49,058 research outputs found
Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study
Cloud computing has emerged as a popular paradigm and an attractive model for
providing a reliable distributed computing model.it is increasing attracting
huge attention both in academic research and industrial initiatives. Cloud
deployments are paramount for institution and organizations of all scales. The
availability of a flexible, free open source cloud platform designed with no
propriety software and the ability of its integration with legacy systems and
third-party applications are fundamental. Open stack is a free and opensource
software released under the terms of Apache license with a fragmented and
distributed architecture making it highly flexible. This project was initiated
and aimed at designing a secured cloud infrastructure called BradStack, which
is built on OpenStack in the Computing Laboratory at the University of
Bradford. In this report, we present and discuss the steps required in
deploying a secured BradStack Multi-node cloud infrastructure and conducting
Penetration testing on OpenStack Services to validate the effectiveness of the
security controls on the BradStack platform. This report serves as a practical
guideline, focusing on security and practical infrastructure related issues. It
also serves as a reference for institutions looking at the possibilities of
implementing a secured cloud solution.Comment: 38 pages, 19 figures
Scan to BIM for 3D reconstruction of the papal basilica of saint Francis in Assisi In Italy
The historical building heritage, present in the most of Italian cities centres, is, as part of the construction sector, a working potential,
but unfortunately it requires planning of more complex and problematic interventions. However, policies to support on the existing
interventions, together with a growing sensitivity for the recovery of assets, determine the need to implement specific studies and to
analyse the specific problems of each site. The purpose of this paper is to illustrate the methodology and the results obtained from
integrated laser scanning activity in order to have precious architectural information useful not only from the cultural heritage point
of view but also to construct more operative and powerful tools, such as BIM (Building Information Modelling) aimed to the
management of this cultural heritage. The Papal Basilica and the Sacred Convent of Saint Francis in Assisi in Italy are, in fact,
characterized by unique and complex peculiarities, which require a detailed knowledge of the sites themselves to ensure visitor’s
security and safety. For such a project, we have to take in account all the people and personnel normally present in the site, visitors
with disabilities and finally the needs for cultural heritage preservation and protection. This aim can be reached using integrated
systems and new technologies, such as Internet of Everything (IoE), capable of connecting people, things (smart sensors, devices and
actuators; mobile terminals; wearable devices; etc.), data/information/knowledge and processes to reach the desired goals. The IoE
system must implement and support an Integrated Multidisciplinary Model for Security and Safety Management (IMMSSM) for the
specific context, using a multidisciplinary approach
Towards a Layered Architectural View for Security Analysis in SCADA Systems
Supervisory Control and Data Acquisition (SCADA) systems support and control
the operation of many critical infrastructures that our society depend on, such
as power grids. Since SCADA systems become a target for cyber attacks and the
potential impact of a successful attack could lead to disastrous consequences
in the physical world, ensuring the security of these systems is of vital
importance. A fundamental prerequisite to securing a SCADA system is a clear
understanding and a consistent view of its architecture. However, because of
the complexity and scale of SCADA systems, this is challenging to acquire. In
this paper, we propose a layered architectural view for SCADA systems, which
aims at building a common ground among stakeholders and supporting the
implementation of security analysis. In order to manage the complexity and
scale, we define four interrelated architectural layers, and uses the concept
of viewpoints to focus on a subset of the system. We indicate the applicability
of our approach in the context of SCADA system security analysis.Comment: 7 pages, 4 figure
Secure data sharing and processing in heterogeneous clouds
The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors
Cultural heritage and sustainable development targets : a possible harmonisation? Insights from the European Perspective
The Agenda 2030 includes a set of targets that need to be achieved by 2030. Although none
of the 17 Sustainable Development Goals (SDGs) focuses exclusively on cultural heritage, the
resulting Agenda includes explicit reference to heritage in SDG 11.4 and indirect reference to other
Goals. Achievement of international targets shall happen at local and national level, and therefore,
it is crucial to understand how interventions on local heritage are monitored nationally, therefore
feeding into the sustainable development framework. This paper is focused on gauging the
implementation of the Sustainable Development Goals with reference to cultural heritage, by
interrogating the current way of classifying it (and consequently monitoring). In fact, there is no
common dataset associated with monitoring SDGs, and the field of heritage is extremely complex
and diversified. The purpose for the paper is to understand if the taxonomy used by different
national databases allows consistency in the classification and valuing of the different assets
categories. The European case study has been chosen as field of investigation, in order to pilot a
methodology that can be expanded in further research. A cross‐comparison of a selected sample of
publicly accessible national cultural heritage databases has been conducted. As a result, this study
confirms the existence of general harmonisation of data towards the achievement of the SDGs with
a broad agreement of the conceptualisation of cultural heritage with international frameworks, thus
confirming that consistency exists in the classification and valuing of the different assets categories.
However, diverse challenges of achieving a consistent and coherent approach to integrating culture
in sustainability remains problematic. The findings allow concluding that it could be possible to
mainstream across different databases those indicators, which could lead to depicting the overall
level of attainment of the Agenda 2030 targets on heritage. However, more research is needed in
developing a robust correlation between national datasets and international targets
Advanced Cloud Privacy Threat Modeling
Privacy-preservation for sensitive data has become a challenging issue in
cloud computing. Threat modeling as a part of requirements engineering in
secure software development provides a structured approach for identifying
attacks and proposing countermeasures against the exploitation of
vulnerabilities in a system . This paper describes an extension of Cloud
Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in
relation to processing sensitive data in cloud computing environments. It
describes the modeling methodology that involved applying Method Engineering to
specify characteristics of a cloud privacy threat modeling methodology,
different steps in the proposed methodology and corresponding products. We
believe that the extended methodology facilitates the application of a
privacy-preserving cloud software development approach from requirements
engineering to design
- …