111 research outputs found

    Securing openHAB Smart Home Through User Authentication and Authorization

    Get PDF
    Asjade Internet ehk vĂ€rkvĂ”rk on dĂŒnaamiline ja heterogeenne keskkond, kus asjad koguvad erinevate ĂŒlesannete tĂ€itmiseks keskkonnast andmeid. VĂ€rkvĂ”rgu rakendusvaldkondades nagu nĂ€iteks tark kodu kasutatakse harilikult operatsioonide tĂ€itmisel kasutaja privaatandmeid. Kui sellised rakendused on turvamata vĂ”rkudele avatud, muutub turvalisus oluliseks probleemiks. OpenHAB on OSGi-pĂ”hine automatiseerimistarkvara, mis koondab kodukeskkonna seadmete andmeid. OpenHAB ei tee kasutajatele ligipÀÀsu reguleerimismehhanismide kasutamist kohustuslikuks ning sĂ”ltub seega tĂ€ielikult juhtmevaba vĂ”rgu turvalisusest. KĂ€esolevas lĂ”putöös uurisime ning arendasime JSON Web Token’i-pĂ”hist tĂ”endi autenturit Eclipse SmartHome platvormile, millel pĂ”hineb ka openHAB. TĂ”endi autentur on baasiks ligipÀÀsu reguleerimismehhanismile. Lisaks esitleme kasutatavat volitusmudelit, mis vĂ”imaldab hallata kasutajate ligipÀÀsuĂ”igusi asjadele. Saavutatud tulemused osutavad, et ligipÀÀsu reguleerimismehhanismide rakendamine servlet-ide ja REST ressursside jaoks openHABi arhitektuuris on teostatav.The Internet of Things (IoT) is a dynamic and heterogenous environment where Things gather data from the real world to perform various tasks. Applications in IoT, such as the smart home, typically use private data derived from its users for its operations. Security becomes a concern when these applications are exposed to insecure networks. OpenHAB is an OSGi-based automation software that integrates the data from devices at home. OpenHAB does not enforce any access control mechanism for its users, and depends solely on the security of the wireless network. In this work, we studied and implemented a JSON Web Token-based authenticator for Eclipse SmartHome, the core of openHAB, as a base for access control mechanisms. Furthermore, we propose a fine-grained, yet usable authorization model to manage access permissions to things among legitimate users. The results obtained show that it is feasible to enforce access control mechanisms for servlet and REST resources in the architecture of openHAB

    Enabling Machine Understandable Exchange of Energy Consumption Information in Intelligent Domotic Environments

    Get PDF
    In the 21st century, all the major countries around the world are coming together to reduce the impact of energy generation and consumption on the global environment. Energy conservation and its efficient usage has become a top agenda on the desks of many governments. In the last decade, the drive to make homes automated and to deliver a better assisted living picked pace and the research into home automation systems accelerated, usually based on a centralized residential gateway. However most devised solutions fail to provide users with information about power consumption of different house appliances. The ability to collect power consumption information can lead us to have a more energy efficient society. The goal addressed in this paper is to enable residential gateways to provide the energy consumption information, in a machine understandable format, to support third party applications and services. To reach this goal, we propose a Semantic Energy Information Publishing Framework. The proposed framework publishes, for different appliances in the house, their power consumption information and other properties, in a machine understandable format. Appliance properties are exposed according to the existing semantic modeling supported by residential gateways, while instantaneous power consumption is modeled through a new modular Energy Profile ontolog

    Extending an open source enterprise service bus for multi-tenancy support focusing on administration and management

    Get PDF
    As part of cloud computing, the service model Platform-as-a-Service (PaaS) has emerged, where customers can develop and host internet-scale applications on cloud infrastructure. The Enterprise Service Bus (ESB) is one possible building block of a PaaS offering, providing integration capabilities for service-oriented architectures. Bringing the ESB to the cloud requires scalability and multi-tenancy support. When applied, these characteristics lead to economies of scale, reducing the costs per customer. In this diploma thesis we specify, design, and implement a multi-tenant management application for an existing open source ESB. The management application grants tenant users limited configuration access to the ESB’s connectivity and integration services. A tenant registry and a service registry serve as platform-wide databases. We ensure data isolation between tenants for the management application and ESB message flows. Furthermore, the management application can control clusters of ESB instances, retaining elasticity. These goals also involve extensions to the ESB itself, which implements the Java Business Integration (JBI) specification. As a result, an integration scenario emerged from the EU-funded project 4CaaSt was applied to the system

    Extending an open source enterprise service bus for dynamic discovery and selection of cloud data hosting solutions based on WS-policy

    Get PDF
    As part of Cloud computing, the service model Platform-as-a-Service (PaaS) has emerged, where customers can develop and host internet-scale applications on Cloud infrastructure. The Enterprise Service Bus (ESB) is one possible building block of a PaaS offering, providing integration capabilities for Service-Oriented architectures. Dynamic service discovery and selection support for an ESB increases flexibility of the application composed of reusable services in the Cloud and gives providers the possibility react faster on changes in the market. In this master's thesis we specify, design and implement Dynamic Discovery and Selection of Cloud Data Hosting Solutions for an open-source ESB. Provided dynamic service discovery and selection endpoint/service allows users of tenants to send requests with attached policies, while tenants register Cloud Data Hosting Solutions with the policies that describe their capabilities. To provide uniform policy language a new WS-Policy Assertion Language is created and specified that is used to express functional and non-functional properties of Cloud Data Hosting Solutions. By matching a policy in a request and policies of Cloud Data Hosting Solutions, a suitable Cloud data store service is discovered. Moreover, we ensure data isolation between tenants while providing dynamic service discovery and selection

