265 research outputs found

    Secure Cloud-Edge Deployments, with Trust

    Get PDF
    Assessing the security level of IoT applications to be deployed to heterogeneous Cloud-Edge infrastructures operated by different providers is a non-trivial task. In this article, we present a methodology that permits to express security requirements for IoT applications, as well as infrastructure security capabilities, in a simple and declarative manner, and to automatically obtain an explainable assessment of the security level of the possible application deployments. The methodology also considers the impact of trust relations among different stakeholders using or managing Cloud-Edge infrastructures. A lifelike example is used to showcase the prototyped implementation of the methodology

    Finding available services in TOSCA-compliant clouds

    Get PDF
    The OASIS TOSCA specification aims at enhancing the por-ta-bility of cloud applications by defining a language to describe and manage them across heterogeneous clouds. A service template is defined as an orchestration of typed nodes, which can be instantiated by matching other service templates. In this paper, we define and implement the notions of {em exact} and {it plug-in matching} between TOSCA service templates and node types. We then define two other types of matching ({em flexible} and {em white-box}), each permitting to ignore larger sets of non-relevant syntactic differences when type-checking service templates with respect to node types. The paper also describes how a service template that plug-in, flexibly or white-box matches a node type can be suitably adapted so as to exactly match it

    Towards Run-Time Verification of Compositions in the Web of Things using Complex Event Processing

    Get PDF
    Following the vision of the Internet of Things, physical world entities are integrated into virtual world things. Things are expected to become active participants in business and social processes. Then, the Internet of Things could benefit from the Web Service architecture like today’s Web does, so Future ser-vice-oriented Internet things will offer their functionality via service-enabled in-terfaces. In previous work, we demonstrated the need of considering the behav-iour of things to develop applications in a more rigorous way, and we proposed a lightweight model for representing such behaviour. Our methodology relies on the service-oriented paradigm and extends the DPWS profile to specify the order with which things can receive messages. We also proposed a static verifi-cation technique to check whether a mashup of things respects the behaviour, specified at design-time, of the composed things. However, a change in the be-haviour of a thing may cause that some compositions do not fulfill its behaviour anymore. Moreover, given that a thing can receive requests from instances of different mashups at run-time, these requests could violate the behaviour of that thing, even though each mashup fulfills such behaviour, due to the change of state of the thing. To address these issues, we present a proposal based on me-diation techniques and complex event processing to detect and inhibit invalid invocations, so things only receive requests compatible with their behaviour.Work partially supported by projects TIN2008-05932, TIN2012-35669, CSD2007-0004 funded by Spanish Ministry MINECO and FEDER; P11-TIC-7659 funded by Andalusian Government; and Universidad de Málaga, Campus de Excelencia Internacional Andalucía Tec

    Formalizing Web Service Choreographies

    Get PDF
    Current Web service choreography proposals, such as BPEL4WS, BPSS, WSFL, WSCDL or WSCI, provide notations for describing the message flows in Web service collaborations. However, such proposals remain at the descriptive level, without providing any kind of reasoning mechanisms or tool support for checking the compatibility of Web services based on the proposed notations. In this paper we present the formalization of one of these Web service choreography proposals (WSCI), and discuss the benefits that can be obtained by such formalization. In particular, we show how to check whether two or more Web services are compatible to interoperate or not, and, if not, whether the specification of adaptors that mediate between them can be automatically generated ---hence enabling the communication of (a priori) incompatible Web services

    Human-driven application management at the Edge

    Get PDF
    The design and management of Edge systems will proactively involve human intelligence at the Edge, according to a human-driven approach that increases productivity and improves usability. Due to its ubiquity and heterogeneity, the Edge will give to application administrators a more decisional role in application deployment and resource management. Final decisions on where to distribute application components should be informedly taken by them during the entire application lifecycle, accounting for compliance to QoS requirements. As a first step, this requires devising new tools that suitably abstract heterogeneity of edge systems, permit simulating different runtime scenarios and ease human-driven management of such systems by providing meaningful evaluation metrics. In this article, we discuss how human decision-making can be supported to solve QoS-aware management related challenges for Edge computing

    A Declarative Goal-oriented Framework for Smart Environments with LPaaS

    Full text link
    Smart environments powered by the Internet of Things aim at improving our daily lives by automatically tuning ambient parameters (e.g. temperature, interior light) and by achieving energy savings through self-managing cyber-physical systems. Commercial solutions, however, only permit setting simple target goals on those parameters and do not consider mediating conflicting goals among different users and/or system administrators, and feature limited compatibility across different IoT verticals. In this article, we propose a declarative framework to represent smart environments, user-set goals and customisable mediation policies to reconcile contrasting goals encompassing multiple IoT systems. An open-source Prolog prototype of the framework is showcased over two lifelike motivating examples

    Probabilistic QoS-aware Placement of VNF chains at the Edge

    Get PDF
    Deploying IoT-enabled Virtual Network Function (VNF) chains to Cloud-Edge infrastructures requires determining a placement for each VNF that satisfies all set deployment requirements as well as a software-defined routing of traffic flows between consecutive functions that meets all set communication requirements. In this article, we present a declarative solution, EdgeUsher, to the problem of how to best place VNF chains to Cloud-Edge infrastructures. EdgeUsher can determine all eligible placements for a set of VNF chains to a Cloud-Edge infrastructure so to satisfy all of their hardware, IoT, security, bandwidth, and latency requirements. It exploits probability distributions to model the dynamic variations in the available Cloud-Edge infrastructure, and to assess output eligible placements against those variations
    • ‚Ķ