Architecture and Implementation of a Trust Model for Pervasive Applications

Collaborative effort to share resources is a significant feature of pervasive computing environments. To achieve secure service discovery and sharing, and to distinguish between malevolent and benevolent entities, trust models must be defined. It is critical to estimate a device\u27s initial trust value because of the transient nature of pervasive smart space; however, most of the prior research work on trust models for pervasive applications used the notion of constant initial trust assignment. In this paper, we design and implement a trust model called DIRT. We categorize services in different security levels and depending on the service requester\u27s context information, we calculate the initial trust value. Our trust value is assigned for each device and for each service. Our overall trust estimation for a service depends on the recommendations of the neighbouring devices, inference from other service-trust values for that device, and direct trust experience. We provide an extensive survey of related work, and we demonstrate the distinguishing features of our proposed model with respect to the existing models. We implement a healthcare-monitoring application and a location-based service prototype over DIRT. We also provide a performance analysis of the model with respect to some of its important characteristics tested in various scenarios

Design and Implementation of S-MARKS: A Secure Middleware for Pervasive Computing Applications

As portable devices have become a part of our everyday life, more people are unknowingly participating in a pervasive computing environment. People engage with not a single device for a specific purpose but many devices interacting with each other in the course of ordinary activity. With such prevalence of pervasive technology, the interaction between portable devices needs to be continuous and imperceptible to device users. Pervasive computing requires a small, scalable and robust network which relies heavily on the middleware to resolve communication and security issues. In this paper, we present the design and implementation of S-MARKS which incorporates device validation, resource discovery and a privacy module

An Impregnable Lightweight Device Discovery (ILDD) Model for the Pervasive Computing Environment of Enterprise Applications

The worldwide use of handheld devices (personal digital assistants, cell phones, etc.) with wireless connectivity will reach 2.6 billion units this year and 4 billion by 2010. More specifically, these handheld devices have become an integral part of industrial applications. These devices form pervasive ad hoc wireless networks that aide in industry applications. However, pervasive computing is susceptible and vulnerable to malicious active and passive snoopers. This is due to the unavoidable interdevice dependency, as well as a common shared medium, very transitory connectivity, and the absence of a fixed trust infrastructure. In order to ensure security and privacy in the pervasive environment, we need a mechanism to maintain a list of valid devices that will help to prevent malicious devices from participating in any task. In this paper, we will show the feasibility of using a modified human- computer authentication protocol in order to prevent the malicious attacks of ad hoc networks in industrial applications. We will also present two separate models for both large and small networks, as well as several possible attack scenarios for each network

PLECO: New energy-aware programming languages and eco-systems for the Internet of Things

This paper outlines the aims of the Programming Language ECO-system (PLECO) to create new energy-aware programming languages and eco-systems for the Internet of Things (IoT). It builds upon the Lantern language and focuses on energy-awareness, security, resilience and communications for the large infrastructure underpinning the next generation of IoT. The paper outlines how IoT applications and deployments need to be developed in an energy-aware, secure and cost-effective manner using new secure, robust and energy-focused programming languages and the importance of taking such an approach

Priority based tag authentication and routing algorithm for intermodal containers RFID sensor network

Intermodal containers transportation management has always been a serious issue among logistics worldwide companies where the application of secure mobile information technologies (e.g. radio frequency identification systems (RFID) and sensor networks) could significantly improve the current situation by sending managers all the needed transportation conditions information. In this paper, we have focused on improving managerial decision making method by introducing the expert system evaluation functionality in a common software solution CTRMS for additional ICT risks evaluation. The basic risks involved in transportation and the appropriate measures are introduced as well. The pre-defined RFID sensor network was used to develop an optimal tag authentication and routing algorithm where tags and reader authentication protocols were defined and based upon the highest security assurance and the reader to tag response time criterias. A Nearest Neighbor (NN) heuristic approach and a Priority setting method were used to address the problem of routing within the RFID sensor network between tags with the objective function of minimizing the data transfer time between tags with the highest priority values. Computational results also indicate that when the tags have the same level of confidence in the system, they can exchange information without any additional verification, so making the authentication protocol less time consuming and therefore more effective against other proposed protocols

