HTTP Mailbox - Asynchronous RESTful Communication

We describe HTTP Mailbox, a mechanism to enable RESTful HTTP communication in an asynchronous mode with a full range of HTTP methods otherwise unavailable to standard clients and servers. HTTP Mailbox allows for broadcast and multicast semantics via HTTP. We evaluate a reference implementation using ApacheBench (a server stress testing tool) demonstrating high throughput (on 1,000 concurrent requests) and a systemic error rate of 0.01%. Finally, we demonstrate our HTTP Mailbox implementation in a human assisted web preservation application called "Preserve Me".Comment: 13 pages, 6 figures, 8 code blocks, 3 equations, and 3 table

HTTP Mailbox - Asynchronous Restful Communication

Traditionally, general web services used only the GET and POST methods of HTTP while several other HTTP methods like PUT, PATCH, and DELETE were rarely utilized. Additionally, the Web was mainly navigated by humans using web browsers and clicking on hyperlinks or submitting HTML forms. Clicking on a link is always a GET request while HTML forms only allow GET and POST methods. Recently, several web frameworks/libraries have started supporting RESTful web services through APIs. To support HTTP methods other than GET and POST in browsers, these frameworks have used hidden HTML form fields as a workaround to convey the desired HTTP method to the server application. In such cases, the web server is unaware of the intended HTTP method because it receives the request as POST. Middleware between the web server and the application may override the HTTP method based on special hidden form field values. Unavailability of the servers is another factor that affects the communication. Because of the stateless and synchronous nature of HTTP, a client must wait for the server to be available to perform the task and respond to the request. Browser-based communication also suffers from cross-origin restrictions for security reasons. We describe HTTP Mailbox, a mechanism to enable RESTful HTTP communication in an asynchronous mode with a full range of HTTP methods otherwise unavailable to standard clients and servers. HTTP Mailbox also allows for multicast semantics via HTTP. We evaluate a reference implementation using ApacheBench (a server stress testing tool) demonstrating high throughput (on 1,000 concurrent requests) and a systemic error rate of 0.01%. Finally, we demonstrate our HTTP Mailbox implementation in a human-assisted Web preservation application called “Preserve Me! and a visualization application called Preserve Me! Viz

When Should I Make Preservation Copies of Myself?

PDF of a powerpoint presentation from the Joint Conference on Digital Libraries (JCDL) 2014 in London, United Kingdom, September 9, 2014. Also available on Slideshare.https://digitalcommons.odu.edu/computerscience_presentations/1008/thumbnail.jp

Protection of Information and Communications in Distributed Systems and Microservices

Distributed systems have been a topic of discussion since the 1980s, but the adoption of microservices has raised number of system components considerably. With more decentralised distributed systems, new ways to handle authentication, authorisation and accounting (AAA) are needed, as well as ways to allow components to communicate between themselves securely. New standards and technologies have been created to deal with these new requirements and many of them have already found their way to most used systems and services globally. After covering AAA and separate access control models, we continue with ways to secure communications between two connecting parties, using Transport Layer Security (TLS) and other more specialised methods such as the Google-originated Secure Production Identity Framework for Everyone (SPIFFE). We also discuss X.509 certificates for ensuring identities. Next, both older time- tested and newer distributed AAA technologies are presented. After this, we are looking into communication between distributed components with both synchronous and asynchronous communication mechanisms, as well as into the publish/subscribe communication model popular with the rise of the streaming platform. This thesis also explores possibilities in securing communications between distributed endpoints and ways to handle AAA in a distributed context. This is showcased in a new software component that handles authentication through a separate identity endpoint using the OpenID Connect authentication protocol and stores identity in a Javascript object-notation formatted and cryptographically signed JSON Web Token, allowing stateless session handling as the token can be validated by checking its signature. This enables fast and scalable session management and identity handling for any distributed system

TSKY: a dependable middleware solution for data privacy using public storage clouds

Dissertação para obtenção do Grau de Mestre em Engenharia InformáticaThis dissertation aims to take advantage of the virtues offered by data storage cloud based systems on the Internet, proposing a solution that avoids security issues by combining different providers’ solutions in a vision of a cloud-of-clouds storage and computing. The solution, TSKY System (or Trusted Sky), is implemented as a middleware system, featuring a set of components designed to establish and to enhance conditions for security, privacy, reliability and availability of data, with these conditions being secured and verifiable by the end-user, independently of each provider. These components, implement cryptographic tools, including threshold and homomorphic cryptographic schemes, combined with encryption, replication, and dynamic indexing mecha-nisms. The solution allows data management and distribution functions over data kept in different storage clouds, not necessarily trusted, improving and ensuring resilience and security guarantees against Byzantine faults and at-tacks. The generic approach of the TSKY system model and its implemented services are evaluated in the context of a Trusted Email Repository System (TSKY-TMS System). The TSKY-TMS system is a prototype that uses the base TSKY middleware services to store mailboxes and email Messages in a cloud-of-clouds

