On Secure Workflow Decentralisation on the Internet

Decentralised workflow management systems are a new research area, where most work to-date has focused on the system's overall architecture. As little attention has been given to the security aspects in such systems, we follow a security driven approach, and consider, from the perspective of available security building blocks, how security can be implemented and what new opportunities are presented when empowering the decentralised environment with modern distributed security protocols. Our research is motivated by a more general question of how to combine the positive enablers that email exchange enjoys, with the general benefits of workflow systems, and more specifically with the benefits that can be introduced in a decentralised environment. This aims to equip email users with a set of tools to manage the semantics of a message exchange, contents, participants and their roles in the exchange in an environment that provides inherent assurances of security and privacy. This work is based on a survey of contemporary distributed security protocols, and considers how these protocols could be used in implementing a distributed workflow management system with decentralised control . We review a set of these protocols, focusing on the required message sequences in reviewing the protocols, and discuss how these security protocols provide the foundations for implementing core control-flow, data, and resource patterns in a distributed workflow environment

Distributed operating systems

In the past five years, distributed operating systems research has gone through a consolidation phase. On a large number of design issues there is now considerable consensus between different research groups.\ud \ud In this paper, an overview of recent research in distributed systems is given. In turn, the paper discusses overall system structure, protection issues, file system designs, problems and solutions for fault tolerance and a mechanism that is rapidly becoming very important for efficient distributed systems design: hints.\ud \ud An attempt was made to provide sufficient references to interesting research projects for the reader to find material for more detailed study

The Design of a System Architecture for Mobile Multimedia Computers

This chapter discusses the system architecture of a portable computer, called Mobile Digital Companion, which provides support for handling multimedia applications energy efficiently. Because battery life is limited and battery weight is an important factor for the size and the weight of the Mobile Digital Companion, energy management plays a crucial role in the architecture. As the Companion must remain usable in a variety of environments, it has to be flexible and adaptable to various operating conditions. The Mobile Digital Companion has an unconventional architecture that saves energy by using system decomposition at different levels of the architecture and exploits locality of reference with dedicated, optimised modules. The approach is based on dedicated functionality and the extensive use of energy reduction techniques at all levels of system design. The system has an architecture with a general-purpose processor accompanied by a set of heterogeneous autonomous programmable modules, each providing an energy efficient implementation of dedicated tasks. A reconfigurable internal communication network switch exploits locality of reference and eliminates wasteful data copies

Evaluating XMPP Communication in IEC 61499-based Distributed Energy Applications

The IEC 61499 reference model provides an international standard developed specifically for supporting the creation of distributed event-based automation systems. Functionality is abstracted into function blocks which can be coded graphically as well as via a text-based method. As one of the design goals was the ability to support distributed control applications, communication plays a central role in the IEC 61499 specification. In order to enable the deployment of functionality to distributed platforms, these platforms need to exchange data in a variety of protocols. IEC 61499 realizes the support of these protocols via "Service Interface Function Blocks" (SIFBs). In the context of smart grids and energy applications, IEC 61499 could play an important role, as these applications require coordinating several distributed control logics. Yet, the support of grid-related protocols is a pre-condition for a wide-spread utilization of IEC 61499. The eXtensible Messaging and Presence Protocol (XMPP) on the other hand is a well-established protocol for messaging, which has recently been adopted for smart grid communication. Thus, SIFBs for XMPP facilitate distributed control applications, which use XMPP for exchanging all control relevant data, being realized with the help of IEC 61499. This paper introduces the idea of integrating XMPP into SIFBs, demonstrates the prototypical implementation in an open source IEC 61499 platform and provides an evaluation of the feasibility of the result.Comment: 2016 IEEE 21st International Conference on Emerging Technologies and Factory Automation (ETFA

