A Trust Model Based on Service Classification in Mobile Services

Internet of Things (IoT) and B3G/4G communication are promoting the pervasive mobile services with its advanced features. However, security problems are also baffled the development. This paper proposes a trust model to protect the user's security. The billing or trust operator works as an agent to provide a trust authentication for all the service providers. The services are classified by sensitive value calculation. With the value, the user's trustiness for corresponding service can be obtained. For decision, three trust regions are divided, which is referred to three ranks: high, medium and low. The trust region tells the customer, with his calculated trust value, which rank he has got and which authentication methods should be used for access. Authentication history and penalty are also involved with reasons.Comment: IEEE/ACM Internet of Things Symposium (IOTS), in conjunction with GreenCom 2010, IEEE, Hangzhou, China, December 18-20, 201

A Survey on Service Composition Middleware in Pervasive Environments

The development of pervasive computing has put the light on a challenging problem: how to dynamically compose services in heterogeneous and highly changing environments? We propose a survey that defines the service composition as a sequence of four steps: the translation, the generation, the evaluation, and finally the execution. With this powerful and simple model we describe the major service composition middleware. Then, a classification of these service composition middleware according to pervasive requirements - interoperability, discoverability, adaptability, context awareness, QoS management, security, spontaneous management, and autonomous management - is given. The classification highlights what has been done and what remains to do to develop the service composition in pervasive environments

DCDIDP: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments

With the growing popularity of cloud computing, the exploitation of possible vulnerabilities grows at the same pace; the distributed nature of the cloud makes it an attractive target for potential intruders. Despite security issues delaying its adoption, cloud computing has already become an unstoppable force; thus, security mechanisms to ensure its secure adoption are an immediate need. Here, we focus on intrusion detection and prevention systems (IDPSs) to defend against the intruders. In this paper, we propose a Distributed, Collaborative, and Data-driven Intrusion Detection and Prevention system (DCDIDP). Its goal is to make use of the resources in the cloud and provide a holistic IDPS for all cloud service providers which collaborate with other peers in a distributed manner at different architectural levels to respond to attacks. We present the DCDIDP framework, whose infrastructure level is composed of three logical layers: network, host, and global as well as platform and software levels. Then, we review its components and discuss some existing approaches to be used for the modules in our proposed framework. Furthermore, we discuss developing a comprehensive trust management framework to support the establishment and evolution of trust among different cloud service providers. © 2011 ICST

Proceedings of International Workshop "Global Computing: Programming Environments, Languages, Security and Analysis of Systems"

According to the IST/ FET proactive initiative on GLOBAL COMPUTING, the goal is to obtain techniques (models, frameworks, methods, algorithms) for constructing systems that are flexible, dependable, secure, robust and efficient. The dominant concerns are not those of representing and manipulating data efficiently but rather those of handling the co-ordination and interaction, security, reliability, robustness, failure modes, and control of risk of the entities in the system and the overall design, description and performance of the system itself. Completely different paradigms of computer science may have to be developed to tackle these issues effectively. The research should concentrate on systems having the following characteristics: • The systems are composed of autonomous computational entities where activity is not centrally controlled, either because global control is impossible or impractical, or because the entities are created or controlled by different owners. • The computational entities are mobile, due to the movement of the physical platforms or by movement of the entity from one platform to another. • The configuration varies over time. For instance, the system is open to the introduction of new computational entities and likewise their deletion. The behaviour of the entities may vary over time. • The systems operate with incomplete information about the environment. For instance, information becomes rapidly out of date and mobility requires information about the environment to be discovered. The ultimate goal of the research action is to provide a solid scientific foundation for the design of such systems, and to lay the groundwork for achieving effective principles for building and analysing such systems. This workshop covers the aspects related to languages and programming environments as well as analysis of systems and resources involving 9 projects (AGILE , DART, DEGAS , MIKADO, MRG, MYTHS, PEPITO, PROFUNDIS, SECURE) out of the 13 founded under the initiative. After an year from the start of the projects, the goal of the workshop is to fix the state of the art on the topics covered by the two clusters related to programming environments and analysis of systems as well as to devise strategies and new ideas to profitably continue the research effort towards the overall objective of the initiative. We acknowledge the Dipartimento di Informatica and Tlc of the University of Trento, the Comune di Rovereto, the project DEGAS for partially funding the event and the Events and Meetings Office of the University of Trento for the valuable collaboration

The Impact Of Technology Trust On The Acceptance Of Mobile Banking Technology Within Nigeria

With advancement in the use of information technology seen as a key factor in economic development, developed countries are increasingly reviewing traditional systems, in various sectors such as education, health, transport and finance, and identifying how they may be improved or replaced with automated systems. In this study, the authors examine the role of technology trust in the acceptance of mobile banking in Nigeria as the country attempts to transition into a cashless economy. For Nigeria, like many other countries, its economic growth is linked, at least in part, to its improvement in information technology infrastructure, as well as establishing secure, convenient and reliable payments systems. Utilising the Technology Acceptance Model, this study investigates causal relationships between technology trust and other factors influencing user’s intention to adopt technology; focusing on the impact of seven factors contributing to technology trust. Data from 1725 respondents was analysed using confirmatory factor analysis and the results showed that confidentiality, integrity, authentication, access control, best business practices and non-repudiation significantly influenced technology trust. Technology trust showed a direct significant influence on perceived ease of use and usefulness, a direct influence on intention to use as well as an indirect influence on intention to use through its impact on perceived usefulness and perceived ease of use. Furthermore, perceived ease of use and perceived usefulness showed significant influence on consumer’s intention to adopt the technology. With mobile banking being a key driver of Nigeria’s cashless economy goals, this study provides quantitative knowledge regarding technology trust and adoption behaviour in Nigeria as well as significant insight on areas where policy makers and mobile banking vendors can focus strategies engineered to improve trust in mobile banking and increase user adoption of their technology

Towards a business model for cellular network and telecommunication operators: a theoretical framework

Cellular networks and telecommunications bring major change to the way businesses are conducted. Mobility has become one of the main priorities for users and this has impacted on cellular networks and telecommunication operators (CNTOs). However, entrants into the cellular industry have been confounded primarily by inexistent or weak Business Models (BMs). Designing a BM for a CNTO is complex and requires multiple actors to balance different and often conflicting design requirements. Nevertheless, most research about CNTOs has been technically oriented and has mainly addressed the technological and engineering issues related to their infrastructure. Less attention has been given to the business model of CNTOs. Hence, there is a need to enhance our ability to determine what constitutes the optimal and most viable business model to meet the various strategic objectives and goals for these CNTOs. In this paper an overview of research into the cellular business model and the main issues to be resolved is provided. In particular, the authors propose guidelines as a basis on which to develop a more comprehensive definition which may lead to a consensus. Moreover, a generic model (V4 Model) is proposed for the BM of these companies based on value proposition, value architecture, value network and value finance

Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy