A Smart IoT-Aware System For Crisis Scenario Management

In most dangerous events, involving many people in large buildings, rescue workers need to intervene in a timely and targeted manner in order to help most number of people and secure the environments without wasting resources. This work presents an Internet of Things(IoT)-based framework, aiming at monitoring environmental parameters in order to alert rescuers when they exceed some alarm thresholds. A hardware infrastructure driven by a software layer adds flexibility and adaptability to the Complex Event Processing engine and to a rule engine-based reflective middleware that manages and analyzes raw data in conjunction with a knowledge base modeling the application domain

A Reengineering Approach to Reconciling Requirements and Implementation for Context - Aware Web Services Systems

In modern software development, the gap between software requirements and implementation is not always conciliated. Typically, for Web services-based context-aware systems, reconciling this gap is even harder. The aim of this research is to explore how software reengineering can facilitate the reconciliation between requirements and implementation for the said systems. The underlying research in this thesis comprises the following three components. Firstly, the requirements recovery framework underpins the requirements elicitation approach on the proposed reengineering framework. This approach consists of three stages: 1) Hypothesis generation, where a list of hypothesis source code information is generated; 2) Segmentation, where the hypothesis list is grouped into segments; 3) Concept binding, where the segments turn into a list of concept bindings linking regions of source code. Secondly, the derived viewpoints-based context-aware service requirements model is proposed to fully discover constraints, and the requirements evolution model is developed to maintain and specify the requirements evolution process for supporting context-aware services evolution. Finally, inspired by context-oriented programming concepts and approaches, ContXFS is implemented as a COP-inspired conceptual library in F#, which enables developers to facilitate dynamic context adaption. This library along with context-aware requirements analyses mitigate the development of the said systems to a great extent, which in turn, achieves reconciliation between requirements and implementation

A Smart IoT-Aware System For Crisis Scenario Management

In most dangerous events, involving many people in large buildings, rescue workers need to intervene in a timely and targeted manner in order to help most number of people and secure the environments without wasting resources. This work presents an Internet of Things(IoT)-based framework, aiming at monitoring environmental parameters in order to alert rescuers when they exceed some alarm thresholds. A hardware infrastructure driven by a software layer adds flexibility and adaptability to the Complex Event Processing engine and to a rule engine-based reflective middleware that manages and analyzes raw data in conjunction with a knowledge base modeling the application domain

Security and trust in cloud computing and IoT through applying obfuscation, diversification, and trusted computing technologies

Cloud computing and Internet of Things (IoT) are very widely spread and commonly used technologies nowadays. The advanced services offered by cloud computing have made it a highly demanded technology. Enterprises and businesses are more and more relying on the cloud to deliver services to their customers. The prevalent use of cloud means that more data is stored outside the organization’s premises, which raises concerns about the security and privacy of the stored and processed data. This highlights the significance of effective security practices to secure the cloud infrastructure. The number of IoT devices is growing rapidly and the technology is being employed in a wide range of sectors including smart healthcare, industry automation, and smart environments. These devices collect and exchange a great deal of information, some of which may contain critical and personal data of the users of the device. Hence, it is highly significant to protect the collected and shared data over the network; notwithstanding, the studies signify that attacks on these devices are increasing, while a high percentage of IoT devices lack proper security measures to protect the devices, the data, and the privacy of the users. In this dissertation, we study the security of cloud computing and IoT and propose software-based security approaches supported by the hardware-based technologies to provide robust measures for enhancing the security of these environments. To achieve this goal, we use obfuscation and diversification as the potential software security techniques. Code obfuscation protects the software from malicious reverse engineering and diversification mitigates the risk of large-scale exploits. We study trusted computing and Trusted Execution Environments (TEE) as the hardware-based security solutions. Trusted Platform Module (TPM) provides security and trust through a hardware root of trust, and assures the integrity of a platform. We also study Intel SGX which is a TEE solution that guarantees the integrity and confidentiality of the code and data loaded onto its protected container, enclave. More precisely, through obfuscation and diversification of the operating systems and APIs of the IoT devices, we secure them at the application level, and by obfuscation and diversification of the communication protocols, we protect the communication of data between them at the network level. For securing the cloud computing, we employ obfuscation and diversification techniques for securing the cloud computing software at the client-side. For an enhanced level of security, we employ hardware-based security solutions, TPM and SGX. These solutions, in addition to security, ensure layered trust in various layers from hardware to the application. As the result of this PhD research, this dissertation addresses a number of security risks targeting IoT and cloud computing through the delivered publications and presents a brief outlook on the future research directions.Pilvilaskenta ja esineiden internet ovat nykyään hyvin tavallisia ja laajasti sovellettuja tekniikkoja. Pilvilaskennan pitkälle kehittyneet palvelut ovat tehneet siitä hyvin kysytyn teknologian. Yritykset enenevässä määrin nojaavat pilviteknologiaan toteuttaessaan palveluita asiakkailleen. Vallitsevassa pilviteknologian soveltamistilanteessa yritykset ulkoistavat tietojensa käsittelyä yrityksen ulkopuolelle, minkä voidaan nähdä nostavan esiin huolia taltioitavan ja käsiteltävän tiedon turvallisuudesta ja yksityisyydestä. Tämä korostaa tehokkaiden turvallisuusratkaisujen merkitystä osana pilvi-infrastruktuurin turvaamista. Esineiden internet -laitteiden lukumäärä on nopeasti kasvanut. Teknologiana sitä sovelletaan laajasti monilla sektoreilla, kuten älykkäässä terveydenhuollossa, teollisuusautomaatiossa ja älytiloissa. Sellaiset laitteet keräävät ja välittävät suuria määriä informaatiota, joka voi sisältää laitteiden käyttäjien kannalta kriittistä ja yksityistä tietoa. Tästä syystä johtuen on erittäin merkityksellistä suojata verkon yli kerättävää ja jaettavaa tietoa. Monet tutkimukset osoittavat esineiden internet -laitteisiin kohdistuvien tietoturvahyökkäysten määrän olevan nousussa, ja samaan aikaan suuri osuus näistä laitteista ei omaa kunnollisia teknisiä ominaisuuksia itse laitteiden tai niiden käyttäjien yksityisen tiedon suojaamiseksi. Tässä väitöskirjassa tutkitaan pilvilaskennan sekä esineiden internetin tietoturvaa ja esitetään ohjelmistopohjaisia tietoturvalähestymistapoja turvautumalla osittain laitteistopohjaisiin teknologioihin. Esitetyt lähestymistavat tarjoavat vankkoja keinoja tietoturvallisuuden kohentamiseksi näissä konteksteissa. Tämän saavuttamiseksi työssä sovelletaan obfuskaatiota ja diversifiointia potentiaalisiana ohjelmistopohjaisina tietoturvatekniikkoina. Suoritettavan koodin obfuskointi suojaa pahantahtoiselta ohjelmiston takaisinmallinnukselta ja diversifiointi torjuu tietoturva-aukkojen laaja-alaisen hyödyntämisen riskiä. Väitöskirjatyössä tutkitaan luotettua laskentaa ja luotettavan laskennan suoritusalustoja laitteistopohjaisina tietoturvaratkaisuina. TPM (Trusted Platform Module) tarjoaa turvallisuutta ja luottamuksellisuutta rakentuen laitteistopohjaiseen luottamukseen. Pyrkimyksenä on taata suoritusalustan eheys. Työssä tutkitaan myös Intel SGX:ää yhtenä luotettavan suorituksen suoritusalustana, joka takaa suoritettavan koodin ja datan eheyden sekä luottamuksellisuuden pohjautuen suojatun säiliön, saarekkeen, tekniseen toteutukseen. Tarkemmin ilmaistuna työssä turvataan käyttöjärjestelmä- ja sovellusrajapintatasojen obfuskaation ja diversifioinnin kautta esineiden internet -laitteiden ohjelmistokerrosta. Soveltamalla samoja tekniikoita protokollakerrokseen, työssä suojataan laitteiden välistä tiedonvaihtoa verkkotasolla. Pilvilaskennan turvaamiseksi työssä sovelletaan obfuskaatio ja diversifiointitekniikoita asiakaspuolen ohjelmistoratkaisuihin. Vankemman tietoturvallisuuden saavuttamiseksi työssä hyödynnetään laitteistopohjaisia TPM- ja SGX-ratkaisuja. Tietoturvallisuuden lisäksi nämä ratkaisut tarjoavat monikerroksisen luottamuksen rakentuen laitteistotasolta ohjelmistokerrokseen asti. Tämän väitöskirjatutkimustyön tuloksena, osajulkaisuiden kautta, vastataan moniin esineiden internet -laitteisiin ja pilvilaskentaan kohdistuviin tietoturvauhkiin. Työssä esitetään myös näkemyksiä jatkotutkimusaiheista