TrusNet: Peer-to-Peer Cryptographic Authentication

Originally, the Internet was meant as a general purpose communication protocol, transferring primarily text documents between interested parties. Over time, documents expanded to include pictures, videos and even web pages. Increasingly, the Internet is being used to transfer a new kind of data which it was never designed for. In most ways, this new data type fits in naturally to the Internet, taking advantage of the near limit-less expanse of the protocol. Hardware protocols, unlike previous data types, provide a unique set security problem. Much like financial data, hardware protocols extended across the Internet must be protected with authentication. Currently, systems which do authenticate do so through a central server, utilizing a similar authentication model to the HTTPS protocol. This hierarchical model is often at odds with the needs of hardware protocols, particularly in ad-hoc networks where peer-to-peer communication is prioritized over a hierarchical model. Our project attempts to implement a peer-to-peer cryptographic authentication protocol to be used to protect hardware protocols extending over the Internet. The TrusNet project uses public-key cryptography to authenticate nodes on a distributed network, with each node locally managing a record of the public keys of nodes which it has encountered. These keys are used to secure data transmission between nodes and to authenticate the identities of nodes. TrusNet is designed to be used on multiple different types of network interfaces, but currently only has explicit hooks for Internet Protocol connections. As of June 2016, TrusNet has successfully achieved a basic authentication and communication protocol on Windows 7, OSX, Linux 14 and the Intel Edison. TrusNet uses RC-4 as its stream cipher and RSA as its public-key algorithm, although both of these are easily configurable. Along with the library, TrusNet also enables the building of a unit testing suite, a simple UI application designed to visualize the basics of the system and a build with hooks into the I/O pins of the Intel Edison allowing for a basic demonstration of the system

