Multi-Tier Stack of Block Chain with Proxy Re-Encryption Method Scheme on the Internet of Things Platform

Block chain provides an innovative solution to information storage, transaction execution, security, and trust building in an open environment. The block chain is technological progress for cyber security and cryptography, with efficiency-related cases varying in smart grids, smart contracts, over the IoT, etc. The movement to exchange data on a server has massively increased with the introduction of the Internet of Things. Hence, in this research, Splitting of proxy re-encryption method (Split-PRE) has been suggested based on the IoT to improve security and privacy in a private block chain. This study proposes a block chain-based proxy re-encryption program to resolve both the trust and scalability problems and to simplify the transactions. After encryption, the system saves the Internet of Things data in a distributed cloud. The framework offers dynamic, smart contracts between the sensor and the device user without the intervention of a trustworthy third party to exchange the captured IoT data. It uses an efficient proxy re-encryption system, which provides the owner and the person existing in the smart contract to see the data. The experimental outcomes show that the proposed approach enhances the efficiency, security, privacy, and feasibility of the system when compared to other existing methods.

Alexa, Who Am I Speaking To?: Understanding Users’ Ability to Identify Third-Party Apps on Amazon Alexa

Many Internet of Things devices have voice user interfaces. One of the most popular voice user interfaces is Amazon’s Alexa, which supports more than 50,000 third-party applications (“skills”). We study how Alexa’s integration of these skills may confuse users. Our survey of 237 participants found that users do not understand that skills are often operated by third parties, that they often confuse third-party skills with native Alexa functions, and that they are unaware of the functions that the native Alexa system supports. Surprisingly, users who interact with Alexa more frequently are more likely to conclude that a third-party skill is a native Alexa function. The potential for misunderstanding creates new security and privacy risks: attackers can develop third-party skills that operate without users’ knowledge or masquerade as native Alexa functions. To mitigate this threat, we make design recommendations to help users better distinguish native functionality and third-party skills, including audio and visual indicators of native and third-party contexts, as well as a consistent design standard to help users learn what functions are and are not possible on Alexa.

Optimally Efficient Multi-party Fair Exchange and Fair Secure Multi-party Computation

Multi-party fair exchange (MFE) and fair secure multi-party computation (fair SMPC) are under-studied fields of research, with practical importance. In particular, we consider MFE scenarios where at the end of the protocol, either every participant receives every other participant’s item, or no participant receives anything. We analyze the case where a trusted third party (TTP) is optimistically available, although we emphasize that the trust put on the TTP is only regarding the fairness , and our protocols preserve the privacy of the exchanged items against the TTP. In the fair SMPC case, we prove that a malicious TTP can only harm fairness, but not security . We construct an asymptotically optimal multi-party fair exchange protocol that requires a constant number of rounds (in comparison to linear) and O(n 2 ) messages (in comparison to cubic), where n is the number of participating parties. In our protocol, we enable the parties to efficiently exchange any item that can be efficiently put into a verifiable encryption (e.g., signatures on a contract). We show how to apply this protocol on top of any SMPC protocol to achieve fairness with very little overhead (independent of the circuit size). We then generalize our protocol to efficiently handle any exchange topology (participants exchange items with arbitrary other participants). Our protocol guarantees fairness in its strongest sense: even if all n-1 other participants are malicious and colluding with each other, the fairness is still guaranteed.

IoT Notary : Attestable Sensor Data Capture in IoT Environments

Contemporary IoT environments, such as smart buildings, require end-users to trust data-capturing rules published by the systems. There are several reasons why such a trust is misplaced—IoT systems may violate the rules deliberately or IoT devices may transfer user data to a malicious third-party due to cyberattacks, leading to the loss of individuals’ privacy or service integrity. To address such concerns, we propose IoT Notary , a framework to ensure trust in IoT systems and applications. IoT Notary provides secure log sealing on live sensor data to produce a verifiable “proof-of-integrity,” based on which a verifier can attest that captured sensor data adhere to the published data-capturing rules. IoT Notary is an integral part of TIPPERS, a smart space system that has been deployed at the University of California, Irvine to provide various real-time location-based services on the campus. We present extensive experiments over real-time WiFi connectivity data to evaluate IoT Notary , and the results show that IoT Notary imposes nominal overheads. The secure logs only take 21% more storage, while users can verify their one day’s data in less than 2 s even using a resource-limited device.