Universal Mobile Service Execution Framework for Device-To-Device Collaborations

There are high demands of effective and high-performance of collaborations between mobile devices in the places where traditional Internet connections are unavailable, unreliable, or significantly overburdened, such as on a battlefield, disaster zones, isolated rural areas, or crowded public venues. To enable collaboration among the devices in opportunistic networks, code offloading and Remote Method Invocation are the two major mechanisms to ensure code portions of applications are successfully transmitted to and executed on the remote platforms. Although these domains are highly enjoyed in research for a decade, the limitations of multi-device connectivity, system error handling or cross platform compatibility prohibit these technologies from being broadly applied in the mobile industry. To address the above problems, we designed and developed UMSEF - an Universal Mobile Service Execution Framework, which is an innovative and radical approach for mobile computing in opportunistic networks. Our solution is built as a component-based mobile middleware architecture that is flexible and adaptive with multiple network topologies, tolerant for network errors and compatible for multiple platforms. We provided an effective algorithm to estimate the resource availability of a device for higher performance and energy consumption and a novel platform for mobile remote method invocation based on declarative annotations over multi-group device networks. The experiments in reality exposes our approach not only achieve the better performance and energy consumption, but can be extended to large-scaled ubiquitous or IoT systems

Modeling 4.0: Conceptual Modeling in a Digital Era

Digitization provides entirely new affordances for our economies and societies. This leads to previously unseen design opportunities and complexities as systems and their boundaries are re-defined, creating a demand for appropriate methods to support design that caters to these new demands. Conceptual modeling is an established means for this, but it needs to be advanced to adequately depict the requirements of digitization. However, unlike the actual deployment of digital technologies in various industries, the domain of conceptual modeling itself has not yet undergone a comprehensive renewal in light of digitization. Therefore, inspired by the notion of Industry 4.0, an overarching concept for digital manufacturing, in this commentary paper, we propose Modeling 4.0 as the notion for conceptual modeling mechanisms in a digital environment. In total, 12 mechanisms of conceptual modeling are distinguished, providing ample guidance for academics and professionals interested in ensuring that modeling techniques and methods continue to fit contemporary and emerging requirements

Mobile computing algorithms and systems for user-aware optimization of enterprise applications

The adoption of mobile devices, particularly smartphones, has grown steadily over the last decade, also permeating the enterprise sector. Enterprises are investing heavily in mobilization to improve employee productivity and perform business workflows, including smartphones and tablets. Enterprise mobility is expected to be more than a $250 billion market in 2019. Strategies to achieve mobilization range from building native apps, using mobile enterprise application platforms (MEAPS), developing with a mobile backend as a service (mBaaS), relying on application virtualization, and employing application refactoring. Enterprises are not yet experiencing the many benefits of mobilization, even though there is great promise. Email and browsing are used heavily, but the practical adoption of enterprise mobility to deliver value beyond these applications is in its infancy and faces barriers. Enterprises deploy few business workflows (<5 percent). Barriers include the heavy task burden in executing workflows on mobile devices, the irrelevance of available mobile features, non-availability of necessary business functions, the high cost of network access, increased security risks associated with smartphones, and increased complexity of mobile application development. This dissertation identifies key barriers to user productivity on smartphones and investigates user-aware solutions that leverage redundancies in user behavior to reduce burden, focusing on the following mobility aspects: (1) Workflow Mobilization: For an employee to successfully perform workflows on a smartphone, a mobile app must be available, and the specific workflow must survive the defeaturization process necessary for mobilization. While typical mobilization strategies offer mobile access to a few heavily-used features, there is a long-tail problem for enterprise application mobilization, in that many application features are left unsupported or are too difficult to access. We propose a do-it-yourself (DIY) platform, Taskr, that allows users at all skill levels to mobilize workflows. Taskr uses remote computing with application refactoring to achieve code-less mobilization of enterprise web applications. It allows for flexible mobile delivery so that users can execute spot tasks through Twitter, email, or a native mobile app. Taskr prototypes from 15 enterprise applications reduce the number of user actions performing workflows by 40 percent compared to the desktop; (2) Content sharing (enterprise email): An enterprise employee spends an inordinate amount of time on email responding to queries and sharing information with co-workers. This problem is further aggravated on smartphones due to smaller screen real estate. We consider automated information suggestions to ease the burden of reply construction on smartphones. The premise is that a significant portion of the information content in a reply is likely present in prior emails. We first motivate this premise by analyzing both public and private email datasets. We then present Dejavu, a system that relies on inverse document frequency (IDF) and keyword matching to provide relevant suggestions for responses. Evaluation of Dejavu over email datasets shows a 22 percent reduction in the user’s typing burden; (3) Collaboration: Even though many business processes within enterprises require employees to work as a team and collaborate, few mobile apps allow two employees to work on an object from two separate devices simultaneously. We present Peek, a mobile-to-mobile remote computing protocol for collaboration that lets users remotely interact with an application in a responsive manner. Unlike traditional desktop remote computing protocols, Peek provides multi-touch support for ease of operation and a flexible frame compression scheme that accounts for the resource constraints of a smartphone. An Android prototype of Peek shows a 62 percent reduction in time to perform touchscreen actions.Ph.D

