A client-server architecture for distributed and scalable multimedia content analysis: an Android app for assisting phone users in shooting aesthetically valuable pictures

Nowadays developing modern scientific image and video analysis algorithms faces the issue of distributing them among the open community with multiple versions for very different platforms. This requires software development skills usually unknown by the researchers outside of the computer science world. Client/server communications have acquired a leading role by abstracting the business logic of applications from thin clients running on small devices like smartphones which end users can carry with them. The present work describes the design, modeling, development and testing of a client/server architecture that has the ability to perform computations on image and video characteristics on independent Matlab® instances and offer production efficient SQL persistence to store the results. All of this, immersed in a user authenticated environment. This project has been specifically focused on a currently ongoing study by researchers from Universidad Carlos III and Universidad Politécnica de Madrid. Their main goal is to estimate the aesthetic value of images and videos by the computation of audiovisual content. However, the architecture has been designed and built with the objective of being applicable to any kind of biomedical, audiovisual or any other engineering image or video analysis study.Hoy en día, desarrollar nuevos algoritmos científicos que analicen videos o imágenes lleva consigo el problema de la distribución abierta a la comunidad con las múltiples versiones de las distintas plataformas utilizadas. Para que ello sea posible, se requieren habilidades de desarrollo de software que normalmente son desconocidas por parte de los investigadores no inmersos en campo de la informática. Las plataformas cliente/servidor han adquirido un rol primordial al abstraer la funcionalidad principal de las aplicaciones de los clientes livianos como los teléfonos inteligentes que pueden llevarse en el bolsillo. Este trabajo describe el diseño, modelado, desarrollo y prueba de una arquitectura cliente/servidor que tiene la habilidad de realizar cálculos de características de imágenes y videos en instancias independientes de Matlab® y ofrecer persistencia de datos SQL al nivel de un entorno de producción donde guardar los resultados obtenidos, todo ello sumergido en un ambiente donde los usuarios están completamente autentificados. Este proyecto ha estado particularmente enfocado a una investigación actualmente en desarrollo por investigadores de la Universidad Carlos III y la Universidad Politécnica de Madrid. Esta investigación tiene como objetivo el estudio del valor estético de imágenes y videos a través del cálculo de descriptores objetivos. De todas maneras, la arquitectura se ha diseñado y construido con el objetivo de posibilitar la aplicación a cualquier otro estudio dentro de la ingeniería biomédica, audiovisual u otra ingeniería donde se requiera el análisis de video o imagen.Ingeniería Biomédic

Exploring Predicate Based Access Control for Cloud Workflow Systems

Authentication and authorization are the two crucial functions of any modern security and access control mechanisms. Authorization for controlling access to resources is a dynamic characteristic of a workflow system which is based on true business dynamics and access policies. Allowing or denying a user to gain access to a resource is the cornerstone for successful implementation of security and controlling paradigms. Role based and attribute based access control are the existing mechanisms widely used. As per these schemes, any user with given role or attribute respectively is granted applicable privileges to access a resource. There is third approach known as predicate based access control which is less explored. We intend to throw light on this as it provides more fine-grained control over resources besides being able to complement with existing approaches. In this paper we proposed a predicate-based access control mechanism that caters to the needs of cloud-based workflow systems

