RIT Visiting Journey

Location Services and Global Positioning Services (GPS) are at the forefront of modern navigation and are essential in every human’s life if not used on a regular basis. With the uprise in digital and smart technology in terms of the Internet of Things and their own branch of technological devices, indoor location positioning and navigation have become a much sought-after technology, especially for malls, airports, and hospitals. The same can be said about location sharing, as is present in many mobile applications that all ages appear to be using regularly as the social media fad only increases its customer base. This project built a secure android application that utilizes the Omniaccess Stellar BLE devices, the Node JS REST API, the database models, and the Active Directory used to authenticate students and staff of RIT sharing of location information between users and a NodeJS Server. The mobile application should also be available to guests of RIT, such as Visitors, yet present with different options based on permissions and authorization. The first version of this application, see the figure below, has been developed by Jarryd Brits and Mateo Vieujot-Mouquet, RIT students, and supervised by Prof. Wesam Almobaideen and Omar Abdul Latif.

Lightweight Authentication Protocol for Drone Package Delivery

This project proposes a solution to the delivery of goods using unmanned vehicles, namely drones. The prototype built involves 3 parties. A control center, in charge of receiving orders and dispatching drones, a drone that will carry out the package, and a home device that is connected to a user computer or appliance. To ensure the security of the communication between these parties, an authentication protocol has been designed and implemented. All interactions are safe with the goal of preserving confidentiality, availability, and integrity. In order to verify the user during the delivery, the drone equipped with a camera will perform a facial recognition scan. This scan is mandatory in this process and as a second factor of authentication, the user must also present the QR code received when the order was placed. The design of this solution has been done using 3 Raspberry Pi boards representing the parties. These boards are all connected to the same network and administrated remotely by the project team. The core programming language used for this Python, and is the choice made thanks to its wide variety of libraries for encryption, image processing, video capture, and its great compatibility. The project, see the figure below, has been developed by Michael Nlend, Saleh Sabbagh, and Rohan Bhadiyadra and supervised by prof Wesam Almobaideen.

Hamad Alblooshi, Sahar AbdelBasit, Qusai Hasan, Wesam Almobaideen, Anonymous authentication scheme for a smart home environment

The internet of things (IoT) has grown in importance in recent years. A smart home allows a person to control smart home equipment from anywhere in the world through the internet. Since the user and the smart devices connect on unreliable communication networks, the transmitted confidential data gathered by the smart devices may be vulnerable to a hostile adversary disclosure and modification. As a result, designing and developing an efficient and anonymous authentication scheme to ensure safe communication in the smart home setting is critical. In the last decade, comprehensive research has been undertaken on this security issue, but some of the results are insecure. In this article, we reviewed the recent schemes, compared them, observed common issues, and gave recommendations. Additionally, we propose a secure and lightweight authentication protocol for IoT-based smart home environments we show that the suggested scheme has substantially superior protection and accessibility capabilities, providing the desired security and resisting most potential threats by rigorous comparative analysis. The communication overhead and computational cost are analyzed and compared with other related schemes. In addition, we used the AVISPA tool to evaluate our scheme. Our proposed scheme is well suited to real-world scenarios and environments, see the figure below.

Afra Ibrahim, Osama Masoud, Wesam Almobaideen, Zero-Trust Architecture: A Fuzzy based Trust Score Model

Adopting digital transformation yields to expanding the infrastructure beyond the classical enterprise boundaries. Hence, the legacy security approach of “trusted and untrusted” that enforces the security only at its perimeter is not sufficient anymore. As a security measure, a Zero Trust (ZT) model, a modern approach that shifts the enterprise traditional infrastructure, is being adopted and suggests that all endpoints and traffic should be handled with no or least trust given regardless of the source of the request/traffic. In this paper, a survey of different Zero-Trust models and approaches will be addressed by discussing its key aspects and components and by tackling the differences of these models and their core component, followed by a discussion, evaluation of the discussed models and the motivation of this research paper, and finally, the proposed workaround the trust assessment based on fuzzy logic and its implementation, see the figure below.