Trust negotiation policy management for service-oriented applications

Service-oriented architectures (SOA), and in particular Web services, have quickly become a popular technology to connect applications both within and across enterprise boundaries. However, as services are increasingly used to implement critical functionality, security has become an important concern impeding the widespread adoption of SOA. Trust negotiation is an approach to access control that may be applied in scenarios where service requesters are often unknown in advance, such as for services available via the public Internet. Rather than relying on requesters' identities, trust negotiation makes access decisions based on the level of trust established between the requester and the provider in a negotiation, during which the parties exchange credentials, which are signed assertions that describe some attributes of the owner. However, managing the evolution of trust negotiation policies is a difficult problem that has not been sufficiently addressed to date. Access control policies have a lifecycle, and they are revised based on applicable business policies. Additionally, because a trust relationship established in a trust negotiation may be long lasting, their evolution must also be managed. Simply allowing a negotiation to continue according to an old policy may be undesirable, especially if new important constraints have been added. In this thesis, we introduce a model-driven trust negotiation framework for service-oriented applications. The framework employs a model for trust negotiation, based on state machines, that allows automated generation of the control structures necessary to enforce trust negotiation policies from the visual model of the policy. Our policy model also supports lifecycle management. We provide sets of operations to modify policies and to manage ongoing negotiations, and operators for identifying and managing impacts of changes to trust negotiation policies on ongoing trust negotiations. The framework presented in the thesis has been implemented in the Trust-Serv prototype, which leverages industry specifications such as WS-Security and WS-Trust to offer a container-centric mechanism for deploying trust negotiation that is transparent to the services being protected

Mission Dependency Index of Air Force Built Infrastructure: Knowledge Discovery with Machine Learning

Mission Dependency Index (MDI) is a metric developed to capture the relative criticality of infrastructure assets with respect to organizational missions. The USAF adapted the MDI metric from the United States Navy’s MDI methodology. Unlike the Navy’s MDI data collection process, the USAF adaptation of the MDI metric employs generic facility category codes (CATCODEs) to assign MDI values. This practice introduces uncertainty into the MDI assignment process with respect to specific missions and specific infrastructure assets. The uncertainty associated with USAF MDI values necessitated the MDI adjudication process. The MDI adjudication process provides a mechanism for installation civil engineer personnel to lobby for accurate MDI values for specific infrastructure assets. The MDI adjudication process requires manual identification of MDI discrepancies, documentation, and extensive coordination between organizations. Given the existing uncertainty with USAF MDI values and the effort required for the MDI adjudication process, this research pursues machine learning and the knowledge discovery in databases (KDD) process to identify and understand relationships between real property data and mission critical infrastructure. Furthermore, a decision support tool is developed for the MDI adjudication process. Specifically, supervised learning techniques are employed to develop a classifier that can identify potential MDI discrepancies. This automation effort serves to minimize the manual MDI review process by identifying a subset of facilities for potential adjudication

Army Information Technology Procurement: a Business Process Analysis

This thesis presents a business process analysis of the Army\u27s ICT procurement system. The research identified several inefficiencies and proposes several potential solutions. the contributions of this research include a unified taxonomy, a method to prioritize requests, and system architecture products for development of an automated and sustainable collaboration interface for the CIO/G6 to streamline their IT acquisition process. Development of a centralized system would reduce waste in the request process from submission to formal accounting, hasten the movement of requests between stakeholders, maintain a digital signature authorization for each approval authority, provide a reporting database to recognize reprogramming thresholds, and deliver relevant metrics and analysis to help inform the Army\u27s IT resourcing decisions

EVALUATION OF SOFTWARE QUALITY FOR I-OFFICE PLUS APPLICATIONS USING ISO/IEC 25010 AND KANO MODEL

Perubahan pola kerja yang dilakukan perusahaan dengan tidak lagi menerapkan aturan seluruh pegawai bekerja dari kantor meningkatkan kebutuhan akan aplikasi absensi. I-Office Plus hadir untuk memenuhi sistem administrasi kepegawaian. Guna menunjang kualitas pada I-Office Plus, evaluasi perangkat lunak dilakukan dari sisi fungsionalitas. Evaluasi dilakukan berdasarkan model ISO/IEC 20510:2011 merupakan bagian dari System and Software Quality Requirements and Evaluation (SQuaRE). Pemrosesan data menggunakan model Kano untuk menentukan skor yang diharapkan pengguna aplikasi I-Office Plus untuk setiap karakteristik yang dievaluasi, menentukan kepuasan dan ketid-akpuasan pengguna, memberikan rekomendasi dari hasil analisis. Dalam penelitian ini diterapkan gabungan antara metode kuantitatif dan kualitatif sekaligus atau pendekatan mixed methods. Penelitian mixed methods ini menggunakan strategi sekuensial eksplanatori/sequential explanatory strategy. Hasil evaluasi diharapkan menunjukkan seberapa baik kualitas aplikasi I-Office Plus milik ICON+ yang diukur dari harapan dan kepuasan pegawai sebagai pengguna aplikasi tersebut. Penelitian ini juga memberi hasil rekomendasi perbaikan aplikasi I-Office Plus berdasarkan tingkat ketidakpua-san pengguna dengan melihat kategori pada Model Kano yang berada pada kategori indifference

