated learning process, we propose a communication cost optimization method based on security evaluation. By studying the verification mechanism for useless or malicious nodes, we also introduce a double-layer aggregation model into the federated learning process by combining the competing voting verification methods and aggregation algorithms. The experimental comparisons verify that the proposed model effectively reduces the communication cost of the node security verification in the blockchain-based federated learning process.