SECURING THE DATA STORAGE AND PROCESSING IN CLOUD COMPUTING ENVIRONMENT

Organizations increasingly utilize cloud computing architectures to reduce costs and en- ergy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth for or- ganizations and individuals to be fully informed of the risks; neither are private nor public clouds prepared to properly secure their connections as middle-men between mobile de- vices which use encryption and external data providers which neglect to encrypt their data. Furthermore, cloud computing providers are not well informed of the risks associated with policy and techniques they could implement to mitigate those risks. In this dissertation, we present a new layered understanding of public cloud comput- ing. On the high level, we concentrate on the overall architecture and how information is processed and transmitted. The key idea is to secure information from outside attack and monitoring. We use techniques such as separating virtual machine roles, re-spawning virtual machines in high succession, and cryptography-based access control to achieve a high-level assurance of public cloud computing security and privacy. On the low level, we explore security and privacy issues on the memory management level. We present a mechanism for the prevention of automatic virtual machine memory guessing attacks

Providing packages of relevant ATM information: An ontology-based approach

ATM information providers publish reports and notifications of different types using standardized information exchange models. For a typical information user, e.g., an aircraft pilot, only a fraction of the published information is relevant for a particular task. Filtering out irrelevant information from different information sources is in itself a challenging task, yet it is only a first step in providing relevant information, the challenges concerning maintenance, auditability, availability, integration, comprehensibility, and traceability. This paper presents the Semantic Container approach, which employs ontology-based faceted information filtering and allows for the packaging of filtered information and associated metadata in semantic containers, thus facilitating reuse of filtered information at different levels. The paper formally defines an abstract model of ontology-based information filtering and the structure of semantic containers, their composition, versioning, discovery, and replicated physical allocation. The paper further discusses different usage scenarios, the role of semantic containers in SWIM, an architecture for a semantic container management system, as well as a proof-of-concept prototype. Finally the paper discusses a blockchain-based notary service to realize tamper-proof version histories for semantic containers.acceptedVersio

Decentralized Orchestration of Open Services- Achieving High Scalability and Reliability with Continuation-Passing Messaging

The papers of this thesis are not available in Munin. Paper I: Yu, W.,Haque, A. A. M. “Decentralised web- services orchestration with continuation-passing messaging”. Available in International Journal of Web and Grid Services 2011, 7(3):304–330. Paper II: Haque, A. A. M., Yu, W.: “Peer-to-peer orchestration of web mashups”. Available in International Journal of Adaptive, Resilient and Autonomic Systems 2014, 5(3):40-60. Paper V: Haque, A. A. M., Yu, W.: “Decentralized and reliable orchestration of open services”. In:Service Computation 2014. International Academy, Research and Industry Association (IARIA) 2014 ISBN 978-1-61208-337-7.An ever-increasing number of web applications are providing open services to a wide range of applications. Whilst traditional centralized approaches to services orchestration are successful for enterprise service-oriented systems, they are subject to serious limitations for orchestrating the wider range of open services. Dealing with these limitations calls for decentralized approaches. However, decentralized approaches are themselves faced with a number of challenges, including the possibility of loss of dynamic run-time states that are spread over the distributed environment. This thesis presents a fully decentralized approach to orchestration of open services. Our flow-aware dynamic replication scheme supports both exceptional handling, failure of orchestration agents and recovers from fail situations. During execution, open services are conducted by a network of orchestration agents which collectively orchestrate open services using continuation-passing messaging. Our performance study showed that decentralized orchestration improves the scalability and enhances the reliability of open services. Our orchestration approach has a clear performance advantage over traditional centralized orchestration as well as over the current practice of web mashups where application servers themselves conduct the execution of the composition of open web services. Finally, in our empirical study we presented the overhead of the replication approach for services orchestration

Langage de mashup pour l'intégration autonomique de services de données dans des environements dynamiques

The integration of the information coming from data services or data sources in virtual communities is user centred, i.e. associated to visualization issues determined by user needs. A virtual community can be seen as a cyberspace that can be customized by every user by specifying the information he/she is interested in and the way it should be retrieved and presented respecting specific security and QoS properties. Such requirements must be defined or inferred and then interpreted for building customized visualisations. Nowadays, there is no simple declarative language of mashups for retrieving; integrating and visualizing data produced by data services, according to spatio-temporal specifications. The purpose of this thesis is to develop such a language. This work is done within the framework of the REDSHINE project (red-shine.imag.fr) supported by the Grenoble INP "Bonus Qualité Recherche"Dans les communautés virtuelles, l'intégration des informations (provenant de sources ou services de données) est centrée sur les utilisateurs, i.e., associée à la visualisation d'informations déterminée par les besoins des utilisateurs. Une communauté virtuelle peut donc être vue comme un espace de données personnalisable par chaque utilisateur en spécifiant quelles sont ses informations d'intérêt et la façon dont elles doivent être présentées en respectant des contraintes de sécurité et de qualité de services (QoS). Ces contraintes sont définies ou inférées puis interprétées pour construire des visualisations personnalisées. Il n'existe pas aujourd'hui de langage déclaratif simple de mashups pour récupérer, intégrer et visualiser des données fournies par des services selon des spécifications spatio-temporelles. Dans le cadre de la thèse il s'agit de proposer un tel langage. Ce travail est réalisé dans le cadre du projet Redshine, bénéficiant d'un Bonus Qualité Recherche de Grenoble INP

Towards the Internet of Everything: Deployment Scenarios for a QoO-aware Integration Platform