CoAP Infrastructure for IoT

The Internet of Things (IoT) can be seen as a large-scale network of billions of smart devices. Often IoT devices exchange data in small but numerous messages, which requires IoT services to be more scalable and reliable than ever. Traditional protocols that are known in the Web world does not fit well in the constrained environment that these devices operate in. Therefore many lightweight protocols specialized for the IoT have been studied, among which the Constrained Application Protocol (CoAP) stands out for its well-known REST paradigm and easy integration with existing Web. On the other hand, new paradigms such as Fog Computing emerges, attempting to avoid the centralized bottleneck in IoT services by moving computations to the edge of the network. Since a node of the Fog essentially belongs to relatively constrained environment, CoAP fits in well. Among the many attempts of building scalable and reliable systems, Erlang as a typical concurrency-oriented programming (COP) language has been battle tested in the telecom industry, which has similar requirements as the IoT. In order to explore the possibility of applying Erlang and COP in general to the IoT, this thesis presents an Erlang based CoAP server/client prototype ecoap with a flexible concurrency model that can scale up to an unconstrained environment like the Cloud and scale down to a constrained environment like an embedded platform. The flexibility of the presented server renders the same architecture applicable from Fog to Cloud. To evaluate its performance, the proposed server is compared with the mainstream CoAP implementation on an Amazon Web Service (AWS) Cloud instance and a Raspberry Pi 3, representing the unconstrained and constrained environment respectively. The ecoap server achieves comparable throughput, lower latency, and in general scales better than the other implementation in the Cloud and on the Raspberry Pi. The thesis yields positive results and demonstrates the value of the philosophy of Erlang in the IoT space

Bridging the Gap between Legacy Services and Web Services

International audienceWeb Services is an increasingly used instantiation of Service-Oriented Architectures (SOA) that relies on standard Internet protocols to produce services that are highly interoperable. Other types of services, relying on legacy application layer protocols, however, cannot be composed directly. A promising solution is to implement wrappers to translate between the application layer protocols and the WS protocol. Doing so manually, however, requires a high level of expertise, in the relevant application layer protocols, in low-level network and system programming, and in the Web Service paradigm itself. In this paper, we introduce a generative language based approach for constructing wrappers to facilitate the migration of legacy service functionalities to Web Services. To this end, we have designed the Janus domain-specific language, which provides developers with a high-level way to describe the operations that are required to encapsulate legacy service functionalities. We have successfully used Janus to develop a number of wrappers, including wrappers for IMAP and SMTP servers, for a RTSP-compliant media server and for UPnP service discovery. Preliminary experiments show that Janus-based WS wrappers have performance comparable to manually written wrappers

New Challenges on Web Architectures for the Homogenization of the Heterogeneity of Smart Objects in the Internet of Things