Policy enforcement in cloud computing

Cloud Computing is an emerging technology, providing attractive way of hosting and delivering services over the Internet. Many organizations and individuals are utilizing Cloud services to share information and collaborate with partners. However, Cloud provides abstraction over the underlying physical infrastructure to the customers, that raises information security concerns, while storing data in a virtualized environment without having physical access to it. Additionally, certain standards have been issued to provide interoperability between users and various distributed systems(including Cloud infrastructures), in a standardized way. However, implementation and interoperability issues still exist and introduce new challenges. This thesis explores the feasibility of securing data in a cloud context, using existing standards and specifications, while retaining the benefits of the Cloud. The thesis provides a view on increasing security concerns of moving to the cloud and sharing data over it. First, we define security and privacy requirements for the data stored in the Cloud. Based on these requirements, we propose the requirements for an access control system in the Cloud. Furthermore, we evaluate the existing work in the area of currently available access control systems and mechanisms for secure data sharing over the Cloud, mostly focusing on policy enforcement and access control characteristics. Moreover, we determine existing mechanisms and standards to implement secure data sharing and collaborative systems over the Cloud. We propose an architecture supporting secure data sharing over the untrusted Cloud environment, based on our findings. The architecture ensures policy based access control inside and outside Cloud, while allowing the benefits of Cloud Computing to be utilized. We discuss the components involved in the architecture and their design considerations. To validate the proposed architecture, we construct the proof of concept prototype. We present a novel approach for implementing policy based access control, by achieving interoperability between existing standards and addressing certain issues, while constructing the system prototype. Furthermore, we deploy our solution in the Cloud and perform the performance tests to evaluate the performance of the system. Finally, we perform a case study by utilizing our system in a real-life scenario. To do this we slightly tailor our solution to meet specific needs. Overall, this thesis provides a solid foundation for the policy enforcement and access control mechanisms in the Cloud-based systems and motivates further work within this field. Cloud Computing is an emerging technology, providing attractive way of hosting and delivering services over the Internet. Many organizations and individuals are utilizing Cloud services to share information and collaborate with partners. However, Cloud provides abstraction over the underlying physical infrastructure to the customers, that raises information security concerns, while storing data in a virtualized environment without having physical access to it. Additionally, certain standards have been issued to provide interoperability between users and various distributed systems(including Cloud infrastructures), in a standardized way. However, implementation and interoperability issues still exist and introduce new challenges. This thesis explores the feasibility of securing data in a cloud context, using existing standards and specifications, while retaining the benefits of the Cloud. The thesis provides a view on increasing security concerns of moving to the cloud and sharing data over it. First, we define security and privacy requirements for the data stored in the Cloud. Based on these requirements, we propose the requirements for an access control system in the Cloud. Furthermore, we evaluate the existing work in the area of currently available access control systems and mechanisms for secure data sharing over the Cloud, mostly focusing on policy enforcement and access control characteristics. Moreover, we determine existing mechanisms and standards to implement secure data sharing and collaborative systems over the Cloud. We propose an architecture supporting secure data sharing over the untrusted Cloud environment, based on our findings. The architecture ensures policy based access control inside and outside Cloud, while allowing the benefits of Cloud Computing to be utilized. We discuss the components involved in the architecture and their design considerations. To validate the proposed architecture, we construct the proof of concept prototype. We present a novel approach for implementing policy based access control, by achieving interoperability between existing standards and addressing certain issues, while constructing the system prototype. Furthermore, we deploy our solution in the Cloud and perform the performance tests to evaluate the performance of the system. Finally, we perform a case study by utilizing our system in a real-life scenario. To do this we slightly tailor our solution to meet specific needs. Overall, this thesis provides a solid foundation for the policy enforcement and access control mechanisms in the Cloud-based systems and motivates further work within this field

Blockchain based application for circular economy

Over the last few years, web services have evolved enormously, from archaic text-only websites where only the web master can upload and update content, to the most modern applications such as social networks with video calls and real-time video streaming where all users interact and create new content. All these advances in the way services are built and how we interact with them have been made possible by major technological improvements and contributions, such as the increasing speed of access networks, the evolution from desktop to laptop computers, the emergence of pocket devices such as smartphones and the development of even more powerful wireless access networks, such as the evolution of mobile telephony standards. Despite all this evolution, technology has not stagnated and continues to evolve to provide us new ways to build services and interact with virtual worlds. In recent years, new technologies have appeared, and these technologies have produced a paradigm shift in the relationship we will have with web-based services, and some companies are even talking about the beginning of a fully immersive metaverse. In this thesis we will analyze some of these technologies, such as blockchain networks, their possible social implications and we will develop an application based on this technology following a circular economy framework.Objectius de Desenvolupament Sostenible::9 - Indústria, Innovació i InfraestructuraObjectius de Desenvolupament Sostenible::10 - Reducció de les Desigualtat

Implementation of Secure Log Management Over Cloud

A Log records are very important information which is related to activities of systems, applications or networks and these log records having various fields and their syntax. Actually logs are automatically generated on activities that are done and doing by user on system, or on any Applications such as Google Chrome or in networks. These logs are costly and need to any organization for future references such as to identify or finding any problems, to record all events, to find performance, and to investigate malicious activities in systems or networks or in application. So, protection of logs from attackers is required. Hence organization should maintain integrity, confidentiality, and security of logs. The cost to maintain logs for organizations for longer period is very less. Hence, we developed secure log management over cloud to decrease cost as well as provide security of log from attackers. To achieve this, we have done this with the help of Blowfish algorithm to Encrypt log records then SHA-1 is used to provide confidentiality while transmitting and at end point security purpose we used Shamir’s Secret sharing algorithm. DOI: 10.17762/ijritcc2321-8169.150511