An integrated component-oriented framework for effective and flexible enterprise distributed systems development

Although component-based platforms and technologies such as CORBA, COM+/.NET and Enterprise Java Beans (EJB) are now widely used for implementation and deployment of complex systems, the component way of thinking is still immature. Current CBD best practices, concepts, approaches and methods do not provide a full and consistent support for various component concepts, and therefore are not able to provide a full benefit of the CBD paradigm. This paper defines a new approach to components through an Integrated Component- Oriented Framework that provides a comprehensive component-oriented support for enterprise systems development. The framework enables that the same component way of thinking and the same consistent set of technology- independent component concepts can be applied in different aspects of enterprise systems development, from business services to distributed components

Incident Prioritisation for Intrusion Response Systems

The landscape of security threats continues to evolve, with attacks becoming more serious and the number of vulnerabilities rising. To manage these threats, many security studies have been undertaken in recent years, mainly focusing on improving detection, prevention and response efficiency. Although there are security tools such as antivirus software and firewalls available to counter them, Intrusion Detection Systems and similar tools such as Intrusion Prevention Systems are still one of the most popular approaches. There are hundreds of published works related to intrusion detection that aim to increase the efficiency and reliability of detection, prevention and response systems. Whilst intrusion detection system technologies have advanced, there are still areas available to explore, particularly with respect to the process of selecting appropriate responses. Supporting a variety of response options, such as proactive, reactive and passive responses, enables security analysts to select the most appropriate response in different contexts. In view of that, a methodical approach that identifies important incidents as opposed to trivial ones is first needed. However, with thousands of incidents identified every day, relying upon manual processes to identify their importance and urgency is complicated, difficult, error-prone and time-consuming, and so prioritising them automatically would help security analysts to focus only on the most critical ones. The existing approaches to incident prioritisation provide various ways to prioritise incidents, but less attention has been given to adopting them into an automated response system. Although some studies have realised the advantages of prioritisation, they released no further studies showing they had continued to investigate the effectiveness of the process. This study concerns enhancing the incident prioritisation scheme to identify critical incidents based upon their criticality and urgency, in order to facilitate an autonomous mode for the response selection process in Intrusion Response Systems. To achieve this aim, this study proposed a novel framework which combines models and strategies identified from the comprehensive literature review. A model to estimate the level of risks of incidents is established, named the Risk Index Model (RIM). With different levels of risk, the Response Strategy Model (RSM) dynamically maps incidents into different types of response, with serious incidents being mapped to active responses in order to minimise their impact, while incidents with less impact have passive responses. The combination of these models provides a seamless way to map incidents automatically; however, it needs to be evaluated in terms of its effectiveness and performances. To demonstrate the results, an evaluation study with four stages was undertaken; these stages were a feasibility study of the RIM, comparison studies with industrial standards such as Common Vulnerabilities Scoring System (CVSS) and Snort, an examination of the effect of different strategies in the rating and ranking process, and a test of the effectiveness and performance of the Response Strategy Model (RSM). With promising results being gathered, a proof-of-concept study was conducted to demonstrate the framework using a live traffic network simulation with online assessment mode via the Security Incident Prioritisation Module (SIPM); this study was used to investigate its effectiveness and practicality. Through the results gathered, this study has demonstrated that the prioritisation process can feasibly be used to facilitate the response selection process in Intrusion Response Systems. The main contribution of this study is to have proposed, designed, evaluated and simulated a framework to support the incident prioritisation process for Intrusion Response Systems.Ministry of Higher Education in Malaysia and University of Malay

A theory and model for the evolution of software services

Software services are subject to constant change and variation. To control service development, a service developer needs to know why a change was made, what are its implications and whether the change is complete. Typically, service clients do not perceive the upgraded service immediately. As a consequence, service-based applications may fail on the service client side due to changes carried out during a provider service upgrade. In order to manage changes in a meaningful and effective manner service clients must therefore be considered when service changes are introduced at the service provider's side. Otherwise such changes will most certainly result in severe application disruption. Eliminating spurious results and inconsistencies that may occur due to uncontrolled changes is therefore a necessary condition for the ability of services to evolve gracefully, ensure service stability, and handle variability in their behavior. Towards this goal, this work presents a model and a theoretical framework for the compatible evolution of services based on well-founded theories and techniques from a number of disparate fields.