Built upon the Internet of Things (IoT), the Internet of Everything (IoE) acknowledges the importance of data quality within sensor-based systems, alongside with people, processes and Things. Nevertheless, the impact of many technologies and paradigms that pertain to the IoE is still unknown regarding Quality of Observation (QoO). This paper proposes to study experimental results from three IoE-related deployment scenarios in order to promote the QoO notion and raise awareness about the need for characterizing observation quality within sensor-based systems. We specifically tailor the definition of QoO attributes to each use case, assessing observation accuracy within Smart Cities, observation rate for virtual sensors and observation freshness within post-disaster areas. To emulate these different experiments, we rely on a custom-developed integration platform for the assessment of QoO as a service called iQAS. We show that QoO attributes should be used to specify what is an observation of "good quality", that virtual sensors may have specific and limiting capabilities impacting QoO and that network QoS and QoO are two complementary quality dimensions that should be used together to improve the overall service provided to end-users

A Survey on the Web of Things

The Web of Things (WoT) paradigm was proposed first in the late 2000s, with the idea of leveraging Web standards to interconnect all types of embedded devices. More than ten years later, the fragmentation of the IoT landscape has dramatically increased as a consequence of the exponential growth of connected devices, making interoperability one of the key issues for most IoT deployments. Contextually, many studies have demonstrated the applicability of Web technologies on IoT scenarios, while the joint efforts from the academia and the industry have led to the proposals of standard specifications for developing WoT systems. Through a systematic review of the literature, we provide a detailed illustration of the WoT paradigm for both researchers and newcomers, by reconstructing the temporal evolution of key concepts and the historical trends, providing an in-depth taxonomy of software architectures and enabling technologies of WoT deployments and, finally, discussing the maturity of WoT vertical markets. Moreover, we identify some future research directions that may open the way to further innovation on WoT systems

Practical semantics for the Internet of Things: Physical states, device mashups, and open questions

Abstract—The Internet of Things (IoT) envisions cross-domain applications that combine digital services with services provided by resource-constrained embedded devices that connect to the physical world. Such smart environments can comprise a large number of devices from various different vendors. This requires a high degree of decoupling and neither devices nor user agents can rely on a priori knowledge of service APIs. Semantic service descriptions are applicable to heterogeneous application domains due to their high level of abstraction and can enable auto-matic service composition. This paper shows how the RESTdesc description format and semantic reasoning can be applied to create Web-like mashups in smart environments. Our approach supports highly dynamic environments with resource-constrained IoT devices where services can become unavailable due to device mobility, limited energy, or network disruptions. The concepts are backed by a concrete system architecture whose implementation is publicly available. It is used to evaluate the semantics-based approach in a realistic IoT-related scenario. The results show that current reasoners are able to produce medium-sized IoT mashups, but struggle with state space explosion when physical states become part of the proofing process. I

Una propuesta para asistir a la Co-evolución de Mashup cuando las APIs web evolucionan

As web application programming interfaces (APIs) evolve, previously established contracts change, and thus can affect the behavior, operation and / or execution of consumer applications such as Mashup. In these cases, these applications need to be repaired to continue working, which is a process called co-evolution. Identifying and locating the operations that are affected by the evolution of web APIs and estimating the impact they generate are necessary tasks that help the developer update the code. This work presents a proposal to assist the coevolution of Mashup. Specifically from a mashup operations graph, we identify and locate the operations affected by some changes in the web APIs. We also propose a set of simple metrics that allow estimating the impact of these changes on the mashup. The mashup operations graph and metrics assist web developers in co-evolution tasks. The proposal was applied to two mashups that are currently available on the web. The preliminary results show that the proposal is applicable.A medida que evolucionan las interfaces de programación de aplicaciones web (API), los contratos establecidos previamente cambian y, por lo tanto, pueden afectar el comportamiento, el funcionamiento y / o la ejecución de aplicaciones de consumo como Mashup. En estos casos, estas aplicaciones necesitan ser reparadas para seguir funcionando, es un proceso llamado co-evolución. Identificar y localizar las operaciones que se ven afectadas por la evolución de las API web y estimar el impacto que generan son tareas necesarias que ayudan al desarrollador a actualizar el código. Este trabajo presenta una propuesta para asistir a la coevolución de Mashup. Específicamente a partir de un grafo de operaciones de mashup, identificamos y ubicamos las operaciones afectadas por algunos cambios en las API web. También proponemos un conjunto de métricas simples que permiten estimar el impacto de estos cambios en el mashup. El grafo y las métricas de operaciones de mashup ayudan a los desarrolladores web en las tareas de co-evolución. La propuesta fue aplicada a dos mashup que actualmente se encuentran disponibles en la web. Los resultados preliminares muestran que la propuesta es aplicable

Context Aware Computing for The Internet of Things: A Survey

As we are moving towards the Internet of Things (IoT), the number of sensors deployed around the world is growing at a rapid pace. Market research has shown a significant growth of sensor deployments over the past decade and has predicted a significant increment of the growth rate in the future. These sensors continuously generate enormous amounts of data. However, in order to add value to raw sensor data we need to understand it. Collection, modelling, reasoning, and distribution of context in relation to sensor data plays critical role in this challenge. Context-aware computing has proven to be successful in understanding sensor data. In this paper, we survey context awareness from an IoT perspective. We present the necessary background by introducing the IoT paradigm and context-aware fundamentals at the beginning. Then we provide an in-depth analysis of context life cycle. We evaluate a subset of projects (50) which represent the majority of research and commercial solutions proposed in the field of context-aware computing conducted over the last decade (2001-2011) based on our own taxonomy. Finally, based on our evaluation, we highlight the lessons to be learnt from the past and some possible directions for future research. The survey addresses a broad range of techniques, methods, models, functionalities, systems, applications, and middleware solutions related to context awareness and IoT. Our goal is not only to analyse, compare and consolidate past research work but also to appreciate their findings and discuss their applicability towards the IoT.Comment: IEEE Communications Surveys & Tutorials Journal, 201