6,702 research outputs found

    Security risk assessment in cloud computing domains

    Get PDF
    Cyber security is one of the primary concerns persistent across any computing platform. While addressing the apprehensions about security risks, an infinite amount of resources cannot be invested in mitigation measures since organizations operate under budgetary constraints. Therefore the task of performing security risk assessment is imperative to designing optimal mitigation measures, as it provides insight about the strengths and weaknesses of different assets affiliated to a computing platform. The objective of the research presented in this dissertation is to improve upon existing risk assessment frameworks and guidelines associated to different key assets of Cloud computing domains - infrastructure, applications, and users. The dissertation presents various informal approaches of performing security risk assessment which will help to identify the security risks confronted by the aforementioned assets, and utilize the results to carry out the required cost-benefit tradeoff analyses. This will be beneficial to organizations by aiding them in better comprehending the security risks their assets are exposed to and thereafter secure them by designing cost-optimal mitigation measures --Abstract, page iv

    Automatic annotation of bioinformatics workflows with biomedical ontologies

    Full text link
    Legacy scientific workflows, and the services within them, often present scarce and unstructured (i.e. textual) descriptions. This makes it difficult to find, share and reuse them, thus dramatically reducing their value to the community. This paper presents an approach to annotating workflows and their subcomponents with ontology terms, in an attempt to describe these artifacts in a structured way. Despite a dearth of even textual descriptions, we automatically annotated 530 myExperiment bioinformatics-related workflows, including more than 2600 workflow-associated services, with relevant ontological terms. Quantitative evaluation of the Information Content of these terms suggests that, in cases where annotation was possible at all, the annotation quality was comparable to manually curated bioinformatics resources.Comment: 6th International Symposium on Leveraging Applications (ISoLA 2014 conference), 15 pages, 4 figure

    Provenance : from long-term preservation to query federation and grid reasoning

    Get PDF

    On designing large, secure and resilient networked systems

    Get PDF
    2019 Summer.Includes bibliographical references.Defending large networked systems against rapidly evolving cyber attacks is challenging. This is because of several factors. First, cyber defenders are always fighting an asymmetric warfare: While the attacker needs to find just a single security vulnerability that is unprotected to launch an attack, the defender needs to identify and protect against all possible avenues of attacks to the system. Various types of cost factors, such as, but not limited to, costs related to identifying and installing defenses, costs related to security management, costs related to manpower training and development, costs related to system availability, etc., make this asymmetric warfare even challenging. Second, newer and newer cyber threats are always emerging - the so called zero-day attacks. It is not possible for a cyber defender to defend against an attack for which defenses are yet unknown. In this work, we investigate the problem of designing large and complex networks that are secure and resilient. There are two specific aspects of the problem that we look into. First is the problem of detecting anomalous activities in the network. While this problem has been variously investigated, we address the problem differently. We posit that anomalous activities are the result of mal-actors interacting with non mal-actors, and such anomalous activities are reflected in changes to the topological structure (in a mathematical sense) of the network. We formulate this problem as that of Sybil detection in networks. For our experimentation and hypothesis testing we instantiate the problem as that of Sybil detection in on-line social networks (OSNs). Sybil attacks involve one or more attackers creating and introducing several mal-actors (fake identities in on-line social networks), called Sybils, into a complex network. Depending on the nature of the network system, the goal of the mal-actors can be to unlawfully access data, to forge another user's identity and activity, or to influence and disrupt the normal behavior of the system. The second aspect that we look into is that of building resiliency in a large network that consists of several machines that collectively provide a single service to the outside world. Such networks are particularly vulnerable to Sybil attacks. While our Sybil detection algorithms achieve very high levels of accuracy, they cannot guarantee that all Sybils will be detected. Thus, to protect against such "residual" Sybils (that is, those that remain potentially undetected and continue to attack the network services), we propose a novel Moving Target Defense (MTD) paradigm to build resilient networks. The core idea is that for large enterprise level networks, the survivability of the network's mission is more important than the security of one or more of the servers. We develop protocols to re-locate services from server to server in a random way such that before an attacker has an opportunity to target a specific server and disrupt it’s services, the services will migrate to another non-malicious server. The continuity of the service of the large network is thus sustained. We evaluate the effectiveness of our proposed protocols using theoretical analysis, simulations, and experimentation. For the Sybil detection problem we use both synthetic and real-world data sets. We evaluate the algorithms for accuracy of Sybil detection. For the moving target defense protocols we implement a proof-of-concept in the context of access control as a service, and run several large scale simulations. The proof-of- concept demonstrates the effectiveness of the MTD paradigm. We evaluate the computation and communication complexity of the protocols as we scale up to larger and larger networks

