Resilient and Efficient Delivery over Message Oriented Middleware.

PhDThe publish/subscribe paradigm is used to support a many-to-many model that allows an efficient dissemination of messages across a distributed system. Message Oriented Middleware (MOM) is a middleware that provides an asynchronous method of passing information between networked applications. MOMs can be based on a publish/subscribe model, which offers a robust paradigm for message delivery. This research is concerned with this specific type of MOM. Recently, systems using MOMs have been used to integrate enterprise systems over geographically distributed areas, like the ones used in financial services, telecommunication applications, transportation and health-care systems. However, the reliability of a MOM system must be verified and consideration given to reachability to all intended destinations typically with to guarantees of delivery. The research in this thesis provides an automated means of checking the (re)configuration of a publish/subscribe MOM system by building a model and using Linear-time Temporal Logic and Computation Tree Logic rules to verify certain constraints. The verification includes the checking of the reachability of different topics, the rules for regulating the working of the system, and checking the configuration and reconfiguration after a failure. The novelty of this work is the creation and the optimization of a symbolic model checker that abstracts the end-to-end network configuration and reconfiguration behaviour and using it to verify reachability and loop detection. In addition a GUI interface, a code generator and a sub-paths detector are implemented to make the system checking more user-friendly and efficient. The research then explores another aspect of reliability. The requirements of mission critical service delivery over a MOM infrastructure is considered and we propose a new way of supporting rapid recovery from failures using pre-calculated routing Abstract tables and coloured flows that can operate across multiple Autonomous System domains. The approach is critically appraised in relation to other published schemes

