Kewei Sha

Permanent URI for this collection


Dr. Kewei Sha is an Associate Director of Cyber Security Institute and Assistant Professor of Computer Science at University of Houston-Clear Lake. Dr. Sha's research interests include Internet of Things, Cyber-Physical Systems, Edge Computing, Security and Privacy, and Big Data Analytics..


Recent Submissions

Now showing 1 - 10 of 10
  • Item
    Adaptive Privacy-Preserving Authentication in Vehicular Networks
    (Journal of Computer Science and Technology, 2008) Kewei, Sha
    Vehicular networks have attracted extensive attention in recent years for their promises in improving safety and enabling other value-added services. Most previous work focuses on designing the media access and physical layer protocols. Privacy issues in vehicular networks have not been well addressed. We argue that privacy is a user-specific concept and a good privacy protection mechanism should allow users to select the degree of privacy they wish to have. To address this requirement, we propose an adaptive privacy-preserving authentication mechanism that can trade off the privacy degree with computational and communication overheads (resource usage). This mechanism, to our knowledge, is the first effort on adaptive privacy-preserving authentication. We present analytical and preliminary results to show that the proposed protocol is nt only adaptive but scalable.
  • Item
    Consistency-Driven Data Quality Management in Wireless Sensor Networks
    (Journal of Parallel and Distributed Computing, 2008) Kewei, Sha
    With more and more real deployments of wireless sensor network applications, we envision that their success is nonetheless determined by whether the sensor networks can provide a high-quality stream of data over a long period. In this paper, we propose a consistency-driven data quality management framework called Orchis that integrates the quality of data into an energy-efficient sensor system design. Orchis consists of four components, data consistency models, adaptive data sampling and process protocols, consistency-driven cross-layer protocols, and flexible APIs to manage the data quality, to support the goals of high quality and energy efficiency. We first formally defined a consistency model, which not only includes temporal consistency and numerical consistency but also considers the application-specific requirements of data and data dynamics in the sensing field, Next, we propose an adaptive lazy energy-efficient data collection protocol which adapts the data sampling rate to the data dynamics in the sensing field and keeps lazy when the data consistency is maintained. Finally, we conduct a comprehensive evaluation to the proposed protocol based on both a TOSSIM-based simulation and a real prototype implementation using MICA2 motes. The results from both simulation and prototype show that our protocol reduces the number of delivered messages, improves the quality of collected data, and in turn extends the lifetime of the whole network. Our analysis also implies that a trade-off should be carefully set between data consistency requirements and energy saving based on the specific requirements of different applications.
  • Item
    RD4: Role -Differentiated Cooperative Deceptive Data Detection and Filtering in VANETs
    (IEEE Transactions on Vehicular Technology, 2010) Kewei, Sha
    The data quality of collected sensing data, which determines the practical value of sensing systems, has been studied in several previous efforts; however, we argue that vehicular ad hoc networks (VANETs), which are a particular application of highly dynamic sensing systems, require specific treatments to guarantee data quality. In this paper, we design a mechanism, i.e. RD4, which is a role-differentiated cooperative deceptive data-detection and filtering mechanism, to detect the false data in VANETs. RD4 is evaluated using an extended traffic simulator. Three scenarios, i.e., freeway, road construction on a highway, and a traffic light on a local street, are deployed in general. Evaluation results show that the proposed mechanism can achieve more than 90.00% recall and precision rate in most cases.
  • Item
    Slight Homomorphic Signature for Access Controlling in Cloud Computing
    (Wireless Personal Communications (WIRE), 2013) Kewei, Sha
    With the popularity of cloud computing, how to securely authenticate a user while not releasing a user's sensitive information becomes a challenge. In this paper, we introduce a slight homomorphic signature, which is suitable to implement an access controlling service in cloud computing. In slight homomorphic signature, each user in cloud computing who have a set of identity attributes firstly computes a full signature on all his identity attributes and sends it to a semi-trusted access controlling server. The access controlling server verifies the full signature for all identity attributes. After then, if the user wants to require a cloud service, which may have a special requirement on one of the servers which do not know the secret key can compute a partial signature on this special identity attribute, and then send it to the cloud server for authentication. In the paper, we give a formal secure definition of this slight homomorphic signature, and construct a scheme from Boheh-Boyen signature. We prove that our scheme is secure under a q-SDH problem with a weak adversary.
  • Item
    Data Quality Challenges in Cyber-Physical Systems
    (ACM Journal on Data and Information Quality, 2015) Kewei, Sha
    Recent emerging technologies, which integrate sensing, computation, communication, and control, have changed the way we observe and control the physical world. Cyber-physical systems (CPSs) [Rajkumar et all. 2010] are systems that have been applied in a variety of applications to collect data such as temperature, heart rate, speed, and so on from the physical world and make decisions based on the analysis of the data, thereby controlling and optimizing the physical objects in the real world. We are not only witnessing a seamless consolidation of the physical world and the cyber world but also experiencing a significant change in our lifestyle brought by the CPS.
  • Item
    Security in Internet of Things: Opportunities and Challenges
    (Proceeding of the International Conference on Identification, Information & Knowledge in the Internet of Things, 2016) Kewei, Sha
    Internet of Things (IoT) have become the most pervasive and largest computing platform nowadays. Security plays a more and more important role because of the nature of IoT systems that deal with people's daily life. IoT systems are often composed of low capable devices, which are devices with low computational capability, limited energy supply, or small memory size some traditional security solutions, such as asymmetric key-based protocols and IP-based solutions, cannot be effectively applied to IoT systems. Other factors, such as the tight coupling between the cyber systems and the physical world, the heterogeneity of IoT devices and IoT communication protocols, and the extremely large system scale, make it more challenging to secure IoT systems. Within the context of a general IoT system architecture, this paper investigates special security issues, identifies new challenges, and explores alternative designs of deploying security solutions.
  • Item
    A Secure Framework to Read Isolated Smart Grid Devices
    (2016) Kewei, Sha
    With increasing deployment of smart grid systems, a large quantity of energy usage and grid status data have been collected by smart grid devices like smart meters. To secure these critical and sensitive data, it is crucial to prevent unauthorized readings from these devices. Many authentication protocols have been proposed to control access to smart grid devices that are a part of the smart grid data communication network; however, authentication protocols to control readings from the isolated smart grid devices are mostly ignored. In this paper, we propose a secure and efficient framework to enable secure data readings from the isolated smart grid devices based on a two-phased authentication protocol. The framework not only makes use of the smart reader as a bridge to connect the isolated smart grid device and the smart grid cloud but also considers the physical constraints of all the devices in the systems. Security analysis shows that our framework is efficient and secure under most typical attacks, meanwhile, it satisfies the hardware constraints of smart grid devices. Comprehensive performance evaluation also validates the efficiency of the proposed framework.
  • Item
    EdgeSec: Design of an Edge Layer Security Service to Enhance Internet of Things Security
    (IEEE International Conference on Fog and Edge Computing, 2017) Kewei, Sha
    With the widespread availability of connected smart devices, Internet of Things (IoT) is becoming the world's largest computing platform. These large-scale, heterogeneous, and resource-constrained devices bring many significant new challenges to the design of efficient and reliable IoT systems. Security is one of the most crucial ones that need to be effectively addressed for the wide adoption of IoT systems. In this paper, we first present an in-depth analysis of security challenges in IoT. Then, we propose EdgeSec, the design of a novel security service which is deployed at the Edge layer to enhance the security of IoT systems. EdgeSec consists of seven major components that work together to systematically handle specific security challenges in IoT systems. Finally, the effectiveness of EdgeSec is demonstrated in the context of a typical IoT.
  • Item
    Energy Efficient Algorithms to Construct the Information Potential Field in WSNs
    (IEEE Sensors Journal, 2017) Kewei, Sha
    The information gradient-based routing and navigation protocols have been proved to be effective when collecting data from the wireless sensor networks because the data collector can achieve the global objective through local greedy decision based on the information gradient. An efficient method to establish this information gradient is to solve a discrete approximation to the harmonic function which is called Information Potential Field. However, the energy-efficient and quick convergence methods to construct the IPF should be fully investigated to trade off the energy efficiency and the quality of the IPF, especially in the large-scale networks with high dynamics. In this paper, two algorithms are proposed to efficiently construct the IPF, including Hierarchical Skeleton-based Construction Algorithm (HSCA) and Value Estimating Substitution Algorithm (VESA). Both algorithms obey the typical hypotheses on WSN settings and are the gossip-styled propagation principle. In addition, we propose advanced approaches of construct the IPF to tackle the challenge of its practical application, such as obstacles, task priorities, and sensor energy budget. Comprehensive simulation results show the feasibility of the proposed algorithms, which can reduce the number of iterations to reach a convergence status bby 80% so as to conserve energy, and they perform well considering the requirements of real applications.
  • Item
    Cluster-based Quality-Aware Adaptive Data Compression for Streaming Data
    (ACM Journal of Data and Information Quality, 2017) Kewei, Sha
    Wireless sensor networks (WSNs) are widely applied in data collection applications. Energy efficiency is one of the most important design goals of WSNs. In this article, we examine the tradeoffs between the energy efficiency and the data quality. First, four attributes used to evaluate data quality are formally defined. Then, we propose a novel data compression algorithm, Quality-Aware Adaptive data Compression (QAAC) to reduce the amount of data communications to save energy. QAAC utilizes an adaptive clustering algorithm to build clusters from datasets; then a code for each cluster is generated and stored in a Huffman encoding tree. The encoding algorithm encodes the original dataset based on the Huffman encoding tree. An improvement algorithm is also designed to reduce the information loss when data are compressed. After the encoded data, the Huffman encoding tree, and parameters used in the improvement algorithm have been received at the sink, a decompression algorithm is used to retrieve the approximation of the original dataset. The performance evaluation shows that QAAC is efficient and achieves a much higher compression ratio than lossy and lossless compression algorithms, while it has much smaller information loss than lossy compression algorithms.