Guided Feature Identification and Removal for Resource-constrained Firmware

IoT firmware oftentimes incorporates third-party components, such as network-oriented middleware and media encoders/decoders. These components consist of large and mature codebases, shipping with a variety of non-critical features. Feature bloat increases code size, complicates auditing/debugging, and reduces stability. This is problematic for IoT devices, which are severely resource-constrained and must remain operational in the field for years. Unfortunately, identification and complete removal of code related to unwanted features requires familiarity with codebases of interest, cumbersome manual effort, and may introduce bugs. We address these difficulties by introducing PRAT, a system that takes as input the codebase of software of interest, identifies and maps features to code, presents this information to a human analyst, and removes all code belonging to unwanted features. PRAT solves the challenge of identifying feature-related code through a novel form of differential dynamic analysis and visualizes results as user-friendly feature graphs . Evaluation on diverse codebases shows superior code removal compared to both manual feature deactivation and state-of-art debloating tools, and generality across programming languages. Furthermore, a user study comparing PRAT to manual code analysis shows that it can significantly simplify the feature identification workflow.

Enhancing Privacy in PUF-Cash through Multiple Trusted Third Parties and Reinforcement Learning

Electronic cash ( e-Cash ) is a digital alternative to physical currency such as coins and bank notes. Suitably constructed, e-Cash has the ability to offer an anonymous offline experience much akin to cash, and in direct contrast to traditional forms of payment such as credit and debit cards. Implementing security and privacy within e-Cash, i.e., preserving user anonymity while preventing counterfeiting, fraud, and double spending, is a non-trivial challenge. In this article, we propose major improvements to an e-Cash protocol, termed PUF-Cash, based on physical unclonable functions ( PUFs ). PUF-Cash was created as an offline-first, secure e-Cash scheme that preserved user anonymity in payments. In addition, PUF-Cash supports remote payments; an improvement over traditional currency. In this work, a novel multi-trusted-third-party exchange scheme is introduced, which is responsible for “blinding” Alice’s e-Cash tokens; a feature at the heart of preserving her anonymity. The exchange operations are governed by machine learning techniques which are uniquely applied to optimize user privacy, while remaining resistant to identity-revealing attacks by adversaries and trusted authorities. Federation of the single trusted third party into multiple entities distributes the workload, thereby improving performance and resiliency within the e-Cash system architecture. Experimental results indicate that improvements to PUF-Cash enhance user privacy and scalability.

The different uses of the pronoun ‘we’ by EFL teachers in classroom interaction

The pronoun ‘we’ is understood only to refer to the first-person plural. In fact, the pronoun ‘we’ can also refer to other references. The primary purpose of this study is to examine the different uses of the pronoun ‘we’ by EFL teachers in classroom interaction. This study employed a qualitative approach by using three instruments: observation, audio-recorder, and interview in collecting the data. The subjects of this research are two English teachers and the second-grade students at a vocational high school in Makassar. The data were analyzed by formulating Miles et al.’s method of analysis. The result of this study shows that, in classroom interaction, the pronoun ‘we’ can refer to six distinct references: (1) ‘we’ that refers to speaker and more than one addressee, (2) ‘we’ that refers to speaker and more than one-third party, (3) ‘we’ that refers to speaker and indefinite group, (4) ‘we’ that indicates ‘you’, (5) ‘we’ that indicates ‘I’, and (6) ‘we’ that indicates “they”. From the interviews, the researchers found that both teachers have different reasons for using the pronoun ‘we’ in classroom interaction. The first teacher intends to use the pronoun to help him create an enjoyable learning environment and establish better relationships with the students. In contrast, the other teacher uses the pronoun ‘we’ to show politeness to the students. Despite the differences, they both seem to have the same intention of creating a positive learning environment.

