41 research outputs found
Recommended from our members
Generic support for policy-based self-adaptive systems
This paper presents a policy definition language which forms part of a generic policy toolkit for autonomic computing systems in which the policies themselves can be modified dynamically and automatically. Targeted enhancements to the current state of practice include: policy self-adaptation where the policy itself is dynamically modified to match environmental conditions; improved support for non autonomics-expert developers; and facilitating easy deployment of adaptive policies into legacy code.
The policy definition language permits powerful expression of self-managing behaviours and facilitates a diverse policy behaviour space. Features include support for multiple versions of a given policy type, multiple configuration templates, and meta policies to dynamically select between policy instances.
An example deployment scenario illustrates advanced functionality in the context of a multi policy stock trading system which is sensitive to environmental volatility
An experimental testbed to predict the performance of XACML Policy Decision Points
The performance and scalability of access control
systems is a growing concern as organisations deploy ever more complex communications and content management systems. This paper describes how an (offline) experimental testbed may be used to address performance concerns. To begin, timing measurements are collected from a server component incorporating the Policy Decision Point (PDP) under test, using representative policies and corresponding requests. Our experiments with two XACML PDP implementations show that measured request service times are typically clustered by request type; thus an algorithm for request cluster identification is presented. Cluster characterisations are used as inputs to a PDP performance model for a given policy/request mix and an analytic (queueing) model is used to estimate the equilibrium server load for different mixes of request clusters. The analytic performance prediction model is validated and extended by discrete event simulation of a PDP subject to additional load. These predictive models enable network administrators to explore the capacity of the PDP for different overall loadings (requests per unit time) and profiles (relative frequencies) of requests
BALANCING NON-FUNCTIONAL REQUIREMENTS IN CLOUD-BASED SOFTWARE: AN APPROACH BASED ON SECURITY-AWARE DESIGN AND MULTI-OBJECTIVE SOFTWARE DYNAMIC MANAGEMENT
Beyond its functional requirements, architectural design, the quality of a software system
is also defined by the degree to which it meets its non-functional requirements. The
complexity of managing these non-functional requirements is exacerbated by the fact that
they are potentially conflicting with one another. For cloud-based software, i.e., software whose
service is delivered through a cloud infrastructure, other constraints related to the features of the
hosting data center, such as cost, security and performance, have to be considered by system and
software designers. For instance, the evaluation of requests to access sensitive resources results in
performance overhead introduced by policy rules evaluation and message exchange between the
different geographically distributed components of the authorization system. Duplicating policy
rule evaluation engines traditionally solves such performance issues, however such a decision has
an impact on security since it introduces additional potential private data leakage points. Taking
into account all the aforementioned features is a key factor to enhance the perceived quality of
service (QoS) of the cloud as a whole. Maximizing users and software developers satisfaction with
cloud-based software is a challenging task since trade-off decisions have to be dynamically taken
between these conflicting quality attributes to adapt to system requirements evolution.
In this thesis, we tackle the challenges of building a decision support method to optimize
software deployment in a cloud environment. Our proposed holistic method operates both at the
level of 1) Platform as a service (PaaS) by handling software components deployment to achieve
an efficient runtime optimization to satisfy cloud providers and customers objectives 2) Guest
applications by making inroads into the design of applications to enable the design of secure
systems that also meet flexibility, performance and cost requirements. To thoroughly investigate
these challenges, we identify three main objectives that we address as follows:
The first objective is to achieve a runtime optimization of cloud-based software deployment
at the Platform as a service (PaaS) layer, by considering both cloud customers and providers
constraints. To fulfill this objective, we leverage the [email protected] paradigm to build an
abstraction layer to model a cloud infrastructure. In a second step, we model the software placement
problem as a multi-objective optimization problem and we use multi-objective evolutionary
algorithms (MOEAs) to identify a set of possible cloud optimal configurations that exhibit best
trade-offs between conflicting objectives. The approach is validated through a case study that
we defined with EBRC1, a cloud provider in Luxembourg, as a representative of a software
component placement problem in heterogeneous distributed cloud nodes.
The second objective is to ameliorate the convergence speed of MOEAs that we have used to
achieve a run-time optimization of cloud-based software. To cope with elasticity requirements
of cloud-based applications, we improve the way the search strategy operates by proposing a
hyper-heuristic that operates on top of MOEAs. Our hyper-heuristic uses the history of mutation
effect on fitness functions to select the most relevant mutation operators. Our evaluation shows that MOEAs in conjunction with our hyper-heuristic has a significant performance improvement
in terms of resolution time over the original MOEAs.
The third objective aims at optimizing cloud-based software trade-offs by exploring applications
design as a complementary step to the optimization at the level of the cloud infrastructure,
tackled in the first and second objectives. We aimed at achieving security trade-offs at the level of
guest applications by revisiting current practices in software methods. We focus on access control
as a main security concern and we opt for guest applications that manage resources regulated by
access control policies specified in XACML2. This focus is mainly motivated by two key factors:
1) Access control is the pillar of computer security as it allows to protect sensitive resources
in a given system from unauthorized accesses 2) XACML is the de facto standard language to
specify access control policies and proposes an access control architectural model that supports
several advanced access requirements such as interoperability and portability. To attain this
objective, we advocate the design of applications based on XACML architectural model to achieve
a trade-off between security and flexibility and we adopt a three-step approach: First, we identify
a lack in the literature in XACML with obligation handling support. Obligations enable to specify
user actions that have to be performed before/during/after the access to resources. We propose an
extension of the XACML reference model and language to use the history of obligations states at
the decision making time. In this step, we extend XACML access control architecture to support
a wider range of usage control scenarios. Second, in order to avoid degrading performance while
using a secure architecture based on XACML, we propose a refactoring technique applied on
access control policies to enhance request evaluation time. Our approach, evaluated on three Java
policy-based systems, enables to substantially reduce request evaluation time. Finally, to achieve
a trade-off between a safe security policy evolution and regression testing costs, we develop a
regression-test-selection approach for selecting test cases that reveal faults caused by policy
changes.
