Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study

Cloud computing has emerged as a popular paradigm and an attractive model for providing a reliable distributed computing model.it is increasing attracting huge attention both in academic research and industrial initiatives. Cloud deployments are paramount for institution and organizations of all scales. The availability of a flexible, free open source cloud platform designed with no propriety software and the ability of its integration with legacy systems and third-party applications are fundamental. Open stack is a free and opensource software released under the terms of Apache license with a fragmented and distributed architecture making it highly flexible. This project was initiated and aimed at designing a secured cloud infrastructure called BradStack, which is built on OpenStack in the Computing Laboratory at the University of Bradford. In this report, we present and discuss the steps required in deploying a secured BradStack Multi-node cloud infrastructure and conducting Penetration testing on OpenStack Services to validate the effectiveness of the security controls on the BradStack platform. This report serves as a practical guideline, focusing on security and practical infrastructure related issues. It also serves as a reference for institutions looking at the possibilities of implementing a secured cloud solution.Comment: 38 pages, 19 figures

Scan to BIM for 3D reconstruction of the papal basilica of saint Francis in Assisi In Italy

The historical building heritage, present in the most of Italian cities centres, is, as part of the construction sector, a working potential, but unfortunately it requires planning of more complex and problematic interventions. However, policies to support on the existing interventions, together with a growing sensitivity for the recovery of assets, determine the need to implement specific studies and to analyse the specific problems of each site. The purpose of this paper is to illustrate the methodology and the results obtained from integrated laser scanning activity in order to have precious architectural information useful not only from the cultural heritage point of view but also to construct more operative and powerful tools, such as BIM (Building Information Modelling) aimed to the management of this cultural heritage. The Papal Basilica and the Sacred Convent of Saint Francis in Assisi in Italy are, in fact, characterized by unique and complex peculiarities, which require a detailed knowledge of the sites themselves to ensure visitor’s security and safety. For such a project, we have to take in account all the people and personnel normally present in the site, visitors with disabilities and finally the needs for cultural heritage preservation and protection. This aim can be reached using integrated systems and new technologies, such as Internet of Everything (IoE), capable of connecting people, things (smart sensors, devices and actuators; mobile terminals; wearable devices; etc.), data/information/knowledge and processes to reach the desired goals. The IoE system must implement and support an Integrated Multidisciplinary Model for Security and Safety Management (IMMSSM) for the specific context, using a multidisciplinary approach

Towards a Layered Architectural View for Security Analysis in SCADA Systems

Supervisory Control and Data Acquisition (SCADA) systems support and control the operation of many critical infrastructures that our society depend on, such as power grids. Since SCADA systems become a target for cyber attacks and the potential impact of a successful attack could lead to disastrous consequences in the physical world, ensuring the security of these systems is of vital importance. A fundamental prerequisite to securing a SCADA system is a clear understanding and a consistent view of its architecture. However, because of the complexity and scale of SCADA systems, this is challenging to acquire. In this paper, we propose a layered architectural view for SCADA systems, which aims at building a common ground among stakeholders and supporting the implementation of security analysis. In order to manage the complexity and scale, we define four interrelated architectural layers, and uses the concept of viewpoints to focus on a subset of the system. We indicate the applicability of our approach in the context of SCADA system security analysis.Comment: 7 pages, 4 figure

Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors

Cultural heritage and sustainable development targets : a possible harmonisation? Insights from the European Perspective

The Agenda 2030 includes a set of targets that need to be achieved by 2030. Although none of the 17 Sustainable Development Goals (SDGs) focuses exclusively on cultural heritage, the resulting Agenda includes explicit reference to heritage in SDG 11.4 and indirect reference to other Goals. Achievement of international targets shall happen at local and national level, and therefore, it is crucial to understand how interventions on local heritage are monitored nationally, therefore feeding into the sustainable development framework. This paper is focused on gauging the implementation of the Sustainable Development Goals with reference to cultural heritage, by interrogating the current way of classifying it (and consequently monitoring). In fact, there is no common dataset associated with monitoring SDGs, and the field of heritage is extremely complex and diversified. The purpose for the paper is to understand if the taxonomy used by different national databases allows consistency in the classification and valuing of the different assets categories. The European case study has been chosen as field of investigation, in order to pilot a methodology that can be expanded in further research. A cross‐comparison of a selected sample of publicly accessible national cultural heritage databases has been conducted. As a result, this study confirms the existence of general harmonisation of data towards the achievement of the SDGs with a broad agreement of the conceptualisation of cultural heritage with international frameworks, thus confirming that consistency exists in the classification and valuing of the different assets categories. However, diverse challenges of achieving a consistent and coherent approach to integrating culture in sustainability remains problematic. The findings allow concluding that it could be possible to mainstream across different databases those indicators, which could lead to depicting the overall level of attainment of the Agenda 2030 targets on heritage. However, more research is needed in developing a robust correlation between national datasets and international targets

Advanced Cloud Privacy Threat Modeling

Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system . This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. We believe that the extended methodology facilitates the application of a privacy-preserving cloud software development approach from requirements engineering to design