Isolation without taxation: near-zero-cost transitions for WebAssembly and SFI

Software sandboxing or software-based fault isolation (SFI) is a lightweight approach to building secure systems out of untrusted components. Mozilla, for example, uses SFI to harden the Firefox browser by sandboxing third-party libraries, and companies like Fastly and Cloudflare use SFI to safely co-locate untrusted tenants on their edge clouds. While there have been significant efforts to optimize and verify SFI enforcement, context switching in SFI systems remains largely unexplored: almost all SFI systems use heavyweight transitions that are not only error-prone but incur significant performance overhead from saving, clearing, and restoring registers when context switching. We identify a set of zero-cost conditions that characterize when sandboxed code has sufficient structured to guarantee security via lightweight zero-cost transitions (simple function calls). We modify the Lucet Wasm compiler and its runtime to use zero-cost transitions, eliminating the undue performance tax on systems that rely on Lucet for sandboxing (e.g., we speed up image and font rendering in Firefox by up to 29.7% and 10% respectively). To remove the Lucet compiler and its correct implementation of the Wasm specification from the trusted computing base, we (1) develop a static binary verifier , VeriZero, which (in seconds) checks that binaries produced by Lucet satisfy our zero-cost conditions, and (2) prove the soundness of VeriZero by developing a logical relation that captures when a compiled Wasm function is semantically well-behaved with respect to our zero-cost conditions. Finally, we show that our model is useful beyond Wasm by describing a new, purpose-built SFI system, SegmentZero32, that uses x86 segmentation and LLVM with mostly off-the-shelf passes to enforce our zero-cost conditions; our prototype performs on-par with the state-of-the-art Native Client SFI system.

Spontaneous pneumomediastinum, pneumothorax and subcutaneous emphysema in critically ill COVID-19 patients: A systematic review

Objectives: COVID-19 patients develop Life-threatening complications like pneumomediastinum/pneumothorax and emphysema which might experience prolonged hospital stays and additional costs might be imposed on the patient and the health system. The clinical features and outcomes of mechanically ventilated patients with COVID-19 infection who develop a pneumothorax, pneumomediastinum and subcutaneous emphysema has not been rigorously described or compared to those who do not develop these complications. So a systematic review of studies conducted on this subject was carried out to better manage these complications by investigating the underlying factors in COVID-19 patients. Methods: The search was conducted between early January and late December 2020 in databases including PubMed, Scopus, ProQuest, Embase, Cochrane Library, and Web of Science, using the following keywords and their combinations: COVID-19 Complication, Pneumothorax, Pneumomediastinum, Pneumopericardium, and Subcutaneous Emphysema. The extracted studies were screened separately by two researchers based on the PRISMA statement. After eliminating the duplicate studies, the title, abstract, and full text of the remaining studies were reviewed. Disagreements in the screening and selection of the studies were resolved by consensus or through a third-party opinion. Results: A total of 793 articles were retrieved through the literature search, and 99 studies conducted on a total of 139 patients were finally included The patient mortality was found to have a significant relationship with positive pressure ventilation (P=0.0001). There was no significant relationship between the patients’ death and chest tube insertion (P=0.2) or between the interval of time from the onset of symptoms to the diagnosis of pneumothorax (P=0.7). The mean age was higher in the deceased cases, and the mean difference observed was statistically significant (P=0.001). Conclusion: With the expansion of our clinical understanding of COVID-19, recognition of the uncommon complications of COVID-19 especially pneumothorax is crucial. Although in our review we couldn’t find a causal relationship between COVID-19 and pneumothorax or association between pneumothorax and death, as it is limited by many variables such as included studies’ design, or incomplete outcome data especially more information about the associated risk factors, we recommend performing more well-designed studies to describe the pneumothoraxes› incidence, risk factors, and outcomes in COVID-19 patients. doi: https://doi.org/10.12669/pjms.38.3.5529 How to cite this:Shahsavarinia K, Rahvar G, Soleimanpour H, Saadati M, Vahedi L, Mahmoodpoor A. Spontaneous pneumomediastinum, pneumothorax and subcutaneous emphysema in critically ill COVID-19 patients: A systematic review. Pak J Med Sci. 2022;38(3):---------. doi: https://doi.org/10.12669/pjms.38.3.5529 This is an Open Access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/3.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.