Aquesta tesi tracta de dues de les noves tecnologies relacionades amb la Internet of Things (IoT) i la seva integració amb el camp de les Smart Grids (SGs); aquestes tecnologies son la Web of Things (WoT) i la Social Internet of Things (SIoT). La WoT és una tecnologia que s’espera que proveeixi d’un entorn escalable i interoperable a la IoT usant la infraestructura web existent, els protocols web y la web semàntica. També s’espera que la SIoT contribueixi a solucionar els reptes d’escalabilitat i capacitat de descobriment creant una xarxa social d’agents (objectes i humans). Per explorar la sinergia entre aquestes tecnologies, l’objectiu és el de proporcionar evidència pràctica i empírica, generalment en forma de prototips d’implementació i experimentació empírica. En relació amb la WoT i les SGs, s’ha creat un prototip per al Web of Energy (WoE) que té com a objectiu abordar els desafiaments presents en el domini les SGs. El prototip és capaç de proporcionar interoperabilitat i homogeneïtat entre diversos protocols. El disseny d’implementació es basa en el Model d’Actors, que també proporciona escalabilitat del prototip. L’experimentació mostra que el prototip pot gestionar la transmissió de missatges per a aplicacions de les SGs que requereixen que la comunicació es realitzi sota llindars de temps crítics. També es pren una altra direcció d’investigació similar, menys centrada en les SGs, però per a una gamma més àmplia de dominis d’aplicació. S’integra la descripció dels fluxos d’execució com a màquines d’estats finits utilitzant ontologies web (Resource Description Framework (RDF)) i metodologies de la WoT (les accions es realitzen basant-se en peticions Hyper-Text Transfer Protocol/Secure (HTTP/S) a Uniform Resource Locators (URLs)). Aquest flux d’execució, que també pot ser un plantilla per a permetre una configuració flexible en temps d’execució, s’implementa i interpreta com si fos (i mitjançant) un Virtual Object (VO). L’objectiu de la plantilla és ser reutilitzable i poder-se compartir entre múltiples desplegaments de la IoT dins el mateix domini d’aplicació. A causa de les tecnologies utilitzades, la solució no és adequada per a aplicacions de temps crític (llindar de temps relativament baix i rígid). No obstant això, és adequat per a aplicacions que no demanden resposta en un temps crític i que requereixen el desplegament de VOs similars en el que fa referència al flux d’execució. Finalment, el treball s’enfoca en una altra tecnologia destinada a millorar l’escalabilitat i la capacitat de descobriment en la IoT. La SIoT està sorgint com una nova estructura de la IoT que uneix els nodes a través de relacions significatives. Aquestes relacions tenen com a objectiu millorar la capacitat de descobriment; en conseqüència, millora la escalabilitat d’una xarxa de la IoT. En aquest treball s’aplica aquest nou paradigma per optimitzar la gestió de l’energia en el costat de la demanda a les SGs. L’objectiu és aprofitar les característiques de la SIoT per ajudar a la creació de Prosumer Community Groups (PCGs) (grups d’usuaris que consumeixen o produeixen energia) amb el mateix objectiu d’optimització en l’ús de l’energia. La sinergia entre la SIoT i les SGs s’ha anomenat Social Internet of Energy (SIoE). Per tant, amb la SIoE i amb el focus en un desafiament específic, s’estableix la base conceptual per a la integració entre la SIoT i les SGs. Els experiments inicials mostren resultats prometedors i aplanen el camí per a futures investigacions i avaluacions de la proposta. Es conclou que el WoT i la SIoT són dos paradigmes complementaris que nodreixen l’evolució de la propera generació de la IoT. S’espera que la propera generació de la IoT sigui un Multi-Agent System (MAS) generalitzat. Alguns investigadors ja estan apuntant a la Web i les seves tecnologies (per exemple, Web Semàntica, HTTP/S)—i més concretamente a la WoT — com a l’entorn que nodreixi a aquests agents. La SIoT pot millorar tant l’entorn com les relacions entre els agents en aquesta fusió. Les SGs també poden beneficiar-se dels avenços de la IoT, ja que es poden considerar com una aplicació específica d’aquesta última.  Esta tesis trata de dos de las novedosas tecnologías relacionadas con la Internet of Things (IoT) y su integración con el campo de las Smart Grids (SGs); estas tecnologías son laWeb of Things (WoT) y la Social Internet of Things (SIoT). La WoT es una tecnología que se espera que provea de un entorno escalable e interoperable a la IoT usando la infraestructura web existente, los protocolos web y la web semántica. También se espera que la SIoT contribuya a solucionar los retos de escalabilidad y capacidad de descubrimiento creando una red social de agentes (objetos y humanos). Para explorar la sinergia entre estas tecnologías, el objetivo es el de proporcionar evidencia práctica y empírica, generalmente en forma de prototipos de implementación y experimentación empírica. En relación con la WoT y las SGs, se ha creado un prototipo para la Web of Energy (WoE) que tiene como objetivo abordar los desafíos presentes en el dominio las SGs. El prototipo es capaz de proporcionar interoperabilidad y homogeneidad entre diversos protocolos. El diseño de implementación se basa en el Modelo de Actores, que también proporciona escalabilidad del prototipo. La experimentación muestra que el prototipo puede manejar la transmisión de mensajes para aplicaciones de las SGs que requieran que la comunicación se realice bajo umbrales de tiempo críticos. También se toma otra dirección de investigación similar, menos centrada en las SGs, pero para una gama más amplia de dominios de aplicación. Se integra la descripción de los flujos de ejecución como máquinas de estados finitos utilizando ontologías web (Resource Description Framework (RDF)) y metodologías de la WoT (las acciones se realizan basándose en peticiones Hyper-Text Transfer Protocol/Secure (HTTP/S) a Uniform Resource Locators (URLs)). Este flujo