Resource identification in fog-to-cloud systems: toward an identity management strategy

og-to-Cloud (F2C) is a novel paradigm aiming at extending the cloud computing capabilities to the edge of the network through the hierarchical and coordinated management of both, centralized cloud datacenters and distributed fog resources. It will allow all kinds of devices that are capable to connect to the F2C network to share its idle resources and access both, service provider and third parties’ resources to expand its own capabilities. However, despite the numerous advantages offered by the F2C model, such as the possibility of offloading delay-sensitive tasks to a nearby device and using the cloud infrastructure in the execution of resource-intensive tasks, the list of open challenges that needs to be addressed to have a deployable F2C system is pretty long. In this paper we focus on the resource identification challenge, proposing an identity management system (IDMS) solution that starts assigning identifiers (IDs) to the devices in the F2C network in a decentralized fashion using hashes and afterwards, manages the usage of those IDs applying a fragmentation technique. The obtained results during the validation phase show that our proposal not only meets the desired IDMS characteristics, but also that the fragmentation strategy is aligned with the constrained nature of the devices in the lowest tier of the network hierarchy.Peer ReviewedPostprint (author's final draft

A Novel and scalable naming strategy for IoT scenarios

Fog-to-Cloud (F2C) is a novel paradigm aimed at increasing the benefits brought by the growing Internet-of-Things (IoT) devices population at the edge of the network. F2C is intended to manage the available resources from the core to the edge of the network, allowing services to choose and use either a specific cloud or fog offer or a combination of both. Recognized the key benefits brought by F2C systems, such as low-latency for real-time services, location awareness services, mobility support and the possibility to process data close to where they are generated, research efforts are being made towards the creation of a widely accepted F2C architecture. However, in order to achieve the desired F2C control framework, many open challenges must be solved. In this paper, we address the identity management challenges and propose an Identity Management System (IDMS) that is based on the fragmentation of the network resource IDs.Postprint (author's final draft

Novel modeling and optimization for joint Cybersecurity-vs-QoS Intrusion Detection Mechanisms in 5G networks

The rapid emergence of 5G technology brings new cybersecurity challenges that hold significant implications for our economy, society, and environment. Among these challenges, ensuring the effectiveness of Intrusion Detection Mechanisms (IDMs) in monitoring networks and detecting 5G-related cyberattacks is of utmost importance. However, optimizing cybersecurity levels and selecting appropriate IDMs remain as critical and ongoing challenges. This work considers multiple pre-deployed distributed Security Agents (SAs) across the network, each capable of running various IDMs, where they differ by their effectiveness in detecting the attacks (referred to as security term) and the consumption of resources (referred to as Quality of Service (QoS) costs). We formulate a joint security and QoS utility function leveraging the Cobb–Douglas production utility function. There are several parameters that impact the joint objective problem, including the set of elasticity parameters, that reflect the importance of the two objectives. We derive an optimal set of elasticity parameters in closed form to identify the balancing point where both objectives have equal utility values. Through comprehensive simulations, we demonstrate that increasing the detection level of SAs enhances the security utility while simultaneously diminishing the QoS utility, as more computational, bandwidth, and monetary resources are utilized for IDM processing. After optimization, our mechanism can strike an effective balance between cybersecurity and QoS overhead while demonstrating the importance of different parameters in the joint problem

Blockchain-based PKI for Crowdsourced IoT Sensor Information

The Internet of Things is progressively getting broader, evol-ving its scope while creating new markets and adding more to the existing ones. However, both generation and analysis of large amounts of data, which are integral to this concept, may require the proper protection and privacy-awareness of some sensitive information. In order to control the access to this data, allowing devices to verify the reliability of their own interactions with other endpoints of the network is a crucial step to ensure this required safeness. Through the implementation of a blockchain-based Public Key Infrastructure connected to the Keybase platform, it is possible to achieve a simple protocol that binds devices' public keys to their owner accounts, which are respectively supported by identity proofs. The records of this blockchain represent digital signatures performed by this Keybase users on their respective devices' public keys, claiming their ownership. Resorting to this distributed and decentralized PKI, any device is able to autonomously verify the entity in control of a certain node of the network and prevent future interactions with unverified parties