Integrating security in a group oriented distributed system

A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized

Digital system of quarry management as a SAAS solution: mineral deposit module

Purpose. Improving the efficiency of functioning the mining enterprises and aggregation of earlier obtained results into a unified digital system of designing and operative management by quarry operation. Methods. Both the traditional (analysis of scientific and patent literature, analytical methods of deposit parameters research, analysis of experience and exploitation of quarries, conducting the passive experiment and processing the statistical data) and new forms of scientific research - deposit modeling on the basis of classical and neural network methods of approximation – are used in the work. For the purpose of the software product realization on the basis of cloud technologies, there were used: for back-end implementation – server-based scripting language php; for the front-end – multi-paradigm programming language javascript, javascript framework jQuery and asynchronous data exchange technology Ajax. Findings. The target audience of the system has been identified, SWOT-analysis has been carried out, conceptual directions of 3D-quarry system development have been defined. The strategies of development and promotion of the software product, as well as the strategies of safety and reliability of the application both for the client and the owner of the system have been formulated. The modular structure of the application has been developed, and the system functions have been divided to implement both back-end and front-end applications. The Mineral Deposit Module has been developed: the geological structure of the deposit has been simulated and its block model has been constructed. It has been proved that the use of neural network algorithms does not give an essential increase in the accuracy of the block model for the deposits of 1 and 2 groups in terms of the geological structure complexity. The possibility and prospects of constructing the systems for subsoil users on the basis of cloud technologies and the concept of SaaS have been substantiated. Originality. For the first time, the modern software products for solving the problems of designing and operational management of mining operations have been successfully developed on the basis of the SaaS concept. Practical implications. The results are applicable for enterprises-subsoil users, working with deposits of 1 and 2 groups in terms of the geological structure complexity: design organizations, as well as mining and processing plants.Мета. Підвищення ефективності функціонування гірничорудних підприємств та агрегація раніше отриманих результатів в єдину цифрову систему проектування і оперативного управління роботою кар’єрів. Методика. У роботі використані як традиційні (аналіз науково-патентної літератури, аналітичні методи дослідження параметрів родовища, аналіз досвіду й експлуатації кар’єрів, проведення пасивного експерименту та статистичної обробки даних), так і нові форми наукового дослідження – моделювання родовища на основі класичних і нейромережевих методів апроксимації. Для реалізації програмного продукту на основі хмарних технологій використані: для реалізації back-end – серверна скриптова мова програмування php; для front-end – мультипарадігменна мова програмування javascript, javascript framework jQuery і технологія асинхронного обміну даними Ajax. Результати. Виявлено цільову аудиторію системи, проведено SWOT-аналіз, визначено концептуальні напрями розвитку системи 3D-кар’єр, розроблені стратегії розвитку та просування програмного продукту, розроблені стратегії безпеки й надійності додатки як для клієнта, так і власника системи. Розроблено модульну структуру програми, вироблено розподіл функцій системи для реалізації як back-end і front-end додатки. Розроблено модуль “Родовище”: проведено моделювання геологічної структури родовища та побудована його блокова модель. Доведено, що використання нейромережевих алгоритмів не дає принципового підвищення точності блокової моделі для родовищ 1 і 2 груп за складністю геологічної будови. Виявлено недоліки нейромережевих алгоритмів, такі як високі витрати обчислювальних ресурсів сервера і проблеми візуалізації великих масивів геоданих при використанні web-рішень, знайдені шляхи їх вирішення. Доведено можливість і перспективність побудови систем для надрокористувачів на основі хмарних технологій і концепції SaaS. Наукова новизна. Вперше на основі концепції ASP успішно побудовані сучасні програмні продукти для вирішення завдань проектування та оперативного керування гірничими роботами. Практична значимість. Результати корисні для підприємств-надрокористувачів, які працюють з родовищами 1 і 2 груп за складністю геологічної будови – проектних організацій і ГЗК.Цель. Повышение эффективности функционирования горнорудных предприятий и агрегация ранее полученных результатов в единую цифровую систему проектирования и оперативного управления работой карьеров. Методика. В работе использованы как традиционные (анализ научно-патентной литературы, аналитические методы исследования параметров месторождения, анализ опыта и эксплуатации карьеров, проведение пассивного эксперимента и статистической обработкой данных), так и новые формы научного исследования – моделирование месторождения на основе классических и нейросетевых методов аппроксимации. Для реализации программного продукта на основе облачных технологий использованы: для реализации back-end – серверный скриптовый язык программирования php; для front-end – мультипарадигменный язык программирования javascript, javascript framework jQuery и технология асинхронного обмена данными Ajax. Результаты. Выявлена целевая аудитория системы, проведен SWOT-анализ, определены концептуальные направления развития системы 3D-карьер, разработаны стратегии развития и продвижения программного продукта, разработаны стратегии безопасности и надежности приложения как для клиента, так и владельца системы. Разработана модульная структура приложения, произведено деление функций системы для реализации как back-end и front-end приложения. Разработан модуль “Месторождение”: проведено моделирование геологической структуры месторождения и построена его блочная модель. Доказано, что использование нейросетевых алгоритмов не дает принципиального повышения точности блочной модели для месторождений 1 и 2 групп по сложности геологического строения. Выявлены недостатки нейросетевых алгоритмов, такие как высокие затраты вычислительных ресурсов сервера и проблемы визуализации больших массивов геоданных при использовании web-решений, найдены пути их решения. Доказана возможность и перспективность построения систем для недропользователей на основе облачных технологий и концепции SaaS. Научная новизна. Впервые на основе концепции ASP успешно построены современные программные продукты для решения задач проектирования и оперативного управления горными работами. Практическая значимость. Результаты применимы для предприятий-недропользователей, работающих с месторождениями 1 и 2 групп по сложности геологического строения – проектных организаций и ГОКов.We express our profound gratitude to A.B. Naizabekov for his assistance in scientific research, to A.F. Tsekhovoy, P.A. Tsekhovoy, D.Sh. Akhmedov, V. V. Yankovenko and D.V. Nikitas for scientific advice in implementation of the program code. The research was carried out within the framework of the initiative research theme “Improving the Efficiency of Mining Enterprises” on the basis of the RSE at the Rudny Industrial Institute of the Ministry of Education and Science of the Republic of Kazakhstan