Discovery and Push Notification Mechanisms for Mobile Cloud Services

Viimase viie aasta jooksul on mobiilsed seadmed nagu sülearvutid, pihuarvutid, nutitelefonid jmt. tunginud peaaegu kõigisse inimeste igapäevaelu tegevustesse. Samuti on põhjalik teadus- ja arendustegevus mobiilsete tehnoloogiate vallas viinud märkimisväärsete täiustusteni riistvara, tarkvara ja andmeedastuse alal. Tänapäeval on mobiilsed seadmed varustatud sisseehitatud sensorite, kaamera, puutetundliku ekraani, suurema hulga mäluga, kuid ka tõhusamate energiatarbemehhanismidega. Lisaks on iOS ja Android operatsioonisüsteemide väljalaske tõttu suurenenud nii mobiilirakenduste arv kui keerukus, pakkudes arvukamalt kõrgetasemelisi rakendusi. Sarnaselt on toimunud olulised arengud ja standardiseerimisele suunatud jõupingutused veebiteenusete valdkonnas ja elementaarsetele veebiteenuste ligipääsu kasutatakse laialdaselt nutitelefonidest. See on viinud loogilise järgmise sammuna veebiteenuste pakkumiseni nutitelefonidest. Telefonidest veebiteenuste pakkumise kontseptsioon ei ole uus ning seda on põhjalikult uurinud Srirama, kes pakkus välja Mobile Host (Mobiilne Veebiteenuse Pakkuja) kontseptsiooni. Algne realisatsioon kasutas aga aegunud tehnoloogiaid nagu JMEE, PersonalJava, SOAP arhitektuur jne. See töö uuendab Mobile Host'i kasutades uusimaid tehnoloogiad, nagu Android OS ja REST arhitektuur, ning pakub välja teenusemootori, mis põhineb Apache Felix'il - OSGi platvormi realisatsioonil piiratud ressurssidega seadmetele. Hämmastava kiirusega toimunud arengud mobiilsete arvutuste vallas võimaldavad uue põlvkonna veebirakenduste loomist valdkondades nagu keskkonnateadlikkus, sotsiaalvõrgustikud, koostöövahendid, asukohapõhised teenused jne. Sellised rakendused saavad ära kasutada Mobile Host'i võimalusi. Selle tulemusena on klientidel ligipääs väga suurele hulgale teenustele, mistõttu tekib vajadus efektiivse teenuste avastamise mehhanismi järele. See töö pakub välja kataloogipõhise avastusmehhanismi võrgu ülekatte toega suurtele, kõrge liikuvusega võrgustikele. See mehhanism toetub OWL-S'le, mis on ontoloogia veebiteenuseid pakkuvate ressursside avastamiseks, väljakutseks, koostamiseks ja jälgimiseks. Töö kirjeldab ka Srirama välja pakutud algupärast teenuste avastamise mehhanismi, mis toetub peer-to-peer võrkudele ja Apache Lucene võtmesõna otsingumootorile. Uurimuse käigus uuendatakse teenuseotsing kasutama Apache Solr'i, Apache Lucene'i viimast versiooni. Teenuste avastust testiti põhjalikult ja tulemused on töös kokkuvõtvalt välja toodud. Mobiilsete tehnoloogiate vallas uuritakse ka võimalust kasutada pilvetehnolologiat laiendamaks mobiilseadmete salvestusmahtu ja töökoormust edastades pilve andme- ja arvutusmahukad ülesanded. See soodustab keerulisemate ja võimalusrohkemate mobiilirakenduste arendust. Pilve delegeeritavate toimingute aeganõudva iseloomu tõttu aga on vajalik asünkroonne mehhanism teavitamaks kasutajat, millal töömahukad tegevused on lõpetatud. Mobiilsete pilveteenuste pakkujad ja vahevara lahendused võivad kasu saada Mobile Host'ist ja selle asünkroonsete teavituste võimekusest. Uurimus esitleb nelja teavitusmehhanismi: AC2DM, APNS, IBM MQTT ja Mobile Host'i põhine teavitus. Töö võtab kokku kvantitatiivse analüüsi tulemused ja toob välja nelja teavitamise lähenemise tugevused ja nõrkused. Lisaks kirjeldatakse CroudSTag rakenduse realisatsiooni - CroudSTag on mobiilirakendus, mille eesmärgiks on sotsiaalsete gruppide moodustamine kasutades näotuvastustehnoloogiat. CroudSTag-i realisatsioon kasutab mobiilseid pilveteenuseid ja Mobile Host'i, et pakkuda oma funktsionaalsust kasutajale.In the last lustrum the mobile devices such as laptops, PDAs, smart phones, tablets, etc. have pervaded almost all the environments where people perform their day-to-day activities. Further, the extensive Research and Development in mobile technologies has led to significant improvements in hardware, software and transmission. Similarly, there are significant developments and standardization efforts in web services domain and basic web services have been widely accessed from smart phones. This has lead to the logical next step of providing web services from the smart phones. The concept of the web service provisioning from smart phones is not new and has been extensively explored by Srirama who proposed the concept of Mobile Host. However, the original implementation considered aged technologies such as JMEE, PersonalJava, SOAP architecture among others. This work updates the Mobile Host to the latest technologies like Android OS and REST architecture and proposes a service engine based on Apache Felix, and OSGI implementation for resource constraint devices. Moreover, the astonishing speed in developments in mobile computing enable the new generation of applications from domains such as context-awareness, social network, collaborative tools, location based services, etc., which benefit from the Mobile Host service provisioning capabilities. As a result the clients have access to a huge number of services available; therefore, an efficient and effective service discovery mechanism is required. The thesis proposes a directory-based with network overlay support discovery mechanism for large networks with high mobility. The proposed discovery mechanism relies in OWL-S, an ontology for service discovery, invocation, composition, and monitoring of web resources. The work also considers the original service discovery mechanism proposed by Srirama relying in peer-to-peer networks and Apache Lucene, a keyword search engine. The study updates the service search to Apache Solr, the latest development for Apache Lucene. The service discovery was extensively tested and the results are summarized in this work. Mobile technologies are looking into the clouds for extending their capabilities in storage and processing by offloading data and process intensive tasks. This fosters the development of more complex and rich mobile applications. However, due to the time-consuming nature of the tasks delegated to the clouds, an asynchronous mechanism is necessary for notifying the user when the intensive tasks are completed. Mobile cloud service providers and Middleware solutions might benefit from Mobile Host and its asynchronous notification capabilities. The study presents four push notification mechanisms being AC2DM, APNS, IBM MQTT and Mobile Host based push notification. The work summarizes the results of a quantitative analysis and highlights the strengths and weakness of the four notifications approaches. In addition, it explains CroudSTag realization, a mobile application that aims the social group formation by means of facial recognition that relies in mobile cloud services and Mobile Host to provide its functionality to the user

