206,493 research outputs found
SafeWeb: A Middleware for Securing Ruby-Based Web Applications
Web applications in many domains such as healthcare and finance must process sensitive data, while complying with legal policies regarding the release of different classes of data to different parties. Currently, software bugs may lead to irreversible disclosure of confidential data in multi-tier web applications. An open challenge is how developers can guarantee these web applications only ever release sensitive data to authorised users without costly, recurring security audits.
Our solution is to provide a trusted middleware that acts as a âsafety netâ to event-based enterprise web applications by preventing harmful data disclosure before it happens. We describe the design and implementation of SafeWeb, a Ruby-based middleware that associates data with security labels and transparently tracks their propagation at different granularities across a multi-tier web architecture with storage and complex event processing. For efficiency, maintainability and ease-of-use, SafeWeb exploits the dynamic features of the Ruby programming language to achieve label propagation and data flow enforcement. We evaluate SafeWeb by reporting our experience of implementing a web-based cancer treatment application and deploying it as part of the UK National Health Service (NHS)
A Software Defined Networking Architecture for DDoS-Attack in the storage of Multi-Microgrids
Multi-microgrid systems can improve the resiliency and reliability of the power system network. Secure communication for multi-microgrid operation is a crucial issue that needs to be investigated. This paper proposes a multi-controller software defined networking (SDN) architecture based on fog servers in multi-microgrids to improve the electricity grid security, monitoring and controlling. The proposed architecture defines the support vector machine (SVM) to detect the distributed denial of service (DDoS) attack in the storage of microgrids. The information of local SDN controllers on fog servers is managed and supervised by the master controller placed in the application plane properly. Based on the results of attack detection, the power scheduling problem is solved and send a command to change the status of tie and sectionalize switches. The optimization application on the cloud server implements the modified imperialist competitive algorithm (MICA) to solve this stochastic mixed-integer nonlinear problem. The effective performance of the proposed approach using an SDN-based architecture is evaluated through applying it on a multi-microgrid based on IEEE 33-bus radial distribution system with three microgrids in simulation results
Multi-stakeholder Interactive Simulation for Federated Satellite Systems
Federated satellite systems (FSS) are a new class of space-based systems which emphasize a distributed architecture. New information exchanging functions among FSS members enable data transportation, storage, and processing as on-orbit services. As a system-of-systems, however there are significant technical and social barriers to designing a FSS. To mitigate these challenges, this paper develops a multi-stakeholder interactive simulation for use in future design activities. An FSS simulation interface is defined using the High Level Architecture to include orbital and surface assets and associated transmitters, receivers, and signals for communication. Sample simulators (federates) using World Wind and Orekit open source libraries are applied in a prototype simulation (federation). The application case studies a conceptual FSS using the International Space Station (ISS) as a service platform to serve Earth-observing customers in sun-synchronous orbits (SSO). Results identify emergent effects between FSS members including favorable ISS power conditions and potential service bottlenecks to serving SSO customers
Monitoring Large-Scale Cloud Systems with Layered Gossip Protocols
Monitoring is an essential aspect of maintaining and developing computer
systems that increases in difficulty proportional to the size of the system.
The need for robust monitoring tools has become more evident with the advent of
cloud computing. Infrastructure as a Service (IaaS) clouds allow end users to
deploy vast numbers of virtual machines as part of dynamic and transient
architectures. Current monitoring solutions, including many of those in the
open-source domain rely on outdated concepts including manual deployment and
configuration, centralised data collection and adapt poorly to membership
churn.
In this paper we propose the development of a cloud monitoring suite to
provide scalable and robust lookup, data collection and analysis services for
large-scale cloud systems. In lieu of centrally managed monitoring we propose a
multi-tier architecture using a layered gossip protocol to aggregate monitoring
information and facilitate lookup, information collection and the
identification of redundant capacity. This allows for a resource aware data
collection and storage architecture that operates over the system being
monitored. This in turn enables monitoring to be done in-situ without the need
for significant additional infrastructure to facilitate monitoring services. We
evaluate this approach against alternative monitoring paradigms and demonstrate
how our solution is well adapted to usage in a cloud-computing context.Comment: Extended Abstract for the ACM International Symposium on
High-Performance Parallel and Distributed Computing (HPDC 2013) Poster Trac
Towards Transaction as a Service
This paper argues for decoupling transaction processing from existing
two-layer cloud-native databases and making transaction processing as an
independent service. By building a transaction as a service (TaaS) layer, the
transaction processing can be independently scaled for high resource
utilization and can be independently upgraded for development agility.
Accordingly, we architect an execution-transaction-storage three-layer
cloud-native database. By connecting to TaaS, 1) the AP engines can be
empowered with ACID TP capability, 2) multiple standalone TP engine instances
can be incorporated to support multi-master distributed TP for horizontal
scalability, 3) multiple execution engines with different data models can be
integrated to support multi-model transactions, and 4) high performance TP is
achieved through extensive TaaS optimizations and consistent evolution.
Cloud-native databases deserve better architecture: we believe that TaaS
provides a path forward to better cloud-native databases
Multi-Paradigm Reasoning for Access to Heterogeneous GIS
Accessing and querying geographical data in a uniform way has become easier in recent years. Emerging standards like WFS turn
the web into a geospatial web services enabled place. Mediation
architectures like VirGIS overcome syntactical and semantical heterogeneity
between several distributed sources. On mobile devices,
however, this kind of solution is not suitable, due to limitations,
mostly regarding bandwidth, computation power, and available storage
space. The aim of this paper is to present a solution for providing
powerful reasoning mechanisms accessible from mobile applications
and involving data from several heterogeneous sources.
By adapting contents to time and location, mobile web information
systems can not only increase the value and suitability of the
service itself, but can substantially reduce the amount of data delivered
to users. Because many problems pertain to infrastructures
and transportation in general and to way finding in particular, one
cornerstone of the architecture is higher level reasoning on graph
networks with the Multi-Paradigm Location Language MPLL. A
mediation architecture is used as a âgraph providerâ in order to
transfer the load of computation to the best suited component â
graph construction and transformation for example being heavy on
resources. Reasoning in general can be conducted either near the
âsourceâ or near the end user, depending on the specific use case.
The concepts underlying the proposal described in this paper are
illustrated by a typical and concrete scenario for web applications
System architecture and deployment scenarios for SESAME: small cEllS coordinAtion for Multi-tenancy and Edge services
The surge of the Internet traffic with exabytes of data flowing over operatorsâ mobile networks has created the need to rethink the paradigms behind the design of the mobile network architecture. The inadequacy of the 4G UMTS Long term Evolution (LTE) and even of its advanced version LTE-A is evident, considering that the traffic will be extremely heterogeneous in the near future and ranging from 4K resolution TV to machine-type communications. To keep up with these changes, academia, industries and EU institutions have now engaged in the quest for new 5G technology. In this paper we present the innovative system design, concepts and visions developed by the 5G PPP H2020 project SESAME (Small cEllS coordinAtion for Multi-tenancy and Edge services). The innovation of SESAME is manifold: i) combine the key 5G small cells with cloud technology, ii) promote and develop the concept of Small Cells-as-a-Service (SCaaS), iii) bring computing and storage power at the mobile network edge through the development of non-x86 ARM technology enabled micro-servers, and iv) address a large number of scenarios and use cases applying mobile edge computing
- âŚ