    Web service composition: A survey of techniques and tools

    Get PDF
    Web services are a consolidated reality of the modern Web with tremendous, increasing impact on everyday computing tasks. They turned the Web into the largest, most accepted, and most vivid distributed computing platform ever. Yet, the use and integration of Web services into composite services or applications, which is a highly sensible and conceptually non-trivial task, is still not unleashing its full magnitude of power. A consolidated analysis framework that advances the fundamental understanding of Web service composition building blocks in terms of concepts, models, languages, productivity support techniques, and tools is required. This framework is necessary to enable effective exploration, understanding, assessing, comparing, and selecting service composition models, languages, techniques, platforms, and tools. This article establishes such a framework and reviews the state of the art in service composition from an unprecedented, holistic perspective

    Clustering Arabic Tweets for Sentiment Analysis

    Get PDF
    The focus of this study is to evaluate the impact of linguistic preprocessing and similarity functions for clustering Arabic Twitter tweets. The experiments apply an optimized version of the standard K-Means algorithm to assign tweets into positive and negative categories. The results show that root-based stemming has a significant advantage over light stemming in all settings. The Averaged Kullback-Leibler Divergence similarity function clearly outperforms the Cosine, Pearson Correlation, Jaccard Coefficient and Euclidean functions. The combination of the Averaged Kullback-Leibler Divergence and root-based stemming achieved the highest purity of 0.764 while the second-best purity was 0.719. These results are of importance as it is contrary to normal-sized documents where, in many information retrieval applications, light stemming performs better than root-based stemming and the Cosine function is commonly used

    Vers une description Ă©volutive et une exploration efficace des concepts et des artefacts d'architecture microservices