    Contribution to Quality-driven Evolutionary Software Development process for Service-Oriented Architectures

    Get PDF
    The quality of software is a key element for the successful of a system. Currently, with the advance of the technology, consumers demand more and better services. Models for the development process have also to be adapted to new requirements. This is particular true in the case of service oriented systems (domain of this thesis), where an unpredictable number of users can access to one or several services. This work proposes an improvement in the models for the software development process based on the theory of the evolutionary software development. The main objective is to maintain and improve the quality of software as long as possible and with the minimum effort and cost. Usually, this process is supported on methods known in the literature as agile software development methods. Other key element in this thesis is the service oriented software architecture. Software architecture plays an important role in the quality of any software system. The Service oriented architecture adds the service flexibility, the services are autonomous and compact assets, and they can be improved and integrated with better facility. The proposed model in this thesis for evolutionary software development makes emphasis in the quality of services. Therefore, some principles of evolutionary development are redefined and new processes are introduced, such as: architecture assessment, architecture recovery and architecture conformance. Every new process will be evaluated with case studies considering quality aspects. They have been selected according to the market demand, they are: the performance, security and evolutionability. Other aspects could be considered of the same way than the three previous, but we believe that these quality attributes are enough to demonstrate the viability of our proposal

    Carbook: A Platform for Mobile Automotive Services

    Get PDF
    Wireless mobile technologies have triggered a rapid development of secondary network technologies. One such prominent field of technology is interoperability for consumer devices. This field is mostly based on XML and Web Services and it includes technologies such as Universal Plug-and-Play, open media container formats, open codecs and Rich Internet Application technologies for mobile devices. Automotive field has been relatively slow and conservative in embracing these new Internet technologies. This is about to change as European Union and other substantial players are pressing forward with the safety and environmental technologies in cars. These technologies depend heavily on wireless Internet connectivity. As part of this thesis work, I have played a central role in defining the core concept of a distributed framework for mobile automotive services, Carbook System. I have also outlined the first phase of a shared research environment, Carlab, for these kinds of services. Carlab is used to demonstrate different technologies in accordance to Elektrobit’s vision for the future automotive Internet services. Carbook System will be implemented incrementally jointly with the continuation of the Carlab implementation. In this master of science thesis I have mapped and evaluated the essential technologies and created a preliminary outline for Carbook System and a set of services. The first phase Carlab network topology and emulation of different domains in Carbook System are also drafted in this thesis work

    Managing collaboration and competition of multiple WAN services in a residential network

    Full text link

    Design and development of a context sensitive rural development software application for eService provisioning

    Get PDF
    After more than a decade since South Africa realized the importance of Information and Communication Technology (ICT) and the role it can play to deliver services, the country is still confronted by a number of challenges challenges that hinder the implementation of a fully-fledged ICT-based system in a form of electronic government to better deliver services and information. While rural development remains as one of the country’s greatest concerns, ICT is among approaches and perspectives that are recognized for not only accelerating rural development but also for providing the country’s economic growth. This research was set to investigate approaches to implement ICT solutions for rural development and service provisioning in the context of electronic government. The research focused more on the technical skills to implement such ICT systems for the benefit of rural development and e-government stakeholders that have an interest in design and development of an integrated and interoperable solution to accelerate service delivery, especially in rural communities. A mixed methods approach was used throughout the research accompanied by an evolutionary prototyping to development the desired prototype. A study was then conducted to gain an understanding of the state and the needs of rural communities to date. The results of the study yielded a number of urbanized service providers that rural dwellers need to timeously visit to consume services. Scenarios to design and develop the intended prototypes were then drawn from these results. The overall implementation of the prototypes produced an integrated platform that allows multiple disparate systems to communicate, share and use information. The qualities of the prototype are what this research recommends to relevant to stakeholders in order to implement an integrated and interoperable e-government system that elevates rural development programs and service delivery

    Enterprise Integration Patterns in Service Oriented Systems

    Get PDF
    Enterprise Integration is difïŹcult to implement, since the environments around it are constantly changing. Some tools and frameworks can help the implementation, but they might not have any standardized way of creating the integration. Enterprise Integration Patterns will help with this by giving a set of patterns as guidelines on how the integration should work. This thesis examines what these patterns are and how exactly they impact the integration process. To get some concrete results, one integration solution will be improved by using a tool that is based on EIPs. The thesis is divided into three parts. The ïŹrst part examines the theory behind Enterprise Integration. It explains the evolution of Enterprise Integration and introduces some integration frameworks that can help the implementation. The second part revolves around Valtimo, the application that will receive the improved integration solution. In it, the criteria for choosing the best tool are examined. From the criteria, seven are chosen as the most relevant for Valtimo, and all the tools are evaluated against these weighed criteria. The ïŹnal part explains how the actual new implementation was made with the chosen tool. The study indicates that Enterprise Integration Patterns can help the integration by guaranteeing some features to be available in a framework, and bringing some best practices to the implementation. Still, a lot is dependant on how the actual integration tool is implemented. To choose the right tool, some set of criteria should be always applied. The criteria should be chosen so that there are only relevant ones to the current case. Comparing the new solution in Valtimo to the old one, some noticeable differences were realized. The new solution has a richer set of features, more active community with the tool and thus longer lifespan, and the tool is being kept up to date more frequently
    • 

    corecore