A flexible architecture for privacy-aware trust management

In service-oriented systems a constellation of services cooperate, sharing potentially sensitive information and responsibilities. Cooperation is only possible if the different participants trust each other. As trust may depend on many different factors, in a flexible framework for Trust Management (TM) trust must be computed by combining different types of information. In this paper we describe the TAS3 TM framework which integrates independent TM systems into a single trust decision point. The TM framework supports intricate combinations whilst still remaining easily extensible. It also provides a unified trust evaluation interface to the (authorization framework of the) services. We demonstrate the flexibility of the approach by integrating three distinct TM paradigms: reputation-based TM, credential-based TM, and Key Performance Indicator TM. Finally, we discuss privacy concerns in TM systems and the directions to be taken for the definition of a privacy-friendly TM architecture.\u

Supporting access control policies across multiple operating systems

The evaluation of computer systems has been an important issue for many years, as evidenced by the introduction of in-dustry evaluation guides such as the Rainbow Books and the more recent Common Criteria for IT Security Evaluation. As organizations depend on the Internet for their daily op-erations, the need for evaluation is even more apparent due to new security risks. It is not uncommon for large organi-zations to evaluate different systems, such as operating sys-tems, to identify which would best fit their security policy. Each system would undoubtedly use different methods to represent access control policies. The security policy would therefore need to be translated into specific access control policies that each system understands, which is challenging when large and complex systems are involved. In this pa-per, we focus on the evaluation of operating systems. We describe Chameleos, a policy specification language that is designed to specify the access control policies of multiple op-erating systems. The strength of Chameleos is its flexibility to cater to many operating systems, while remaining suf-ficiently extensible to support the specific features of each system. We describe the design and architecture of Cha-meleos, and demonstrate that Chameleos can flexibly and effectively represent the access control policies of grsecurity and SELinux – two very different systems

Network coding: from theory to media streaming

Network coding has recently emerged as an alternative to traditional routing algorithms in communication systems. In network coding, the network nodes can combine the packets they receive before forwarding them to the neighbouring nodes. Intensive research efforts have demonstrated that such a processing in the network nodes can provide advantages in terms of throughput or robustness. These potentials, combined with the advent of ad hoc and wireless delivery architectures have triggered the interest of research community about the application of the network coding principles to streaming applications. This paper describes the potentials of network coding in emerging delivery architectures such as overlay or peer-to-peer networks. It overviews the principles of practical network coding algorithms and outlines the challenges posed by multimedia streaming applications. Finally, it provides a survey of the recent work on the application of network coding to media streaming applications, both in wireless or wired communication scenarios. Promising results have been demonstrated where network coding is able to bring benefits in media streaming applications. However, delay and complexity constraints are often posed as the main challenging issues that still prevent the wide-scale deployment of network coding algorithms in multimedia communication

Network coding meets multimedia: a review

While every network node only relays messages in a traditional communication system, the recent network coding (NC) paradigm proposes to implement simple in-network processing with packet combinations in the nodes. NC extends the concept of "encoding" a message beyond source coding (for compression) and channel coding (for protection against errors and losses). It has been shown to increase network throughput compared to traditional networks implementation, to reduce delay and to provide robustness to transmission errors and network dynamics. These features are so appealing for multimedia applications that they have spurred a large research effort towards the development of multimedia-specific NC techniques. This paper reviews the recent work in NC for multimedia applications and focuses on the techniques that fill the gap between NC theory and practical applications. It outlines the benefits of NC and presents the open challenges in this area. The paper initially focuses on multimedia-specific aspects of network coding, in particular delay, in-network error control, and mediaspecific error control. These aspects permit to handle varying network conditions as well as client heterogeneity, which are critical to the design and deployment of multimedia systems. After introducing these general concepts, the paper reviews in detail two applications that lend themselves naturally to NC via the cooperation and broadcast models, namely peer-to-peer multimedia streaming and wireless networkin

TOWARDS AUTOMATING POLICY- BASED MANAGEMENT SYSTEMS

The goal of distributed systems management is to provide reliable, secure and efficient utilization of the network, processors and devices that comprise those systems. The management system makes use of management agents to collect events and data from managed objects while policies provide information on how to modify the behaviour of a managed system. Systems as well as policies governing the behaviour of the system and its constituents can change dynamically. The aim of this work is to provide the services and algorithms needed to automatically identify and deploy management entities and be able to respond automatically to both changes to the system itself as well as to changes in the way the system is to be managed, i.e., changes to the set of management policies or sets of management agents. One significant challenge in the use of policy-based management systems is finding efficient mechanisms to address and simplify the gap between expressing and specifying policies and an actual configuration of a management system that realizes and makes use of policies. Little work has been done to define how the monitoring operations are to be configured and updated according to the policies. This Thesis proposes a general architecture for a policy-based management system for distributed systems which allows for expressing and automating the deployment of a wide range of management policies. The proposed solution is based on the matching between the management operations that are carried out by the management agents and the policies. The matching process relies on the attributes that the agents can monitor and the extracted attributes from the components of the policies. One major contribution of this Thesis is to build the policy model and services on existing management services found in commercial management systems. The work of this Thesis also focuses in finding87 strategies for selecting and configuring agents to be used to keep the time of a policy deployment low. The Thesis introduces the Policy-Management Agent Integrated Console (PMagic) prototype. The PMagic prototype has been implemented to provide a practical validation of the policy based management system model proposed. The approach, architecture and prototype have demonstrated that it is possible to create a more autonomic management system, particularly one that can instantiate agents to react to changes in sets of policies

