CamFlow: Managed Data-sharing for Cloud Services

A model of cloud services is emerging whereby a few trusted providers manage the underlying hardware and communications whereas many companies build on this infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS applications. From the start, strong isolation between cloud tenants was seen to be of paramount importance, provided first by virtual machines (VM) and later by containers, which share the operating system (OS) kernel. Increasingly it is the case that applications also require facilities to effect isolation and protection of data managed by those applications. They also require flexible data sharing with other applications, often across the traditional cloud-isolation boundaries; for example, when government provides many related services for its citizens on a common platform. Similar considerations apply to the end-users of applications. But in particular, the incorporation of cloud services within `Internet of Things' architectures is driving the requirements for both protection and cross-application data sharing. These concerns relate to the management of data. Traditional access control is application and principal/role specific, applied at policy enforcement points, after which there is no subsequent control over where data flows; a crucial issue once data has left its owner's control by cloud-hosted applications and within cloud-services. Information Flow Control (IFC), in addition, offers system-wide, end-to-end, flow control based on the properties of the data. We discuss the potential of cloud-deployed IFC for enforcing owners' dataflow policy with regard to protection and sharing, as well as safeguarding against malicious or buggy software. In addition, the audit log associated with IFC provides transparency, giving configurable system-wide visibility over data flows. [...]Comment: 14 pages, 8 figure

Evaluation of Anonymized ONS Queries

Electronic Product Code (EPC) is the basis of a pervasive infrastructure for the automatic identification of objects on supply chain applications (e.g., pharmaceutical or military applications). This infrastructure relies on the use of the (1) Radio Frequency Identification (RFID) technology to tag objects in motion and (2) distributed services providing information about objects via the Internet. A lookup service, called the Object Name Service (ONS) and based on the use of the Domain Name System (DNS), can be publicly accessed by EPC applications looking for information associated with tagged objects. Privacy issues may affect corporate infrastructures based on EPC technologies if their lookup service is not properly protected. A possible solution to mitigate these issues is the use of online anonymity. We present an evaluation experiment that compares the of use of Tor (The second generation Onion Router) on a global ONS/DNS setup, with respect to benefits, limitations, and latency.Comment: 14 page

Intrastate Crowdfunding in Alaska: Is There Security in Following the Crowd?

This Note analyzes the potential of crowdfunding for the State of Alaska. Crowdfunding can open up new sources of revenue for small businesses while simultaneously providing an avenue for Alaskans to invest in their own communities. The potential, however, must be weighed against the risk of fraud, poorly run businesses, and the lack of protection for investors. It is the responsibility of the Alaska legislature, the State’s securities administrators, and the Securities and Exchange Commission to ensure that investors are adequately protected. This Note discusses Alaska’s crowdfunding legislation, the Alaska Intrastate Crowdfunding Exemption, and recommends changes to the legislation that account for the risks involved in crowdfunding while still capturing its potential

REMOTELY TESTING WHETHER A CLIMATE CONTROL SYSTEM CONTROLLER IS CORRECTLY INSTALLED

Disclosed are exemplary embodiments of apparatus and methods for remote testing of controllers such as thermostats, to detect incorrect climate control system configuration parameters . In an exemplary embodiment, a computer wirelessly connects with a remote thermostat and sends signal (s) to the thermostat instructing the thermostat to perform climate control function (s) in predefined sequence (s). The computer receives signal (s) from the thermostat indicating whether the thermostat is performing the climate control function (s) in accordance with the sent signal (s). Based on the signal (s) received from the thermostat, the computer determines whether the thermostat is configured with accurate climate control system configuration parameters

Two intracellular and cell type-specific bacterial symbionts in the placozoan Trichoplax H2

Placozoa is an enigmatic phylum of simple, microscopic, marine metazoans(1,2). Although intracellular bacteria have been found in all members of this phylum, almost nothing is known about their identity, location and interactions with their host(3-6). We used metagenomic and metatranscriptomic sequencing of single host individuals, plus metaproteomic and imaging analyses, to show that the placozoan Trichoplax sp. H2 lives in symbiosis with two intracellular bacteria. One symbiont forms an undescribed genus in the Midichloriaceae (Rickettsiales)(7,8) and has a genomic repertoire similar to that of rickettsial parasites(9,10), but does not seem to express key genes for energy parasitism. Correlative image analyses and three-dimensional electron tomography revealed that this symbiont resides in the rough endoplasmic reticulum of its host's internal fibre cells. The second symbiont belongs to the Margulisbacteria, a phylum without cultured representatives and not known to form intracellular associations(11-13). This symbiont lives in the ventral epithelial cells of Trichoplax, probably metabolizes algal lipids digested by its host and has the capacity to supplement the placozoan's nutrition. Our study shows that one of the simplest animals has evolved highly specific and intimate associations with symbiotic, intracellular bacteria and highlights that symbioses can provide access to otherwise elusive microbial dark matter