Service substitution : a behavioral approach based on Petri Nets

Service-Oriented Computing is an emerging computing paradigm that supports the modular design of (software) systems. Complex systems are designed by composing less complex systems, called services. Such a (complex) system is a distributed application often involving several cooperating enterprises. As a system usually changes over time, individual services will be substituted by other services. Substituting one service by another one should not affect the correctness of the overall system. Assuring correctness becomes particularly challenging, as the services rely on each other, and each of the involved enterprises only oversees a part of the overall system. In addition, services communicate asynchronously which makes the analysis even more difficult. For this reason, formal methods to support service substitution are indispensable. In this thesis, we study service substitution at the level of service models. Thereby we restrict ourselves to service behavior. As a formalism to model service behavior, we use Petri nets. The first contribution of this thesis is the definition of several substitutability criteria that are suitable in the context of Service-Oriented Computing. Substituting a service S by a service S0 should preserve some behavioral properties of the overall system. For each set of behavioral properties and a given service S, there exists a set of behaviorally compatible services for S. A substitutability criterion defines which of these behaviorally compatible services of S have to be preserved by S0. We relate our substitutability criteria to preorders and equivalences known from process theory. The second contribution of this thesis is to present, for each substitutability criterion, a procedure to decide whether a service S0 can substitute a service S. The decision requires the comparison of the in general infinite sets of behaviorally compatible services for the services S and S0. Hence, we extend existing work on an abstract representation of all behaviorally compatible services for a given service. For each notion of behavioral compatibility, we present an algorithmic solution to represent all behaviorally compatible services. Based on these representations, we can decide substitutability of a service S by a service S0. The third contribution of this thesis is a method to support the design of a service S0 that can substitute a service S according to a substitutability criterion. Our approach is to derive a service S0 from the service S by stepwise transformation. To this end, we present several transformation rules. Finally, we formalize and we extend the equivalence notion for services specified in the language WS-BPEL. That way, we demonstrate the applicability of our work

ASiMOV: Microservices-based verifiable control logic with estimable detection delay against cyber-attacks to cyber-physical systems

The automatic control in Cyber-Physical-Systems brings advantages but also increased risks due to cyber-attacks. This Ph.D. thesis proposes a novel reference architecture for distributed control applications increasing the security against cyber-attacks to the control logic. The core idea is to replicate each instance of a control application and to detect attacks by verifying their outputs. The verification logic disposes of an exact model of the control logic, although the two logics are decoupled on two different devices. The verification is asynchronous to the feedback control loop, to avoid the introduction of a delay between the controller(s) and system(s). The time required to detect a successful attack is analytically estimable, which enables control-theoretical techniques to prevent damage by appropriate planning decisions. The proposed architecture for a controller and an Intrusion Detection System is composed of event-driven autonomous components (microservices), which can be deployed as separate Virtual Machines (e.g., containers) on cloud platforms. Under the proposed architecture, orchestration techniques enable a dynamic re-deployment acting as a mitigation or prevention mechanism defined at the level of the computer architecture. The proposal, which we call ASiMOV (Asynchronous Modular Verification), is based on a model that separates the state of a controller from the state of its execution environment. We provide details of the model and a microservices implementation. Through the analysis of the delay introduced in both the control loop and the detection of attacks, we provide guidelines to determine which control systems are suitable for adopting ASiMOV. Simulations show the behavior of ASiMOV both in the absence and in the presence of cyber-attacks

Towards Automated Network Configuration Management

Modern networks are designed to satisfy a wide variety of competing goals related to network operation requirements such as reachability, security, performance, reliability and availability. These high level goals are realized through a complex chain of low level configuration commands performed on network devices. As networks become larger, more complex and more heterogeneous, human errors become the most significant threat to network operation and the main cause of network outage. In addition, the gap between high-level requirements and low-level configuration data is continuously increasing and difficult to close. Although many solutions have been introduced to reduce the complexity of configuration management, network changes, in most cases, are still manually performed via low--level command line interfaces (CLIs). The Internet Engineering Task Force (IETF) has introduced NETwork CONFiguration (NETCONF) protocol along with its associated data--modeling language, YANG, that significantly reduce network configuration complexity. However, NETCONF is limited to the interaction between managers and agents, and it has weak support for compliance to high-level management functionalities. We design and develop a network configuration management system called AutoConf that addresses the aforementioned problems. AutoConf is a distributed system that manages, validates, and automates the configuration of IP networks. We propose a new framework to augment NETCONF/YANG framework. This framework includes a Configuration Semantic Model (CSM), which provides a formal representation of domain knowledge needed to deploy a successful management system. Along with CSM, we develop a domain--specific language called Structured Configuration language to specify configuration tasks as well as high--level requirements. CSM/SCL together with NETCONF/YANG makes a powerful management system that supports network--wide configuration. AutoConf supports two levels of verifications: consistency verification and behavioral verification. We apply a set of logical formalizations to verifying the consistency and dependency of configuration parameters. In behavioral verification, we present a set of formal models and algorithms based on Binary Decision Diagram (BDD) to capture the behaviors of forwarding control lists that are deployed in firewalls, routers, and NAT devices. We also adopt an enhanced version of Dyna-Q algorithm to support dynamic adaptation of network configuration in response to changes occurred during network operation. This adaptation approach maintains a coherent relationship between high level requirements and low level device configuration. We evaluate AutoConf by running several configuration scenarios such as interface configuration, RIP configuration, OSPF configuration and MPLS configuration. We also evaluate AutoConf by running several simulation models to demonstrate the effectiveness and the scalability of handling large-scale networks

