Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments

Business analytics processes are often composed from orchestrated, collaborating services, which are consumed by users from multiple cloud systems (in different security realms), which need to be engaged dynamically at runtime. If heterogeneous cloud systems located in different security realms do not have direct authentication relationships, then it is a considerable technical challenge to enable secure collaboration. In order to address this security challenge, a new authentication framework is required to establish trust amongst business analytics service instances and users by distributing a common session secret to all participants of a session. We address this challenge by designing and implementing a secure multiparty authentication framework for dynamic interaction, for the scenario where members of different security realms express a need to access orchestrated services. This novel framework exploits the relationship of trust between session members in different security realms, to enable a user to obtain security credentials that access cloud resources in a remote realm. The mechanism assists cloud session users to authenticate their session membership, thereby improving the performance of authentication processes within multiparty sessions. We see applicability of this framework beyond multiple cloud infrastructure, to that of any scenario where multiple security realms has the potential to exist, such as the emerging Internet of Things (IoT).Comment: Submitted to the 20th IEEE International Conference on High Performance Computing and Communications 2018 (HPCC2018), 28-30 June 2018, Exeter, U

Middleware Technologies for Cloud of Things - a survey

The next wave of communication and applications rely on the new services provided by Internet of Things which is becoming an important aspect in human and machines future. The IoT services are a key solution for providing smart environments in homes, buildings and cities. In the era of a massive number of connected things and objects with a high grow rate, several challenges have been raised such as management, aggregation and storage for big produced data. In order to tackle some of these issues, cloud computing emerged to IoT as Cloud of Things (CoT) which provides virtually unlimited cloud services to enhance the large scale IoT platforms. There are several factors to be considered in design and implementation of a CoT platform. One of the most important and challenging problems is the heterogeneity of different objects. This problem can be addressed by deploying suitable "Middleware". Middleware sits between things and applications that make a reliable platform for communication among things with different interfaces, operating systems, and architectures. The main aim of this paper is to study the middleware technologies for CoT. Toward this end, we first present the main features and characteristics of middlewares. Next we study different architecture styles and service domains. Then we presents several middlewares that are suitable for CoT based platforms and lastly a list of current challenges and issues in design of CoT based middlewares is discussed.Comment: http://www.sciencedirect.com/science/article/pii/S2352864817301268, Digital Communications and Networks, Elsevier (2017

Middleware Technologies for Cloud of Things - a survey

The next wave of communication and applications rely on the new services provided by Internet of Things which is becoming an important aspect in human and machines future. The IoT services are a key solution for providing smart environments in homes, buildings and cities. In the era of a massive number of connected things and objects with a high grow rate, several challenges have been raised such as management, aggregation and storage for big produced data. In order to tackle some of these issues, cloud computing emerged to IoT as Cloud of Things (CoT) which provides virtually unlimited cloud services to enhance the large scale IoT platforms. There are several factors to be considered in design and implementation of a CoT platform. One of the most important and challenging problems is the heterogeneity of different objects. This problem can be addressed by deploying suitable "Middleware". Middleware sits between things and applications that make a reliable platform for communication among things with different interfaces, operating systems, and architectures. The main aim of this paper is to study the middleware technologies for CoT. Toward this end, we first present the main features and characteristics of middlewares. Next we study different architecture styles and service domains. Then we presents several middlewares that are suitable for CoT based platforms and lastly a list of current challenges and issues in design of CoT based middlewares is discussed.Comment: http://www.sciencedirect.com/science/article/pii/S2352864817301268, Digital Communications and Networks, Elsevier (2017

A Scalable Model for Secure Multiparty Authentication

Distributed system architectures such as cloud computing or the emergent architectures of the Internet Of Things, present significant challenges for security and privacy. Specifically, in a complex application there is a need to securely delegate access control mechanisms to one or more parties, who in turn can govern methods that enable multiple other parties to be authenticated in relation to the services that they wish to consume. We identify shortcomings in an existing proposal by Xu et al for multiparty authentication and evaluate a novel model from Al-Aqrabi et al that has been designed specifically for complex multiple security realm environments. The adoption of a Session Authority Cloud ensures that resources for authentication requests are scalable, whilst permitting the necessary architectural abstraction for myriad hardware IoT devices such as actuators and sensor networks, etc. In addition, the ability to ensure that session credentials are confirmed with the relevant resource principles means that the essential rigour for multiparty authentication is established

