Sharif Digital Repository

An important security challenge in database outsourcing scenarios is the correctness verification of query results. The proposed approaches in the literature, impose high overhead on both the service provider and specially the clients. In this paper, we propose the Trust-Based Fake Tuples approach to audit the correctness of query results. In this approach, some fake tuples are included among the real ones in order to verify the correctness of the results. The experience learnt from past results is used in this paper to evaluate the trust toward the service provider. This trust value is used to tune the number of fake tuples and subsequently the imposed overhead. As the trust value toward... 

LBlock is a lightweight block cipher proposed in ACNS 2011 as a solution to the security challenge in extremely constrained environments. Because biclique cryptanalysis had not been invented when this cipher was designed, the designers themselves evaluated the security of this cipher one year later in WISA 2012, where a modified key schedule was also suggested to make this cipher resistant against biclique attack. In this paper, we analyze the full-round of LBlock with this modified key schedule by the biclique attack with data complexity of 212 and computational complexity of 278-74. In the biclique attack, a shorter biclique potentially results in less data complexity, but at the expense... 

Hybrid Mobile Applications are a new generation of mobile applications that have recently introduced new security challenges. In these applications, untrusted web content, such as an advertisement inside an embedded browser, has the same privileges as the entire application and can directly access the device resources. Unfortunately, existing access control mechanisms are very coarse-grained and do not provide adequate facilities for fine-grained access rule definition and enforcement in hybrid mobile applications. In this paper, we propose a fine-grained access control mechanism for privilege separation in hybrid mobile applications. Our proposed access control mechanism, called... 

Passenger cars (PCs) not only are a major contributor to greenhouse gas (GHG) emissions in Iran but also pose severe energy security challenges due to their dependence on gasoline. This study aimed to understand the future trends of the gasoline demand and GHG emissions from PCs in Iran and assess the effectiveness of mitigation policies. The data were collected from multiple sources and used to develop the survival rate function of PCs. The study used back-calculation to compensate for the short period of stock data availability. The use intensity of PCs was estimated based on the gasoline consumption statistics. Econometric models were developed to project the future PC stock and use... 

Researchers have been studying security challenges of database outsourcing for almost a decade. Privacy of outsourced data is one of the main challenges when the "Database As a Service" model is adopted in the service oriented trend of the cloud computing paradigm. This is due to the insecurity of the network environment or even the untrustworthiness of the service providers. This paper proposes a method to preserve privacy of outsourced data based on Shamir's secret sharing scheme. We split attribute values into several parts and distribute them among untrusted servers. The problem of using secret sharing in data outsourcing scenario is how to search efficiently within the randomly... 

The IP Multimedia Subsystem is a basis for a significant new architecture which offers network operators the opportunity to expand their services, integrating voice and multimedia communications and delivering them into new environments with new purposes. The IMS is an overlay network on top of IP that uses SIP as the primary signaling mechanism. Using IMS bears several new security challenges. In this paper we provide an overview of IMS and its architecture. Then we represent a secure model to overcome some of IMS security challenges. ©2009 IEEE  

Previously, we have proposed a computational model for decision-making in crisis situations called C-RPD (Computational Recognition Primed Decision). In this paper, a software development process customized for Crisis Situations Decision-Making Systems (CSDMSs) is proposed. Agile processes can skillfully manage uncertainty in software requirements and some of their features like incremental development can solve some problems in developing CSDMSs. However, these processes do not provide comprehensive solutions for issues like the lack of enough knowledge about CSDMSs, very rapid changes, urgent need to overcome security challenges, high development unpredictability, and the performance test....