1,084 research outputs found

    Towards rapid modeling and prototyping of indoor and outdoor monitoring applications

    Get PDF
    Nowadays, the capability to remotely monitor indoor and outdoor environments would allow to reduce energy consumption and improve the overall management and users’ experience of network application systems. The most known solutions adopting remote control are related to domotics (e.g., smart homes and industry 4.0 applications). An important stimulus for the development of such smart approaches is the growth of the Internet of Things (IoT) technologies and the increasing investment in the development of green houses, buildings, and, in general, heterogeneous environments. While the benefits for the humans and the environment are evident, a pervasive adoption and distribution of remote monitoring solutions are hindered by the following issue: modeling, designing, prototyping, and further developing the remote applications and underlying architecture require a certain amount of time. Moreover, such systems must be often customized on the basis of the need of the specific domain and involved entities. For such reasons, in this paper, we provide the experience made in addressing some relevant indoor and outdoor case studies through IoT-targeted tools, technologies and protocols, highlighting the advantages and disadvantages of the considered solutions as well as insights that can be useful for future practitioners

    Resilient and Scalable Forwarding for Software-Defined Networks with P4-Programmable Switches

    Get PDF
    Traditional networking devices support only fixed features and limited configurability. Network softwarization leverages programmable software and hardware platforms to remove those limitations. In this context the concept of programmable data planes allows directly to program the packet processing pipeline of networking devices and create custom control plane algorithms. This flexibility enables the design of novel networking mechanisms where the status quo struggles to meet high demands of next-generation networks like 5G, Internet of Things, cloud computing, and industry 4.0. P4 is the most popular technology to implement programmable data planes. However, programmable data planes, and in particular, the P4 technology, emerged only recently. Thus, P4 support for some well-established networking concepts is still lacking and several issues remain unsolved due to the different characteristics of programmable data planes in comparison to traditional networking. The research of this thesis focuses on two open issues of programmable data planes. First, it develops resilient and efficient forwarding mechanisms for the P4 data plane as there are no satisfying state of the art best practices yet. Second, it enables BIER in high-performance P4 data planes. BIER is a novel, scalable, and efficient transport mechanism for IP multicast traffic which has only very limited support of high-performance forwarding platforms yet. The main results of this thesis are published as 8 peer-reviewed and one post-publication peer-reviewed publication. The results cover the development of suitable resilience mechanisms for P4 data planes, the development and implementation of resilient BIER forwarding in P4, and the extensive evaluations of all developed and implemented mechanisms. Furthermore, the results contain a comprehensive P4 literature study. Two more peer-reviewed papers contain additional content that is not directly related to the main results. They implement congestion avoidance mechanisms in P4 and develop a scheduling concept to find cost-optimized load schedules based on day-ahead forecasts

    Security and Privacy of Resource Constrained Devices

    Get PDF
    The thesis aims to present a comprehensive and holistic overview on cybersecurity and privacy & data protection aspects related to IoT resource-constrained devices. Chapter 1 introduces the current technical landscape by providing a working definition and architecture taxonomy of ‘Internet of Things’ and ‘resource-constrained devices’, coupled with a threat landscape where each specific attack is linked to a layer of the taxonomy. Chapter 2 lays down the theoretical foundations for an interdisciplinary approach and a unified, holistic vision of cybersecurity, safety and privacy justified by the ‘IoT revolution’ through the so-called infraethical perspective. Chapter 3 investigates whether and to what extent the fast-evolving European cybersecurity regulatory framework addresses the security challenges brought about by the IoT by allocating legal responsibilities to the right parties. Chapters 4 and 5 focus, on the other hand, on ‘privacy’ understood by proxy as to include EU data protection. In particular, Chapter 4 addresses three legal challenges brought about by the ubiquitous IoT data and metadata processing to EU privacy and data protection legal frameworks i.e., the ePrivacy Directive and the GDPR. Chapter 5 casts light on the risk management tool enshrined in EU data protection law, that is, Data Protection Impact Assessment (DPIA) and proposes an original DPIA methodology for connected devices, building on the CNIL (French data protection authority) model

    Data ethics : building trust : how digital technologies can serve humanity

    Get PDF
    Data is the magic word of the 21st century. As oil in the 20th century and electricity in the 19th century: For citizens, data means support in daily life in almost all activities, from watch to laptop, from kitchen to car, from mobile phone to politics. For business and politics, data means power, dominance, winning the race. Data can be used for good and bad, for services and hacking, for medicine and arms race. How can we build trust in this complex and ambiguous data world? How can digital technologies serve humanity? The 45 articles in this book represent a broad range of ethical reflections and recommendations in eight sections: a) Values, Trust and Law, b) AI, Robots and Humans, c) Health and Neuroscience, d) Religions for Digital Justice, e) Farming, Business, Finance, f) Security, War, Peace, g) Data Governance, Geopolitics, h) Media, Education, Communication. The authors and institutions come from all continents. The book serves as reading material for teachers, students, policy makers, politicians, business, hospitals, NGOs and religious organisations alike. It is an invitation for dialogue, debate and building trust! The book is a continuation of the volume “Cyber Ethics 4.0” published in 2018 by the same editors

    A Generic Approach for the Automated Notarization of Cloud Configurations Using Blockchain-Based Trust.

