Browsing by Author "Barker, Kenneth Edwin"
Now showing 1 - 5 of 5
Results Per Page
Sort Options
Item Open Access Automatic Inspection of Radio Astronomical Surveys (AIRAS)(2016) Said, Dina Adel; Barker, Kenneth Edwin; Stil, Jereon Maarten; Fiege, Jason; Rokne, Jon; Denzinger, Jörg; Leahy, DenisThis research investigates the problem of analyzing radio astronomical surveys (RAS) to automatically identify groups of objects forming patterns that astronomers are interested to find. The visual inspection of RAS to find these interesting patterns requires a lot of time and effort to go through thousands of images in RAS. Moreover, the visual process can be infeasible in very crowded and noisy images. To tackle this problem, this research presents AIRAS: the first reported system for the automatic inspection of RAS. AIRAS consists of two main stages; (i) STAGE 1: Object finding where all objects in RAS are found and presented in a graph-based representation called the astronomy graph (AG), and (ii) STAGE 2: Pattern querying and retrieval where astronomers specify the characteristics of interesting patterns in a query form. Afterwards, AIRAS finds patterns matching these characteristics in the AG and presents them to astronomers for further investigation. Astronomers can use AIRAS to detect patterns known to be suspicious (i.e. they consist of false astronomical objects or artifacts). Among these patterns are the hexagonal pattern (HP) and the zigzag pattern (ZP). In the HP, objects form a hexagon shape with an object in the middle, similar to the shape of the front end of the Arecibo telescope horn. In the ZP, objects are aligned in an orientation with the horizontal axis similar to the scanning line of the radio telescope. These two patterns are used as case studies to evaluate AIRAS performance using images from the GALFACTS project; a project carried out at the University of Calgary in cooperation with several research institutes worldwide. The experimental studies show that AIRAS is a promising system that finds patterns in RAS in response to astronomers’ queries with an acceptable accuracy. Additionally, AIRAS can be extended to connect the patterns found with their physical signals to provide more insights about the nature of these patterns.Item Open Access Design and Implementation of Maliciously Secure Two-Party Computation Based on Garbled Circuits(2017) Afshar, Arash; Mohassel, Payman; Safavi-Naini, Reyhaneh Alsadat; Barker, Kenneth Edwin; Jacobson, Michael John Jr; Sanders, Barry Cyril; Kerschbaum, FlorianIn this thesis we design and implement three approaches to provide efficient Secure Two- Party Computation (2PC) protocols that are secure in presence of malicious adversaries. The field of secure two-party computation enables two mutually distrusting parties, each with their own private input, to run a computation of an arbitrary program. At the end of the computation, nothing about their private input is leaked except for what can be learned from the output of the computation. The seminal work of Yao in 1986 provided the first proof that such a computation is feasible using the so called garbled circuits and given an Oblivious Transfer protocol. In this thesis, we follow Yao’s garbled circuit approach and focus on efficient protocols that are secure against malicious adversaries. We examine three different categories of optimization. In each category, we present a 2PC protocol, prove its security, and implement it as a proof of concept to demonstrate its running time in practice. Non-interactive Secure Computation: In this category, we offer the first implementation of a malicious 2PC protocol that reduces the required rounds of interaction between the two parties to only two rounds (i.e., each party sends only one message to the other party). Mixed Secure Two-Party Computation: In the second category we target big and complex programs and break them into subprograms. Then, we compute each subprogram using the most efficient 2PC protocol that is suitable for it. Finally, we securely connect these subprograms together. The goal is to reduce the overhead of the garbled circuits significantly, which results in a more efficient overall 2PC protocol for programs with specific properties. Secure Computation for Random Access Machine Programs: In the third category, we target programs that require random access to the memory (as opposed to a sequential access). We present the first efficient maliciously-secure protocol for computing such programs.Item Open Access Light-weight Privacy Infrastructure - A Blockchain-based Privacy-Preservation Platform for Data Storage and Query Processing(2022-06) Mireku Kwakye, Michael; Barker, Kenneth Edwin; Jacobson Jr., Michael John; Reardon, Joel Christopher; Ray, Suprio; Far, Behrouz HomayounPrivacy-preservation policies are guidelines and recommendations formulated to protect data provider’s private, sensitive data in data repositories. These policies are implemented using privacy-preservation methodologies. Previous privacy-preservation methodologies have addressed privacy in which data are permanently stored in repositories and disconnected from changing data provider privacy preferences. This becomes evident as the data moves to another data repository. The ability of data providers to flexibly update or change their privacy preferences when it is required is a known challenge. Moreover, the ability for data providers to control their existing privacy preferences due to changes in data usage continues to remain a problem. This research proposes a Light-weight Privacy Infrastructure (LPI); which is a methodology/framework for privacy-preservation of data provider’s private and sensitive data. The approach offers data providers flexibility to easily change and monitor privacy preferences on their stored data when the data usage requirements change. Additionally, the approach offers data providers control over access and usage of their private, sensitive data by data collectors and/or accessors and third-party data accessors. The research proposes to tightly couple data provider’s private attribute data