Information hiding in SOAP messages: A steganographic method for web services

Digital steganography is the art and science of hiding communications; a steganographic system thus embeds secret data in public cover media so as not to arouse an eavesdropper’s suspicion. Hence, it is a kind of covert communication and information security. There are still very limited methods of steganography to be used with communication protocols, which represent unconventional but promising steganography mediums. In this paper, we discuss and analyze a number of steganographic studies in text, XML as well as SOAP messages. Then, we propose a novel steganography method to be used for SOAP messages within Web services environments. The method is based on rearranging the order of specific XML elements according to a secret message. This method has a high imperceptibility; it leaves almost no trail because of using the communication protocol as a cover medium, and since it keeps the structure and size of the SOAP message intact. The method is empirically validated using a feasible scenario so as to indicate its utility and value

Applications of data fusion in optical coordinate metrology: a review

Data fusion enables the characterisation of an object using multiple datasets collected by various sensors. To improve optical coordinate measurement using data fusion, researchers have proposed numerous algorithmic solutions and methods. The most popular examples are the Gaussian process (GP) and weighted least-squares (WLS) algorithms, which depend on user-defined mathematical models describing the geometric characteristics of the measured object. Existing research on GP and WLS algorithms indicates that GP algorithms have been widely applied in both academia and industry, despite their use being limited to applications on relatively simple geometries. Research on WLS algorithms is less common than research on GP algorithms, as the mathematical tools used in the WLS cases are too simple to be applied with complex geometries. Machine learning is a new technology that is increasingly being applied to data fusion applications. Research on this technology is relatively scarce, but recent work has highlighted the potential of machine learning methods with significant results. Unlike GP and WLS algorithms, machine learning algorithms can autonomously learn the geometrical features of an object. To understand existing research in-depth and explore a path for future work, a new taxonomy of data fusion algorithms is proposed, covering the mathematical background and existing research surrounding each algorithm type. To conclude, the advantages and limitations of the existing methods are reviewed, highlighting the issues related to data quality and the types of test artefacts

Low-cost sensors technologies for monitoring sustainability and safety issues in mining activities: advances, gaps, and future directions in the digitalization for smart mining

Nowadays, monitoring aspects related to sustainability and safety in mining activities worldwide are a priority, to mitigate socio-environmental impacts, promote efficient use of water, reduce carbon footprint, use renewable energies, reduce mine waste, and minimize the risks of accidents and fatalities. In this context, the implementation of sensor technologies is an attractive alternative for the mining industry in the current digitalization context. To have a digital mine, sensors are essential and form the basis of Industry 4.0, and to allow a more accelerated, reliable, and massive digital transformation, low-cost sensor technology solutions may help to achieve these goals. This article focuses on studying the state of the art of implementing low-cost sensor technologies to monitor sustainability and safety aspects in mining activities, through the review of scientific literature. The methodology applied in this article was carried out by means of the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines and generating science mapping. For this, a methodological procedure of three steps was implemented: (i) Bibliometric analysis as a quantitative method, (ii) Systematic review of literature as a qualitative method, and (iii) Mixed review as a method to integrate the findings found in (i) and (ii). Finally, according to the results obtained, the main advances, gaps, and future directions in the implementation of low-cost sensor technologies for use in smart mining are exposed. Digital transformation aspects for data measurement with low-cost sensors by real-time monitoring, use of wireless network systems, artificial intelligence, machine learning, digital twins, and the Internet of Things, among other technologies of the Industry 4.0 era are discussed.The authors are indebted to the projects PID2021-126405OB-C31 and PID2021-126405OB-C32 funded by FEDER funds—A Way to Make Europe and Spanish Ministry of Economy and Competitiveness MICIN/AEI/10.13039/501100011033/. The financial support of the Research Department of the Catholic University of Temuco and the Civil Engineering Department of the University of Castilla-La Mancha is also appreciated.Peer ReviewedPostprint (published version

Towards secure web services: Performance analysis, decision making and steganography approaches