Cooperative Interval Caching in Clustered Multimedia Servers

In this project, we design a cooperative interval caching (CIC) algorithm for clustered video servers, and evaluate its performance through simulation. The CIC algorithm describes how distributed caches in the cluster cooperate to serve a given request. With CIC, a clustered server can accommodate twice (95%) more number of cached streams than the clustered server without cache cooperation. There are two major processes of CIC to find available cache space for a given request in the cluster: to find the server containing the information about the preceding request of the given request; and to find another server which may have available cache space if the current server turns out not to have enough cache space. The performance study shows that it is better to direct the requests of the same movie to the same server so that a request can always find the information of its preceding request from the same server. The CIC algorithm uses scoreboard mechanism to achieve this goal. The performance results also show that when the current server fails to find cache space for a given request, randomly selecting a server works well to find the next server which may have available cache space. The combination of scoreboard and random selection to find the preceding request information and the next available server outperforms other combinations of different approaches by 86%. With CIC, the cooperative distributed caches can support as many cached streams as one integrated cache does. In some cases, the cooperative distributed caches accommodate more number of cached streams than one integrated cache would do. The CIC algorithm makes every server in the cluster perform identical tasks to eliminate any single point of failure, there by increasing availability of the server cluster. The CIC algorithm also specifies how to smoothly add or remove a server to or from the cluster to provide the server with scalability

Access Control Administration with Adjustable Decentralization

Access control is a key function of enterprises that preserve and propagate massive data. Access control enforcement and administration are two major components of the system. On one hand, enterprises are responsible for data security; thus, consistent and reliable access control enforcement is necessary although the data may be distributed. On the other hand, data often belongs to several organizational units with various access control policies and many users; therefore, decentralized administration is needed to accommodate diverse access control needs and to avoid the central bottleneck. Yet, the required degree of decentralization varies within different organizations: some organizations may require a powerful administrator in the system; whereas, some others may prefer a self-governing setting in which no central administrator exists, but users fully manage their own data. Hence, a single system with adjustable decentralization will be useful for supporting various (de)centralized models within the spectrum of access control administration. Giving individual users the ability to delegate or grant privileges is a means of decentralizing access control administration. Revocation of arbitrary privileges is a means of retaining control over data. To provide flexible administration, the ability to delegate a specific privilege and the ability to revoke it should be held independently of each other and independently of the privilege itself. Moreover, supporting arbitrary user and data hierarchies, fine-grained access control, and protection of both data (end objects) and metadata (access control data) with a single uniform model will provide the most widely deployable access control system. Conflict resolution is a major aspect of access control administration in systems. Resolving access conflicts when deriving effective privileges from explicit ones is a challenging problem in the presence of both positive and negative privileges, sophisticated data hierarchies, and diversity of conflict resolution strategies. This thesis presents a uniform access control administration model with adjustable decentralization, to protect both data and metadata. There are several contributions in this work. First, we present a novel mechanism to constrain access control administration for each object type at object creation time, as a means of adjusting the degree of decentralization for the object when the system is configured. Second, by controlling the access control metadata with the same mechanism that controls the users’ data, privileges can be granted and revoked to the extent that these actions conform to the corporation’s access control policy. Thus, this model supports a whole spectrum of access control administration, in which each model is characterized as a network of access control states, similar to a finite state automaton. The model depends on a hierarchy of access banks of authorizations which is supported by a formal semantics. Within this framework, we also introduce the self-governance property in the context of access control, and show how the model facilitates it. In particular, using this model, we introduce a conflict-free and decentralized access control administration model in which all users are able to retain complete control over their own data while they are also able to delegate any subset of their privileges to other users or user groups. We also introduce two measures to compare any two access control models in terms of the degrees of decentralization and interpretation. Finally, as the conflict resolution component of access control models, we incorporate a unified algorithm to resolve access conflicts by simultaneously supporting several combined strategies

Usage Policies for Decentralised Information Processing

Owners impose usage restrictions on their information, which can be based e.g. on privacy laws, copyright law or social conventions. Often, information is processed in complex constellations without central control. In this work, we introduce technologies to formally express usage restrictions in a machine-interpretable way as so-called policies that enable the creation of decentralised systems that provide, consume and process distributed information in compliance with their usage restrictions