element to privacy preferences and data accessor data elements. The implementation presents a framework of tightly-coupled relational Database Management System (DBMS), blockchains, and genomic data store. The coupled database framework delivers a secure and query-efficient platform for management and query processing of data provider’s private data. The implementation adopts an Alberta biotechnology platform that provides commercial oncogenomic services, as a case study. The healthcare platform processes both cancer-related healthcare data and next generation sequencing (NGS) genomic data. Data privacy in healthcare data is a necessary requirement in the processing of data provider private and sensitive data across varied data repositories. The implementation provides data providers (i.e., patients) and data collectors and/or accessors (for e.g., physicians) the platform to efficiently manage data whiles eliminating the risks of privacy breaches and unauthorized data access. The major contributions are: first, provide an approach to tightly couple data provider private, sensitive data with privacy preferences, and data accessor data elements into a privacy tuple. Second, provide a tightly-coupled immutable, tamper-resistant data processing platform where data providers monitor and control all forms of access to their private, sensitive data. Third, provide implementation of a privacy infrastructure where data providers have maximum flexibility to change their privacy preferences on all transactions processed on their underlying private, sensitive data without requiring the data collector. Finally, provide an implementation framework applicable to healthcare and genomic data processing that uses a biotechnology platform as a case study. The evaluation analysis from the implementation procedures offers a validation for the research based on the query processing output of privacy-aware queries on the privacy infrastructure.Item Open Access Modelling and Enforcing Purpose in Privacy Policies(2013-09-06) Jafari, Mohammad; Safavi-Naini, Reyhaneh Alsadat; Barker, Kenneth EdwinPrivacy concerns are among the most significant side effects of advances in computer and networking technologies. Expressing and enforcing privacy policies is necessary to ensure that processing of personal information in these systems does not violate privacy of individuals. Privacy laws and regulations, as well as various privacy policy languages and privacy-preserving systems show no disagreement in that purpose of use has a key role in privacy policies and is an important factor in controlling access to personal data. In the current literature on privacy, purposes have been treated mostly as opaque labels with little or no semantics. The resulting ambiguities have made purposes susceptible to malicious or inadvertent misinterpretations. Consequently, enforcing purpose-based policies has also remained a challenge. In this research, we address these problems. We develop a framework that defines purposes formally and provides a formal language for expressing purpose constraints, as well as the corresponding method for evaluating them in the context of a workflow. The semantics of this language are defined over an abstract model of business workflows. We show how purpose constraints can be linked to access control rules to form purpose-based policies and develop an enforcement mechanism in the form of a workflow reference monitor to ensure compliance to such policies. We also show how a simple form of such a reference monitor can be implemented using XACML, a common open standard access control system in the industry.Item Open Access Resource Sharing using Permissioned Blockchain: The Case of Smart Neighborhood(2022-01-27) Rahman, Saoreen; Safavi-Naeini, Reyhaneh Alsadat; Barker, Kenneth Edwin; Far, Behrouz HIn a resource sharing system users can offer goods and services with specified conditions which if satisfied, the access will be granted. In conventional resource sharing systems, users' interactions are mediated by a trusted authority (TA). As a result, TA becomes the single point of trust and has access to users' data. In addition, TA requires significant processing and management capabilities, and the ability to handle many requests simultaneously which may make it a single point of failure under various denial of service attacks. Motivated by the advantages of emerging blockchain technology, a decentralized resource sharing system was proposed which uses a permissioned blockchain based resource sharing system for allowing users to share their digital items and credentials with specified attributed-based access policies, and are enforced through a set of smart contracts. The system eliminates the need for a trusted intermediary and overcome the shortcomings associated to it. However, such a system allows users' accesses to be tracked and has limited availability since access to a resource requires the resource's owner to be online. Our proposed architecture offers the same required functionality while ensuring user privacy and access automation, and eliminating the requirement for the resource owner to be online. We use two cryptographic primitives, Ciphertext Policy Attribute-Based Encryption (CPABE) and ring signatures, and develop smart contracts that allow specification of the user-defined policies. We analyze security and privacy of this system, provide the description of smart contracts and construct protocols for the proposed system. We present a case study and conduct performance evaluation of cryptographic primitives and blockchain operations, and show that the overhead for cryptographic operations is adding up to two seconds to the user interaction time, and the gas cost is below 2600000. We design and implement a web application, smart neighborhood, which represents the proposed system by providing user interface (UI) for its user. Although our work is motivated by sharing digital items in distributed resource sharing system, our design and implementation are general and can be employed for wider applications for privacy-preserving sharing of digital items.