de ejecución, que también puede ser una plantilla para permitir una configuración flexible en tiempo de ejecución, se implementa e interpreta como si fuera (y a través de) un Virtual Object (VO). El objetivo de la plantilla es que sea reutilizable y se pueda compartir entre múltiples despliegues de la IoT dentro del mismo dominio de aplicación. Debido a las tecnologías utilizadas, la solución no es adecuada para aplicaciones de tiempo crítico (umbral de tiempo relativamente bajo y rígido). Sin embargo, es adecuado para aplicaciones que no demandan respuesta en un tiempo crítico y que requieren el despliegue de VOs similares en cuanto al flujo de ejecución. Finalmente, el trabajo se enfoca en otra tecnología destinada a mejorar la escalabilidad y la capacidad de descubrimiento en la IoT. La SIoT está emergiendo como una nueva estructura de la IoT que une los nodos a través de relaciones significativas. Estas relaciones tienen como objetivo mejorar la capacidad de descubrimiento; en consecuencia, mejora la escalabilidad de una red de la IoT. En este trabajo se aplica este nuevo paradigma para optimizar la gestión de la energía en el lado de la demanda en las SGs. El objetivo es aprovechar las características de la SIoT para ayudar en la creación de Prosumer Community Groups (PCGs) (grupos de usuarios que consumen o producen energía) con el mismo objetivo de optimización en el uso de la energía. La sinergia entre la SIoT y las SGs ha sido denominada Social Internet of Energy (SIoE). Por lo tanto, con la SIoE y con el foco en un desafío específico, se establece la base conceptual para la integración entre la SIoT y las SG. Los experimentos iniciales muestran resultados prometedores y allanan el camino para futuras investigaciones y evaluaciones de la propuesta. Se concluye que la WoT y la SIoT son dos paradigmas complementarios que nutren la evolución de la próxima generación de la IoT. Se espera que la próxima generación de la IoT sea un Multi-Agent System (MAS) generalizado. Algunos investigadores ya están apuntando a la Web y sus tecnologías (por ejemplo,Web Semántica, HTTP/S)—y más concretamente a la WoT — como el entorno que nutra a estos agentes. La SIoT puede mejorar tanto el entorno como las relaciones entre los agentes en esta fusión. Como un campo específico de la IoT, las SGs también pueden beneficiarse de los avances de la IoT.This thesis deals with two novel Internet of Things (IoT) technologies and their integration to the field of the Smart Grid (SG); these technologies are the Web of Things (WoT) and the Social Internet of Things (SIoT). The WoT is an enabling technology expected to provide a scalable and interoperable environment to the IoT using the existing web infrastructure, web protocols and the semantic web. The SIoT is expected to expand further and contribute to scalability and discoverability challenges by creating a social network of agents (objects and humans). When exploring the synergy between those technologies, we aim at providing practical and empirical evidence, usually in the form of prototype implementations and empirical experimentation. In relation to the WoT and SG, we create a prototype for the Web of Energy (WoE), that aims at addressing challenges present in the SG domain. The prototype is capable of providing interoperability and homogeneity among diverse protocols. The implementation design is based on the Actor Model, which also provides scalability in regards to the prototype. Experimentation shows that the prototype can handle the transmission of messages for time-critical SG applications. We also take another similar research direction less focused on the SG, but for a broader range of application domains. We integrate the description of flows of execution as Finite-State Machines (FSMs) using web ontologies (Resource Description Framework (RDF)) and WoT methodologies (actions are performed on the basis of calls Hyper Text Transfer Protocol/ Secure (HTTP/S) to a Uniform Resource Locator (URL)). This execution flow, which can also be a template to allow flexible configuration at runtime, is deployed and interpreted as (and through) a Virtual Object (VO). The template aims to be reusable and shareable among multiple IoT deployments within the same application domain. Due to the technologies used, the solution is not suitable for time-critical applications. Nevertheless, it is suitable for non-time-critical applications that require the deployment of similar VOs. Finally, we focus on another technology aimed at improving scalability and discoverability in IoT. The SIoT is emerging as a new IoT structure that links nodes through meaningful relationships. These relationships aim at improving discoverability; consequently, improving the scalability of an IoT network. We apply this new paradigm to optimize energy management at the demand side in a SG. Our objective is to harness the features of the SIoT to aid in the creation of Prosumer Community Group (PCG) (groups of energy users that consume or produce energy) with the same Demand Side Management (DSM) goal. We refer to the synergy between SIoT and SG as Social Internet of Energy (SIoE). Therefore, with the SIoE and focusing on a specific challenge, we set the conceptual basis for the integration between SIoT and SG. Initial experiments show promising results and pave the way for further research and evaluation of the proposal. We conclude that the WoT and the SIoT are two complementary paradigms that nourish the evolution of the next generation IoT. The next generation IoT is expected to be a pervasive Multi-Agent System (MAS). Some researchers are already pointing at the Web and its technologies (e.g. Semantic Web, HTTP/S) — and more concretely at the WoT — as the environment nourishing the agents. The SIoT can enhance both the environment and the relationships between agents in this fusion. As a specific field of the IoT, the SG can also benefit from IoT advancements