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.Web services provide a platform neutral and programming language independent technology that supports interoperable machine-to-machine interaction over a network. Clients and other systems interact with Web services using a standardised XML messaging system, such as the Simple Object Access Protocol (SOAP), typically conveyed using HTTP with an XML serialisation in conjunction with other related Web standards. Nevertheless, the idea of applications from different parties communicating together raises a security threat. The challenge of Web services security is to understand and consider the risks of securing a Web-based service depending on the existing security techniques and simultaneously follow evolving standards in order to fill the gap in Web services security. However, the performance of the security mechanisms is fraught with concerns due to additional security contents in SOAP messages, the higher number of message exchanges to establish trust, as well as the extra CPU time to process these additions. As the interaction between service providers and requesters occurs via XML-based SOAP messages, securing Web services tends to make these messages longer than they would be otherwise and consequently requires interpretation by XML parsers on both sides, which reduces the performance of Web services. The work described in this thesis can be broadly divided into three parts, the first of which is studying and comparing the performance of various security profiles applied on a Web service tested with different initial message sizes. The second part proposes a multi-criteria decision making framework to aid Web services developers and architects in selecting the best suited security profile that satisfies the different requirements of a given application during the development process in a systematic, manageable, and effective way. The proposed framework, based on the Analytical Hierarchy Process (AHP) approach, incorporates not only the security requirements, but also the performance considerations as well as the configuration constraints of these security profiles. The framework is then validated and evaluated using a scenario-driven approach to demonstrate situations where the decision making framework is used to make informed decisions to rank various security profiles in order to select the most suitable one for each scenario. Finally, the last part of this thesis develops a novel steganography method to be used for SOAP messages within Web services environments. This method is based on changing the order of XML elements according to a secret message. This method has a high imperceptibility; it leaves almost no trail because it uses the communication protocol as a cover medium, and keeps the structure and size of the SOAP message intact. The method is empirically validated using a feasible scenario so as to indicate its utility and value

Towards secure web services : performance analysis, decision making and steganography approaches

Web services provide a platform neutral and programming language independent technology that supports interoperable machine-to-machine interaction over a network. Clients and other systems interact with Web services using a standardised XML messaging system, such as the Simple Object Access Protocol (SOAP), typically conveyed using HTTP with an XML serialisation in conjunction with other related Web standards. Nevertheless, the idea of applications from different parties communicating together raises a security threat. The challenge of Web services security is to understand and consider the risks of securing a Web-based service depending on the existing security techniques and simultaneously follow evolving standards in order to fill the gap in Web services security. However, the performance of the security mechanisms is fraught with concerns due to additional security contents in SOAP messages, the higher number of message exchanges to establish trust, as well as the extra CPU time to process these additions. As the interaction between service providers and requesters occurs via XML-based SOAP messages, securing Web services tends to make these messages longer than they would be otherwise and consequently requires interpretation by XML parsers on both sides, which reduces the performance of Web services. The work described in this thesis can be broadly divided into three parts, the first of which is studying and comparing the performance of various security profiles applied on a Web service tested with different initial message sizes. The second part proposes a multi-criteria decision making framework to aid Web services developers and architects in selecting the best suited security profile that satisfies the different requirements of a given application during the development process in a systematic, manageable, and effective way. The proposed framework, based on the Analytical Hierarchy Process (AHP) approach, incorporates not only the security requirements, but also the performance considerations as well as the configuration constraints of these security profiles. The framework is then validated and evaluated using a scenario-driven approach to demonstrate situations where the decision making framework is used to make informed decisions to rank various security profiles in order to select the most suitable one for each scenario. Finally, the last part of this thesis develops a novel steganography method to be used for SOAP messages within Web services environments. This method is based on changing the order of XML elements according to a secret message. This method has a high imperceptibility; it leaves almost no trail because it uses the communication protocol as a cover medium, and keeps the structure and size of the SOAP message intact. The method is empirically validated using a feasible scenario so as to indicate its utility and value.EThOS - Electronic Theses Online ServiceGBUnited Kingdo