    Get PDF
    RÉSUMÉ : L'adoption de l'architecture Microservices (MSA) pour la conception de systèmes logiciels est une tendance en industrie et en recherche. De nature compositionnelle et distribuée, les systèmes basés sur l'architecture Microservices sont composés de services ayant une responsabilité restreinte et bien définie, visant un isolement complet dans une perspective de non-partage de ressources. Les systèmes basés sur des microservices sont souvent classés comme de systèmes « Cloud-Native ». L'adoption de l'architecture Microservices représente un changement de paradigme technologique et managérial comportant des défis, notamment : la taille, la portée et le nombre de services, et leurs interopérabilité et réutilisation. Outre ces défis, la compréhension, l'adoption et l'implémentation des principes fondamentaux de ce style architectural sont des challenges qui impactent la conception d'architectures microservices efficaces et cohérentes. En effet, l'absence d'un large consensus sur certains principes et termes clés de cette architecture mènent à sa mauvaise compréhension et par conséquent à des implémentations incorrectes. Cette absence de consensus est une manifestation concrète de l'immaturité de cette architecture qui mène à des défis lors de la formalisation des connaissances. Également, il manque une méthode uniforme capable de supporter les concepteurs lors de la modélisation des microservices, notamment dans l'agencement des différentes composantes. À cela s'ajoute l'absence de modèles conceptuels pouvant guider les ingénieurs dans les premières phases de conception de ces systèmes. Plusieurs approches ont été utilisées pour la modélisation d'architectures microservices, tels que : formelle et informelle, manuelle et automatique et toutes les combinaisons de ces quatre, mais ces approches ne répondent pas à tous les défis rencontrés par les concepteurs. Pour faciliter la modélisation des microservices et rendre le processus plus efficace, il est nécessaire de développer des approches de conception et de représentation alternatives. Dans cette perspective, nous proposons une approche ontologique capable de répondre autant aux défis de conception que de représentation des architectures microservices. Dans ce mémoire, nous vous présentons nos résultats de recherche dont la principale contribution est une ontologie du domaine des architectures Microservices définie en suivant les principes de logique de description et formalisée en utilisant le langage « Web Ontology Language » (OWL), une technologie clé du Web sémantique. À cette ontologie nous avons donné le nom d'« Ontology of Microservices Architecture Concepts » (OMSAC). OMSAC contient suffisamment de vocabulaire pour décrire les concepts qui définissent l'architecture Microservices et pour représenter les différents artefacts composant ces architectures. Sa structure permet une évolution rapide et est capable de prendre en charge les enjeux liés à l'immaturité actuelle de ces architectures. En tant que technologie d'intelligence artificielle (IA), les ontologies possèdent des capacités de raisonnement avancées auxquelles il est possible d'ajouter d'autres technologies pour les étendre et ainsi répondre à différents besoins. Avec cet objectif, nous avons utilisé OMSAC conjointement avec des techniques d'apprentissage machine pour modéliser et analyser des architectures microservices afin de calculer le degré de similitude entre différents microservices appartenant à différents systèmes. Ce cas d'utilisation d'OMSAC constitue une contribution supplémentaire de notre recherche et renforce les perspectives de recherche dans l'assistance, l'outillage et l'automatisation de la modélisation des architectures microservices. Cette contribution montre également la pertinence de la recherche de mécanismes permettant de faire de l'analytique avancée sur les modèles d'architectures. Dans des travaux de recherche futurs, nous nous intéresserons au développent de ces mécanismes, et planifions la conception d'un assistant intelligent capable de projeter des architectures microservices basées sur les meilleures pratiques et favorisant la réutilisation de microservices existants. Également, nous souhaitons développer un langage dédié afin d'abstraire les syntaxes d'OWL et du langage de requête SPARQL pour faciliter l'utilisation d'OMSAC par les concepteurs, ingénieurs et programmeurs qui ne sont pas familiers avec ces technologies du Web sémantique. -- Mot(s) clé(s) en français : Architectures microservices, ontologies, modélisation de systèmes logiciels, apprentissage automatique. -- ABSTRACT : The use of Microservices Architecture (MSA) for designing software systems has become a trend in industry and research. Adopting MSA represents a technological and managerial shift with challenges including the size, scope, number, interoperability and reuse of microservices, modelling using multi-viewpoints, as well as the adequate understanding, adoption, and implementation of fundamental principles of the Microservices Architecture. Adequately undertaking these challenges is mandatory for designing effective MSA-based systems. In this thesis, we explored an ontological representation of the knowledge concerning the Microservices Architecture domain. This representation is capable of addressing MSA understanding and modelling challenges. As a result of this research, we propose the Ontology of Microservices Architecture Concepts (OMSAC), which is a domain ontology containing enough vocabulary to describe MSA concepts and artifacts and in a form to allow fast evolution and advanced analytical capabilities. -- Mot(s) clé(s) en anglais : Microservices Architecture, Ontologies, Conceptual modelling, machine learning

    Clustering Arabic Tweets for Sentiment Analysis

    Get PDF
    The focus of this study is to evaluate the impact of linguistic preprocessing and similarity functions for clustering Arabic Twitter tweets. The experiments apply an optimized version of the standard K-Means algorithm to assign tweets into positive and negative categories. The results show that root-based stemming has a significant advantage over light stemming in all settings. The Averaged Kullback-Leibler Divergence similarity function clearly outperforms the Cosine, Pearson Correlation, Jaccard Coefficient and Euclidean functions. The combination of the Averaged Kullback-Leibler Divergence and root-based stemming achieved the highest purity of 0.764 while the second-best purity was 0.719. These results are of importance as it is contrary to normal-sized documents where, in many information retrieval applications, light stemming performs better than root-based stemming and the Cosine function is commonly used
    • …
    corecore