Composition de composants dynamiques basée sur des descriptions de leur comportement

Abstract: This thesis proposes solutions to four new problems stemming from a general framework of horizontal behavior composition, in which transition systems are used to model behaviors. The framework allows the realization of a new behavior from a set of available behaviors, through the synthesis of a controller, which delegates each action of the new behavior to an available behavior for execution. In this thesis, the behaviors are associated with software components—such as web services—, hardware components—such as connected objects—, or even agents. Besides, a composition consists of a controller and the behaviors interacting with the controller for realizing a target behavior, for example the one of a new agent. The first problem considers that the behaviors are subject to real-time constraints. The controller synthesis is done using the same algorithms as those of the general framework. Two additional steps are, however, required: one for modeling the interactions between the controller and behaviors in a closed-loop control system and another one for checking whether the closed-loop control system is deadlock free in all of its execution according to the set of real-time constraints. The second problem concerns the assembly of compositions. In contrast to the general framework that uses transition systems as modeling formalism in a purely monolithic control context, the proposed approach, on one hand, uses a process calculus as a formalism to represent all the elements of the closed-loop control system, and, on the other hand, performs a modular control to combine controllers using process calculus operators in order to obtain a global control. The third problem is an extension of the controller synthesis problem when the operations of the behaviors have qualitative or quantitative attributes and the operations of the target behavior are expressed in the form of preferences. The horizontal preference-based behavior composition makes it possible to realize a new behavior that could not be realized without considering preferences. Finally, the last problem is the formation of a most robust team of agents at a lower cost. It is formulated as a multi-objective linear integer programming problem. First, it focuses on finding a set of compositions such that each of them carries out the same target behavior while satisfying its preferences at best. Second, all the agents involved in the compositions form a team that remains effective even if one or more agents fail. This thesis provides an original solution for each of these problems while illustrating it with some examples. The use of SMV/TLV, Uppaal and PuLP tools makes it possible to check, synthesize or calculate the elements of the proposed examples.Résumé : Cette thèse propose des solutions à quatre nouveaux problèmes issus d’un cadre général de composition horizontale de comportements modélisés à l’aide de systèmes à transition. Ce dernier permet la réalisation d’un nouveau comportement à partir d’un ensemble de comportements prédéfinis, à travers la synthèse d’un contrôleur qui délègue chacune de ses actions à un comportement prédéfini pour son exécution. Dans cette thèse, les comportements sont associés à des composants logiciels, comme des services Web, à des composants matériels, comme des objets connectés, ou à des agents. De plus, une composition est constituée d’un contrôleur et des comportements avec lesquels il interagit pour réaliser un comportement désiré, par exemple celui d’un nouvel agent. Le premier problème considère que les comportements sont soumis à des contraintes temps réel. La synthèse de contrôleur s’effectue en utilisant les mêmes algorithmes que ceux du cadre général. Toutefois, deux étapes additionnelles sont nécessaires : l’une pour modéliser les interactions entre les comportements et le contrôleur dans une boucle de rétroaction ; l’autre pour vérifier si la boucle de rétroaction est sans interblocage dans toutes ses exécutions considérant l’ensemble des contraintes temps réel. Le deuxième problème concerne l’assemblage de compositions. Contrairement au cadre général qui utilise des systèmes à transition comme formalisme de modélisation dans un contexte de contrôle purement monolithique, l’approche retenue suggère, d’une part, d’utiliser un calcul de processus comme formalisme pour représenter tous les éléments de la boucle de rétroaction et, d’autre part, d’effectuer un contrôle modulaire c’est-à-dire de combiner des contrôleurs à l’aide d’opérateurs du calcul de processus pour obtenir un contrôle global. Le troisième problème est une extension du problème de la synthèse de contrôleur lorsque les actions des comportements possèdent des attributs qualitatifs ou quantitatifs et que les actions du comportement désiré sont exprimées sous la forme de préférences. La composition horizontale de comportements basée sur des préférences permet de réaliser un nouveau comportement qui ne pourrait l’être autrement. Enfin, le dernier problème est celui de la formation d’une équipe d’agents la plus robuste possible et à moindre coût. Il est formulé comme une problème de programmation linéaire multi-objective en nombre entier. Premièrement, il s’agit de trouver un ensemble de compositions, chacune réalisant le même comportement désiré tout en satisfaisant au mieux ses préférences. Deuxièmement, l’ensemble des agents impliqués dans les compositions forment une équipe qui survit aux pannes d’un ou plusieurs agents. Cette thèse apporte une solution originale à chacun de ces problèmes tout en l’illustrant à l’aide d’exemples. L’utilisation des outils SMV/TLV, Uppaal et PuLP permet de vérifier, de synthétiser ou de calculer des éléments des exemples proposés