Big Data Testing Techniques: Taxonomy, Challenges and Future Trends

Big Data is reforming many industrial domains by providing decision support through analyzing large data volumes. Big Data testing aims to ensure that Big Data systems run smoothly and error-free while maintaining the performance and quality of data. However, because of the diversity and complexity of data, testing Big Data is challenging. Though numerous research efforts deal with Big Data testing, a comprehensive review to address testing techniques and challenges of Big Data is not available as yet. Therefore, we have systematically reviewed the Big Data testing techniques evidence occurring in the period 2010-2021. This paper discusses testing data processing by highlighting the techniques used in every processing phase. Furthermore, we discuss the challenges and future directions. Our findings show that diverse functional, non-functional and combined (functional and non-functional) testing techniques have been used to solve specific problems related to Big Data. At the same time, most of the testing challenges have been faced during the MapReduce validation phase. In addition, the combinatorial testing technique is one of the most applied techniques in combination with other techniques (i.e., random testing, mutation testing, input space partitioning and equivalence testing) to find various functional faults through Big Data testing.Comment: 32 page

Blockchain based Identity Management and Ticketing for MaaS

Trabalho de projeto de mestrado, Engenharia Informatica (Engenharia de Software) Universidade de Lisboa, Faculdade de Ciências, 2020As time moves further into the 21st century, the world is progressively becoming more sophisticated, and our capacity to forecast the future is decreasing at the same rate. The emerging global problems require new kinds of tools paving the way to move forward. Across Europe, privatised public transport systems are frequently conceived in separation by an operator resulting in legacy systems with proprietary ticketing solutions causing fragmentation and lack of uniformity of information. The Mobility-as-a-Service (MaaS) concept promises to solve existing problems in the transport industry since it allows the integration of different mobility services, such as car and bicycle sharing, among others, with traditional public transport. To plan a trip, passengers have several mobility options, interconnected to each other, with a range of alternatives according to their preferences. However, it is a huge challenge to expand the MaaS network that includes several operators. Recent innovations in Blockchain and distributed ledger technologies, especially the current developments of smart contracts, it is expected that a novel distributed approach to MaaS is finally feasible. MaaS systems benefit from the power of Blockchain disruptive technology, improving transparency and trust among service providers thereby eliminat ing the middle tier. In order to implement the new MaaS concept and take advantage of the high volumes of data relating to passengers and their tickets, it is essential that trans port operators have a unified system, thus allowing each participant to create, view and modify the information. This project enables the development of a new ticketing solution based on Blockchain, with an Identity Management module capable of managing the identities of passengers across the entire system, as well as the creation of a MaaS application mock-up for the passenger. Finally, the proposed system is evaluated in terms of operation and perfor mance, according predefined use cases and requirements. Results are achieved in terms of the collaboration between multiple service providers operating on a single platform

Enabling Identity for the IoT-as-a-Service Business Model

The IoT-as-a-Service (IoTaaS) business model has already been identified by some people from both industry and academia, but has not been formally defined. IoTaaS offers IoT devices on demand, with considerable cost savings and resource optimization. In addition, it enables different applications to reuse the existing devices. However, this business model is associated with different technological challenges that need to be addressed, one of which is the identity problem. Focusing on this, self-sovereign identity (SSI) schemes have proven to provide better privacy and scalability than traditional identity paradigms, which is especially important in the IoT owing to its characteristics. In this paper, we formally analyze an IoTaaS business model, identifying and detailing its main technological challenges. In addition, we tackle the identity problem of this business model and propose an SSI-based identity management system, which is compliant with the existing standards from the W3C, and include a performance evaluation.This work was supported in part by the Basque Country Government through the Collaborative Research Grants Program in Strategic Areas (ELKARTEK) Program by the Project TRUSTIND under Grant KK-2020/00054 and in part by the Spanish Government-Ministry of Science and Innovation through the Project AI4ES-2021 under Grant CER-20211030 and through the Project SICRAC under Grant PID2020-114495RB-I0