Use of Service Oriented Architecture for Scada Networks

Supervisory Control and Data Acquisition (SCADA) systems involve the use of distributed processing to operate geographically dispersed endpoint hardware components. They manage the control networks used to monitor and direct large-scale operations such as utilities and transit systems that are essential to national infrastructure. SCADA industrial control networks (ICNs) have long operated in obscurity and been kept isolated largely through strong physical security. Today, Internet technologies are increasingly being utilized to access control networks, giving rise to a growing concern that they are becoming more vulnerable to attack. Like SCADA, distributed processing is also central to cloud computing or, more formally, the Service Oriented Architecture (SOA) computing model. Certain distinctive properties differentiate ICNs from the enterprise networks that cloud computing developments have focused on. The objective of this project is to determine if modern cloud computing technologies can be also applied to improving dated SCADA distributed processing systems. Extensive research was performed regarding control network requirements as compared to those of general enterprise networks. Research was also conducted into the benefits, implementation, and performance of SOA to determine its merits for application to control networks. The conclusion developed is that some aspects of cloud computing might be usefully applied to SCADA systems but that SOA fails to meet ICN requirements in a certain essential areas. The lack of current standards for SOA security presents an unacceptable risk to SCADA systems that manage dangerous equipment or essential services. SOA network performance is also not sufficiently deterministic to suit many real-time hardware control applications. Finally, SOA environments cannot as yet address the regulatory compliance assurance requirements of critical infrastructure SCADA systems

Internet of Things Strategic Research Roadmap

Internet of Things (IoT) is an integrated part of Future Internet including existing and evolving Internet and network developments and could be conceptually defined as a dynamic global network infrastructure with self configuring capabilities based on standard and interoperable communication protocols where physical and virtual “things” have identities, physical attributes, and virtual personalities, use intelligent interfaces, and are seamlessly integrated into the information network

C-business et urbanisation d'entreprise

Les évolutions permanentes du marché ont forcé la plupart des entreprises à se focaliser sur les processus liés à leur coeur de métier. Ce recentrage les conduit alors soit à externaliser certaines parties de leurs processus, soit former temporairement une association avec d autres partenaires. Ces scénarios de collaboration imposent plusieurs contraintes sur la conception et l organisation du système d information à fin de le rendre facilement adaptable pour suivre les changements au niveau d organisation. Pour que le système d information soit facilement adaptable il est possible de restructurer le système d information en respectant les principes de l urbanisation du système d information couplé par une architecture orienté service, toute fois, cette organisation conduit à des systèmes assez rigides ne donnant pas réellement les capacités d initier des processus collaboratifs. Or, la collaboration impose de prendre en compte les contraintes de sécurité car l approche traditionnelle d urbanisation ne prend pas en considération la possibilité de collaboration et forme des îlots de sécurité ce qui s oppose à la nature transversale de la sécurité. En plus,dans un modèle orienté services, les applications distribuées sur plusieurs site ont peu ou pas de visibilité en matière de l information nécessaires pour assurer la sécurité au nouveau globale. C est dans ce contexte que nous avons proposé d adopter une démarche d urbanisation d entreprise qui promeut une organisation transversale du système de production de l entreprise qui permet une construction incrémentale des processus collaboratifs. Nous sommes parvenus à spécifier un modèle de service industriel construit par regroupement de toutes les fonctions nécessaires autour de la fabrication du produit. Ensuite, nous nous somme proposé de construire un middleware supportant ces services industriels. Cela induit d ajouter un niveau sémantique capable de gérer les propriétés fonctionnelles et non fonctionnelles (qualité de service et sécurité) aux bus de services traditionnels (ESB). Dans le cadre du projet ANR SEMEUSE visant à doter un ESB Open source (PETALS) d un niveau sémantique, notre contribution a plus particulièrement portée sur la spécification et la mise en oeuvre des composants permettant d intégrer de manière contextuelle les politiques de sécuritéMarket evolution has lead most of the enterprise to focus on their core business while setting outsourcing and collaborative strategies to be able to propose the best product-service offers. This Collaborative Business environment challenges Information System (IS) re-organisation to set agile, reactive and interoperable IT supports. To fulfil these requirements, one can reorganise the information system according to the urbanisation paradigm. Coupled to Service Oriented Architecture, this approach provides interoperable information systems. Nevertheless, traditional urbanization strategies lead to a partitioned and rather rigid IS organization aligned on the company s functional structure, which hinders initiating collaborative production processes, since production process is transversal and bypasses all enterprise business areas. To overcome these limits, we propose to adopt a new urbanization strategy that combines the transversal production logic with a service orientation to allow incremental production process building, based on goals to be reached. Despite of the advantages of the collaboration, in the dynamic collaboration scenarios, lack of trust can be a braking force while developing collaborative strategies. To this end, we proposed to integrate security needs and constraints into the definitions of business processes, organizational structure and technical components. Hence, the architecture we propose to implement our enterprise urbanization approach is based on a service-oriented model. We extend the traditional IT service to capture semantics associated to the industrial activity so that an industrial service model is proposed. Then security requirements are added in this model to govern access to different interfaces in a composite service. The implementation of this architecture is achieved using an industrial service bus by adding a security module extended with semantic layer on the top of PEtALS , an open source ESBVILLEURBANNE-DOC'INSA-Bib. elec. (692669901) / SudocSudocFranceF