InSight2: An Interactive Web Based Platform for Modeling and Analysis of Large Scale Argus Network Flow Data

Monitoring systems are paramount to the proactive detection and mitigation of problems in computer networks related to performance and security. Degraded performance and compromised end-nodes can cost computer networks downtime, data loss and reputation. InSight2 is a platform that models, analyzes and visualizes large scale Argus network flow data using up-to-date geographical data, organizational information, and emerging threats. It is engineered to meet the needs of network administrators with flexibility and modularity in mind. Scalability is ensured by devising multi-core processing by implementing robust software architecture. Extendibility is achieved by enabling the end user to enrich flow records using additional user provided databases. Deployment is streamlined by providing an automated installation script. State-of-the-art visualizations are devised and presented in a secure, user friendly web interface giving greater insight about the network to the end user

Personalization platform for multimodal ubiquitous computing applications

Dissertação para obtenção do Grau de Mestre em Engenharia InformáticaWe currently live surrounded by a myriad of computing devices running multiple applications. In general, the user experience on each of those scenarios is not adapted to each user’s specific needs, without personalization and integration across scenarios. Moreover, developers usually do not have the right tools to handle that in a standard and generic way. As such, a personalization platform may provide those tools. This kind of platform should be readily available to be used by any developer. Therefore, it must be developed to be available over the Internet. With the advances in IT infrastructure, it is now possible to develop reliable and scalable services running on abstract and virtualized platforms. Those are some of the advantages of cloud computing, which offers a model of utility computing where customers are able to dynamically allocate the resources they need and are charged accordingly. This work focuses on the creation of a cloud-based personalization platform built on a previously developed generic user modeling framework. It provides user profiling and context-awareness tools to third-party developers. A public display-based application was also developed. It provides useful information to students, teachers and others in a university campus as they are detected by Bluetooth scanning. It uses the personalization platform as the basis to select the most relevant information in each situation, while a mobile application was developed to be used as an input mechanism. A user study was conducted to assess the usefulness of the application and to validate some design choices. The results were mostly positive

A Hybrid Approach to Logic Evaluation

In this thesis, we contribute the hybrid approach – a means of combining the practical advantages of feature-rich logic evaluation in the cloud, with the performance benefits of hand-written, optimized, efficient native code. In the first part of our hybrid approach, we introduce a cloud-based distribution for logic programs, which may be deployed as a service, in standard cloud environments, across cheap commodity hardware. Modern systems are in the cloud; while distributed logic solvers exist, these systems are highly specialized, requiring expensive, resource intensive hardware infrastructures. Our original technique achieves a fully automatic synthesis of cloud infrastructure for logic programs, and includes a range of practical features not present in existing distributed logic solvers. We show that an implementation of the distribution scales effectively within real-world cloud environments, against a distribution over cores of the same machine. We show that our multi-node distribution may be effectively combined with existing multi-threaded techniques to mitigate the network communication cost incurred by distribution. In the second part of our hybrid approach, we introduce extra-logical algorithms, to achieve performance for logic programs that would not be possible within a bottom-up logic evaluation. Modern systems must deliver high performance on big data; however, even the most powerful logic engines, distributed or otherwise, can be beaten by hand-written code on particular problems. We give a novel implementation of a system for the high-impact problem of sink-reachability, designed such that its algorithms may be used in logic programs. A thorough empirical evaluation, across a range of large-scale, real-world datasets, shows our system outperforms the current state of the art for the sink-reachability problem in all cases. Our hybrid approach addresses the two major deficiencies of modern logic systems, providing a practical means of evaluating logic in distributed cloud-based environments, while offering performance gains for specific high-impact problems that would not be possible using logic programming alone