IoT Security Evolution: Challenges and Countermeasures Review

Internet of Things (IoT) architecture, technologies, applications and security have been recently addressed by a number of researchers. Basically, IoT adds internet connectivity to a system of intelligent devices, machines, objects and/or people. Devices are allowed to automatically collect and transmit data over the Internet, which exposes them to serious attacks and threats. This paper provides an intensive review of IoT evolution with primary focusing on security issues together with the proposed countermeasures. Thus, it outlines the IoT security challenges as a future roadmap of research for new researchers in this domain

The Role of a Microservice Architecture on cybersecurity and operational resilience in critical systems

Critical systems are characterized by their high degree of intolerance to threats, in other words, their high level of resilience, because depending on the context in which the system is inserted, the slightest failure could imply significant damage, whether in economic terms, or loss of reputation, of information, of infrastructure, of the environment, or human life. The security of such systems is traditionally associated with legacy infrastructures and data centers that are monolithic, which translates into increasingly high evolution and protection challenges. In the current context of rapid transformation where the variety of threats to systems has been consistently increasing, this dissertation aims to carry out a compatibility study of the microservice architecture, which is denoted by its characteristics such as resilience, scalability, modifiability and technological heterogeneity, being flexible in structural adaptations, and in rapidly evolving and highly complex settings, making it suited for agile environments. It also explores what response artificial intelligence, more specifically machine learning, can provide in a context of security and monitorability when combined with a simple banking system that adopts the microservice architecture.Os sistemas críticos são caracterizados pelo seu elevado grau de intolerância às ameaças, por outras palavras, o seu alto nível de resiliência, pois dependendo do contexto onde se insere o sistema, a mínima falha poderá implicar danos significativos, seja em termos económicos, de perda de reputação, de informação, de infraestrutura, de ambiente, ou de vida humana. A segurança informática de tais sistemas está tradicionalmente associada a infraestruturas e data centers legacy, ou seja, de natureza monolítica, o que se traduz em desafios de evolução e proteção cada vez mais elevados. No contexto atual de rápida transformação, onde as variedades de ameaças aos sistemas têm vindo consistentemente a aumentar, esta dissertação visa realizar um estudo de compatibilidade da arquitetura de microserviços, que se denota pelas suas caraterísticas tais como a resiliência, escalabilidade, modificabilidade e heterogeneidade tecnológica, sendo flexível em adaptações estruturais, e em cenários de rápida evolução e elevada complexidade, tornando-a adequada a ambientes ágeis. Explora também a resposta que a inteligência artificial, mais concretamente, machine learning, pode dar num contexto de segurança e monitorabilidade quando combinado com um simples sistema bancário que adota uma arquitetura de microserviços

A Cloud-Native Web Application for Assisted Metadata Generation and Retrieval: THESPIAN-NER

Within the context of the Competence Centre for the Conservation of Cultural Heritage (4CH) project, the design and deployment of a platform-as-a-service cloud infrastructure for the first European competence centre of cultural heritage (CH) has begun, and some web services have been integrated into the platform. The first integrated service is the INFN-CHNet web application for FAIR storage of scientific analysis on CH: THESPIAN-Mask. It is based on CIDOC-CRM-compatible ontology and CRMhs, describing the scientific metadata. To ease the process of metadata generation and data injection, another web service has been developed: THESPIAN-NER. It is a tool based on a deep neural network for named entity recognition (NER), enabling users to upload their Italian-written report files and obtain labelled entities. Those entities are used as keywords either to serve as (semi)automatically custom queries for the database, or to fill (part of) the metadata form as a descriptor for the file to be uploaded. The services have been made freely available in the 4CH PaaS cloud platform

Augmenting Space Technology Program Management with Secure Cloud & Mobile Services

The National Aeronautics and Space Administration (NASA) Game Changing Development (GCD) program manages technology projects across all NASA centers and reports to NASA headquarters regularly on progress. Program stakeholders expect an up-to-date, accurate status and often have questions about the program's portfolio that requires a timely response. Historically, reporting, data collection, and analysis were done with manual processes that were inefficient and prone to error. To address these issues, GCD set out to develop a new business automation solution. In doing this, the program wanted to leverage the latest information technology platforms and decided to utilize traditional systems along with new cloud-based web services and gaming technology for a novel and interactive user environment. The team also set out to develop a mobile solution for anytime information access. This paper discusses a solution to these challenging goals and how the GCD team succeeded in developing and deploying such a system. The architecture and approach taken has proven to be effective and robust and can serve as a model for others looking to develop secure interactive mobile business solutions for government or enterprise business automation