Mobiilse värkvõrgu protsessihaldus

Värkvõrk, ehk Asjade Internet (Internet of Things, lüh IoT) edendab lahendusi nagu nn tark linn, kus meid igapäevaselt ümbritsevad objektid on ühendatud infosüsteemidega ja ka üksteisega. Selliseks näiteks võib olla teekatete seisukorra monitoorimissüsteem. Võrku ühendatud sõidukitelt (nt bussidelt) kogutakse videomaterjali, mida seejärel töödeldakse, et tuvastada löökauke või lume kogunemist. Tavaliselt hõlmab selline lahendus keeruka tsentraalse süsteemi ehitamist. Otsuste langetamiseks (nt milliseid sõidukeid parasjagu protsessi kaasata) vajab keskne süsteem pidevat ühendust kõigi IoT seadmetega. Seadmete hulga kasvades võib keskne lahendus aga muutuda pudelikaelaks. Selliste protsesside disaini, haldust, automatiseerimist ja seiret hõlbustavad märkimisväärselt äriprotsesside halduse (Business Process Management, lüh BPM) valdkonna standardid ja tööriistad. Paraku ei ole BPM tehnoloogiad koheselt kasutatavad uute paradigmadega nagu Udu- ja Servaarvutus, mis tuleviku värkvõrgu jaoks vajalikud on. Nende puhul liigub suur osa otsustustest ja arvutustest üksikutest andmekeskustest servavõrgu seadmetele, mis asuvad lõppkasutajatele ja IoT seadmetele lähemal. Videotöötlust võiks teostada mini-andmekeskustes, mis on paigaldatud üle linna, näiteks bussipeatustesse. Arvestades IoT seadmete üha suurenevat hulka, vähendab selline koormuse jaotamine vähendab riski, et tsentraalne andmekeskust ülekoormamist. Doktoritöö uurib, kuidas mobiilsusega seonduvaid IoT protsesse taoliselt ümber korraldada, kohanedes pidevalt muutlikule, liikuvate seadmetega täidetud servavõrgule. Nimelt on ühendused katkendlikud, mistõttu otsuste langetus ja planeerimine peavad arvestama muuhulgas mobiilseadmete liikumistrajektoore. Töö raames valminud prototüüpe testiti Android seadmetel ja simulatsioonides. Lisaks valmis tööriistakomplekt STEP-ONE, mis võimaldab teadlastel hõlpsalt simuleerida ja analüüsida taolisi probleeme erinevais realistlikes stsenaariumites nagu seda on tark linn.The Internet of Things (IoT) promotes solutions such as a smart city, where everyday objects connect with info systems and each other. One example is a road condition monitoring system, where connected vehicles, such as buses, capture video, which is then processed to detect potholes and snow build-up. Building such a solution typically involves establishing a complex centralised system. The centralised approach may become a bottleneck as the number of IoT devices keeps growing. It relies on constant connectivity to all involved devices to make decisions, such as which vehicles to involve in the process. Designing, automating, managing, and monitoring such processes can greatly be supported using the standards and software systems provided by the field of Business Process Management (BPM). However, BPM techniques are not directly applicable to new computing paradigms, such as Fog Computing and Edge Computing, on which the future of IoT relies. Here, a lot of decision-making and processing is moved from central data-centers to devices in the network edge, near the end-users and IoT sensors. For example, video could be processed in mini-datacenters deployed throughout the city, e.g., at bus stops. This load distribution reduces the risk of the ever-growing number of IoT devices overloading the data center. This thesis studies how to reorganise the process execution in this decentralised fashion, where processes must dynamically adapt to the volatile edge environment filled with moving devices. Namely, connectivity is intermittent, so decision-making and planning need to involve factors such as the movement trajectories of mobile devices. We examined this issue in simulations and with a prototype for Android smartphones. We also showcase the STEP-ONE toolset, allowing researchers to conveniently simulate and analyse these issues in different realistic scenarios, such as those in a smart city.  https://www.ester.ee/record=b552551

Supporting Management lnteraction and Composition of Self-Managed Cells

Management in ubiquitous systems cannot rely on human intervention or centralised decision-making functions because systems are complex and devices are inherently mobile and cannot refer to centralised management applications for reconfiguration and adaptation directives. Management must be devolved, based on local decision-making and feedback control-loops embedded in autonomous components. Previous work has introduced a Self-Managed Cell (SMC) as an infrastructure for building ubiquitous applications. An SMC consists of a set of hardware and software components that implement a policy-driven feedback control-loop. This allows SMCs to adapt continually to changes in their environment or in their usage requirements. Typical applications include body-area networks for healthcare monitoring, and communities of unmanned autonomous vehicles (UAVs) for surveillance and reconnaissance operations. Ubiquitous applications are typically formed from multiple interacting autonomous components, which establish peer-to-peer collaborations, federate and compose into larger structures. Components must interact to distribute management tasks and to enforce communication strategies. This thesis presents an integrated framework which supports the design and the rapid establishment of policy-based SMC interactions by systematically composing simpler abstractions as building elements of a more complex collaboration. Policy-based interactions are realised – subject to an extensible set of security functions – through the exchanges of interfaces, policies and events, and our framework was designed to support the specification, instantiation and reuse of patterns of interaction that prescribe the manner in which these exchanges are achieved. We have defined a library of patterns that provide reusable abstractions for the structure, task-allocation and communication aspects of an interaction, which can be individually combined for building larger policy-based systems in a methodical manner. We have specified a formal model to ensure the rigorous verification of SMC interactions before policies are deployed in physical devices. A prototype has been implemented that demonstrates the practical feasibility of our framework in constrained resources

Multisite adaptive computation offloading for mobile cloud applications

The sheer amount of mobile devices and their fast adaptability have contributed to the proliferation of modern advanced mobile applications. These applications have characteristics such as latency-critical and demand high availability. Also, these kinds of applications often require intensive computation resources and excessive energy consumption for processing, a mobile device has limited computation and energy capacity because of the physical size constraints. The heterogeneous mobile cloud environment consists of different computing resources such as remote cloud servers in faraway data centres, cloudlets whose goal is to bring the cloud closer to the users, and nearby mobile devices that can be utilised to offload mobile tasks. Heterogeneity in mobile devices and the different sites include software, hardware, and technology variations. Resource-constrained mobile devices can leverage the shared resource environment to offload their intensive tasks to conserve battery life and improve the overall application performance. However, with such a loosely coupled and mobile device dominating network, new challenges and problems such as how to seamlessly leverage mobile devices with all the offloading sites, how to simplify deploying runtime environment for serving offloading requests from mobile devices, how to identify which parts of the mobile application to offload and how to decide whether to offload them and how to select the most optimal candidate offloading site among others. To overcome the aforementioned challenges, this research work contributes the design and implementation of MAMoC, a loosely coupled end-to-end mobile computation offloading framework. Mobile applications can be adapted to the client library of the framework while the server components are deployed to the offloading sites for serving offloading requests. The evaluation of the offloading decision engine demonstrates the viability of the proposed solution for managing seamless and transparent offloading in distributed and dynamic mobile cloud environments. All the implemented components of this work are publicly available at the following URL: https://github.com/mamoc-repo