20,984 research outputs found
A Security Pattern for Cloud service certification
Cloud computing is interesting from the economic, operational and even energy consumption perspectives but it still raises concerns regarding
the security, privacy, governance and compliance of the data and software services offered through it. However, the task of verifying security
properties in services running on cloud is not trivial. We notice the provision and security of a cloud service is sensitive. Because of the
potential interference between the features and behavior of all the inter-dependent services in all layers of the cloud stack (as well as dynamic
changes in them). Besides current cloud models do not include support for trust-focused communication between layers. We present a
mechanism to implement cloud service certification process based on the usage of Trusted Computing technology, by means of its Trusted Computing Platform (TPM) implementation of its architecture. Among many security security features it is a tamper proof resistance built in device and provides a root of trust to affix our certification mechanism. We present as a security pattern the approach for service certification based on the use TPM.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tec
Abstract State Machines 1988-1998: Commented ASM Bibliography
An annotated bibliography of papers which deal with or use Abstract State
Machines (ASMs), as of January 1998.Comment: Also maintained as a BibTeX file at http://www.eecs.umich.edu/gasm
Proviola: A Tool for Proof Re-animation
To improve on existing models of interaction with a proof assistant (PA), in
particular for storage and replay of proofs, we in- troduce three related
concepts, those of: a proof movie, consisting of frames which record both user
input and the corresponding PA response; a camera, which films a user's
interactive session with a PA as a movie; and a proviola, which replays a movie
frame-by-frame to a third party. In this paper we describe the movie data
structure and we discuss a proto- type implementation of the camera and
proviola based on the ProofWeb system. ProofWeb uncouples the interaction with
a PA via a web- interface (the client) from the actual PA that resides on the
server. Our camera films a movie by "listening" to the ProofWeb communication.
The first reason for developing movies is to uncouple the reviewing of a formal
proof from the PA used to develop it: the movie concept enables users to
discuss small code fragments without the need to install the PA or to load a
whole library into it. Other advantages include the possibility to develop a
separate com- mentary track to discuss or explain the PA interaction. We assert
that a combined camera+proviola provides a generic layer between a client
(user) and a server (PA). Finally we claim that movies are the right type of
data to be stored in an encyclopedia of formalized mathematics, based on our
experience in filming the Coq standard library.Comment: Accepted for the 9th International Conference on Mathematical
Knowledge Management (MKM 2010), 15 page
Cyber-Virtual Systems: Simulation, Validation & Visualization
We describe our ongoing work and view on simulation, validation and
visualization of cyber-physical systems in industrial automation during
development, operation and maintenance. System models may represent an existing
physical part - for example an existing robot installation - and a software
simulated part - for example a possible future extension. We call such systems
cyber-virtual systems.
In this paper, we present the existing VITELab infrastructure for
visualization tasks in industrial automation. The new methodology for
simulation and validation motivated in this paper integrates this
infrastructure. We are targeting scenarios, where industrial sites which may be
in remote locations are modeled and visualized from different sites anywhere in
the world.
Complementing the visualization work, here, we are also concentrating on
software modeling challenges related to cyber-virtual systems and simulation,
testing, validation and verification techniques for them. Software models of
industrial sites require behavioural models of the components of the industrial
sites such as models for tools, robots, workpieces and other machinery as well
as communication and sensor facilities. Furthermore, collaboration between
sites is an important goal of our work.Comment: Preprint, 9th International Conference on Evaluation of Novel
Approaches to Software Engineering (ENASE 2014
webXice: an Infrastructure for Information Commerce on the WWW
Systems for information commerce on the WWW have to support flexible business models if they should be able to cover a wide range of requirements imposed by the different types of information businesses. This leads to non-trivial functional and security requirements both on the provider and consumer side, for which we introduce an architecture and a system implementation, webXice. We focus on the question, how participants with minimal technological requisites, i.e. solely standard Web browsers available, can be technologically enabled to articipate in the information commerce at a system level, while not sacrificing the functionality and security required by an autonomous participant in an information commerce scenario. In particular, we propose an implementation strategy to efficiently support persistent message logging for light-weight clients, that enables clients to collect and manage non-reputiable messages as proofs. We believe that the capability to support minimal system platforms is a necessary precondition for the wide-spread use of any information commerce infrastructure
- …