To sum up, in all aforementioned objectives, we pursue the goal of analysing and improving
the current landscape in the development of cloud-based software. Our focus on security quality
attributes is driven by its crucial role in widening the adoption of cloud computing. Our approach
brings to light a security-aware design of guest applications that is based on XACML architecture.
We provide useful guidelines, methods with underlying algorithms and tools for developers and
cloud solution designers to enhance tomorrow’s cloud-based software design.
Keywords: XACML-policy based systems, Cloud Computing, Trade-offs, Multi-Objective
Optimizatio
Optimization of Access Control Policies
Organizations undertake complex and costly projects to model high-quality Access Control Policies (ACPs). Once built, these policies must be maintained and managed in an ongoing process to keep their quality high. Insufficient maintenance leads to inaccurate authorization decisions and increases the policies’ administrative effort and susceptibility to errors. While the initial modeling of ACPs has received significant research interest, their optimization is not yet covered as broadly. This work provides a theoretical foundation for ACP quality and its optimization. Furthermore, it analyzes how existing research addresses optimization of ACPs with regard to six crucial optimization dimensions. It presents a structured literature survey tracing these optimization dimensions, the contributed research artifact and data requirements. Building on this literature catalogue, this work elaborates on inaccuracies for user permission assignments, data availability, minimal perturbation and recommendation-based optimization
AMUSE: autonomic management of ubiquitous e-Health systems
Future e-Health systems will consist of low-power on-body wireless sensors attached to mobile users that interact with an ubiquitous computing environment to monitor the health and well being of patients in hospitals or at home. Patients or health practitioners have very little technical computing expertise so these systems need to be self-configuring and self-managing with little or no user input. More importantly, they should adapt autonomously to changes resulting from user activity, device failure, and the addition or loss of services. We propose the Self-Managed Cell (SMC) as an architectural pattern for all such types of ubiquitous computing applications and use an e-Health application in which on-body sensors are used to monitor a patient living in their home as an exemplar. We describe the services comprising the SMC and discuss cross-SMC interactions as well as the composition of SMCs into larger structures
Ensuring Cyber-Security in Smart Railway Surveillance with SHIELD
Modern railways feature increasingly complex embedded computing systems for surveillance, that are moving towards fully wireless smart-sensors. Those systems are aimed at monitoring system status from a physical-security viewpoint, in order to detect intrusions and other environmental anomalies. However, the same systems used for physical-security surveillance are vulnerable to cyber-security threats, since they feature distributed hardware and software architectures often interconnected by ‘open networks’, like wireless channels and the Internet. In this paper, we show how the integrated approach to Security, Privacy and Dependability (SPD) in embedded systems provided by the SHIELD framework (developed within the EU funded pSHIELD and nSHIELD research projects) can be applied to railway surveillance systems in order to measure and improve their SPD level. SHIELD implements a layered architecture (node, network, middleware and overlay) and orchestrates SPD mechanisms based on ontology models, appropriate metrics and composability. The results of prototypical application to a real-world demonstrator show the effectiveness of SHIELD and justify its practical applicability in industrial settings
A Goal-Directed and Policy-Based Approach to System Management
This thesis presents a domain-independent approach to dynamic system management using goals and policies. A goal is a general, high-level aim a system must continually work toward achieving. A policy is a statement of how a system should behave for a given set of detectable events and conditions. Combined, goals may be realised through the selection and execution of policies that contribute to their aims. In this manner, a system may be managed using a goal-directed, policy-based approach.
The approach is a collection of related techniques and tools: a policy language and policy system, goal definition and refinement via policy selection, and conflict filtering among policies. Central to these themes, ontologies are used to model application domains, and incorporate domain knowledge within the system. The ACCENT policy system (Advanced Component Control Enhancing Network Technologies, http://www.cs.stir.ac.uk/accent) is used as a base for the approach, while goals and policies are defined using an extension of APPEL (Adaptable and Programmable Policy Environment and Language, http://www.cs.stir.ac.uk/appel).
The approach differs from existing work in that it reduces system state, goals and policies to a numerical rather than logical form. This is more user-friendly as the goal domain may be expressed without any knowledge of formal methods. All developed techniques and tools are entirely domain-independent, allowing for reuse with other event-driven systems. The ability to express a system aim as a goal provides more powerful and proactive high-level management than was previously possible using policies alone. The approach is demonstrated and evaluated within this thesis for the domains of Internet telephony and sensor network/wind turbine management
IaaS-cloud security enhancement: an intelligent attribute-based access control model and implementation
The cloud computing paradigm introduces an efficient utilisation of huge computing
resources by multiple users with minimal expense and deployment effort
compared to traditional computing facilities. Although cloud computing has incredible
benefits, some governments and enterprises remain hesitant to transfer
their computing technology to the cloud as a consequence of the associated security
challenges. Security is, therefore, a significant factor in cloud computing
adoption. Cloud services consist of three layers: Software as a Service (SaaS), Platform
as a Service (PaaS), and Infrastructure as a Service (IaaS). Cloud computing
services are accessed through network connections and utilised by multi-users who
can share the resources through virtualisation technology. Accordingly, an efficient
access control system is crucial to prevent unauthorised access.
This thesis mainly investigates the IaaS security enhancement from an access
control point of view. [Continues.