PROFILING - CONCEPTS AND APPLICATIONS

Profiling is an approach to put a label or a set of labels on a subject, considering the characteristics of this subject. The New Oxford American Dictionary defines profiling as: “recording and analysis of a person’s psychological and behavioral characteristics, so as to assess or predict his/her capabilities in a certain sphere or to assist in identifying a particular subgroup of people”. This research extends this definition towards things demonstrating that many methods used for profiling of people may be applied for a different type of subjects, namely things. The goal of this research concerns proposing methods for discovery of profiles of users and things with application of Data Science methods. The profiles are utilized in vertical and 2 horizontal scenarios and concern such domains as smart grid and telecommunication (vertical scenarios), and support provided both for the needs of authorization and personalization (horizontal usage).:The thesis consists of eight chapters including an introduction and a summary. First chapter describes motivation for work that was carried out for the last 8 years together with discussion on its importance both for research and business practice. The motivation for this work is much broader and emerges also from business importance of profiling and personalization. The introduction summarizes major research directions, provides research questions, goals and supplementary objectives addressed in the thesis. Research methodology is also described, showing impact of methodological aspects on the work undertaken. Chapter 2 provides introduction to the notion of profiling. The definition of profiling is introduced. Here, also a relation of a user profile to an identity is discussed. The papers included in this chapter show not only how broadly a profile may be understood, but also how a profile may be constructed considering different data sources. Profiling methods are introduced in Chapter 3. This chapter refers to the notion of a profile developed using the BFI-44 personality test and outcomes of a survey related to color preferences of people with a specific personality. Moreover, insights into profiling of relations between people are provided, with a focus on quality of a relation emerging from contacts between two entities. Chapters from 4 to 7 present different scenarios that benefit from application of profiling methods. Chapter 4 starts with introducing the notion of a public utility company that in the thesis is discussed using examples from smart grid and telecommunication. Then, in chapter 4 follows a description of research results regarding profiling for the smart grid, focusing on a profile of a prosumer and forecasting demand and production of the electric energy in the smart grid what can be influenced e.g. by weather or profiles of appliances. Chapter 5 presents application of profiling techniques in the field of telecommunication. Besides presenting profiling methods based on telecommunication data, in particular on Call Detail Records, also scenarios and issues related to privacy and trust are addressed. Chapter 6 and Chapter 7 target at horizontal applications of profiling that may be of benefit for multiple domains. Chapter 6 concerns profiling for authentication using un-typical data sources such as Call Detail Records or data from a mobile phone describing the user behavior. Besides proposing methods, also limitations are discussed. In addition, as a side research effect a methodology for evaluation of authentication methods is proposed. Chapter 7 concerns personalization and consists of two diverse parts. Firstly, behavioral profiles to change interface and behavior of the system are proposed and applied. The performance of solutions personalizing content either locally or on the server is studied. Then, profiles of customers of shopping centers are created based on paths identified using Call Detail Records. The analysis demonstrates that the data that is collected for one purpose, may significantly influence other business scenarios. Chapter 8 summarizes the research results achieved by the author of this document. It presents contribution over state of the art as well as some insights into the future work planned