    Get PDF
    Debido a su escalabilidad, las aplicaciones en la nube tienen una importante ventaja de costes para las empresas. En consecuencia, las empresas quieren tanto externalizar sus datos como obtener servicios de la nube. Sin embargo, dado que la mayoría de las empresas tienen políticas internas y requisitos de cumplimiento para operar y utilizar aplicaciones de software, el uso de aplicaciones en la nube crea un nuevo desafío para las empresas. La inclusión de aplicaciones en la nube equivale a la subcontratación de servicios en el sentido de que las empresas deben confiar en que el proveedor de aplicaciones en la nube aplicará los requisitos de cumplimiento interno en las aplicaciones adoptadas. La investigación ha demostrado que la confianza y el riesgo están estrechamente relacionados y son factores clave que influyen en la utilización de aplicaciones en la nube. Esta tesis pretende desarrollar una arquitectura en la nube que aborde este reto, trasladando la confianza en las configuraciones de cumplimiento del proveedor de aplicaciones en la nube a la cadena de bloques. Así, este trabajo pretende reducir el riesgo de adopción de las aplicaciones en la nube debido a los requisitos de cumplimiento. En esta tesis, la investigación de la ciencia del diseño se utiliza para crear la arquitectura para trasladar la confianza mencionada a la cadena de bloques. Un grupo de discusión determinó el alcance del trabajo. La base de conocimientos de este trabajo se construyó utilizando inteligencia artificial y una revisión sistemática de la literatura, y la arquitectura presentada se desarrolló y prototipó utilizando el método de desarrollo rápido de aplicaciones. Se utilizaron entrevistas guiadas semiestructuradas de método mixto para evaluar el enfoque de la arquitectura presentada y valorar las cualidades de reducción del riesgo de adopción. La tesis demostró que la arquitectura de software desarrollada podía trasladar la confianza del proveedor de la nube a la cadena de bloques. La evaluación de la arquitectura de software propuesta demostró además que el riesgo de adopción debido a las configuraciones de la nube basadas en el cumplimiento podía reducirse de "alto" a "bajo" utilizando la tecnología blockchain. Esta tesis presenta una arquitectura que desplaza la confianza para la implementación de configuraciones basadas en el cumplimiento de la normativa desde el proveedor de la nube a la cadena de bloques. Además, muestra que el cambio de confianza puede reducir significativamente el riesgo de adopción de las aplicaciones en la nube.Administración y Dirección de Empresa

    Themelio: a new blockchain paradigm

    Get PDF
    Public blockchains hold great promise in building protocols that uphold security properties like transparency and consistency based on internal, incentivized cryptoeconomic mechanisms rather than preexisting trust in participants. Yet user-facing blockchain applications beyond "internal" immediate derivatives of blockchain incentive models, like cryptocurrency and decentralized finance, have not achieved widespread development or adoption. We propose that this is not primarily due to "engineering" problems in aspects such as scaling, but due to an overall lack of transferable endogenous trust—the twofold ability to uphold strong, internally-generated security guarantees and to translate them into application-level security. Yet we argue that blockchains, due to their foundation on game-theoretic incentive models rather than trusted authorities, are uniquely suited for building transferable endogenous trust, despite their current deficiencies. We then engage in a survey of existing public blockchains and the difficulties and crises that they have faced, noting that in almost every case, problems such as governance disputes and ecosystem inflexibility stem from a lack of transferable endogenous trust. Next, we introduce Themelio, a decentralized, public blockchain designed to support a new blockchain paradigm focused on transferable endogenous trust. Here, the blockchain is used as a low-level, stable, and simple root of trust, capable of sharing this trust with applications through scalable light clients. This contrasts with current blockchains, which are either applications or application execution platforms. We present evidence that this new paradigm is crucial to achieving flexible deployment of blockchain-based trust. We then describe the Themelio blockchain in detail, focusing on three areas key to its overall theme of transferable, strong endogenous trust: a traditional yet enhanced UTXO model with features that allow powerful programmability and light-client composability, a novel proof-of-stake system with unique cryptoeconomic guarantees against collusion, and Themelio's unique cryptocurrency "mel", which achieves stablecoin-like low volatility without sacrificing decentralization and security. Finally, we explore the wide variety of novel, partly off-chain applications enabled by Themelio's decoupled blockchain paradigm. This includes Astrape, a privacy-protecting off-chain micropayment network, Bitforest, a blockchain-based PKI that combines blockchain-backed security guarantees with the performance and administration benefits of traditional systems, as well as sketches of further applications

    Jornadas Nacionales de Investigación en Ciberseguridad: actas de las VIII Jornadas Nacionales de Investigación en ciberseguridad: Vigo, 21 a 23 de junio de 2023

    Get PDF
    Jornadas Nacionales de Investigación en Ciberseguridad (8ª. 2023. Vigo)atlanTTicAMTEGA: Axencia para a modernización tecnolóxica de GaliciaINCIBE: Instituto Nacional de Cibersegurida
    corecore