CamFlow: Managed Data-sharing for Cloud Services

A model of cloud services is emerging whereby a few trusted providers manage the underlying hardware and communications whereas many companies build on this infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS applications. From the start, strong isolation between cloud tenants was seen to be of paramount importance, provided first by virtual machines (VM) and later by containers, which share the operating system (OS) kernel. Increasingly it is the case that applications also require facilities to effect isolation and protection of data managed by those applications. They also require flexible data sharing with other applications, often across the traditional cloud-isolation boundaries; for example, when government provides many related services for its citizens on a common platform. Similar considerations apply to the end-users of applications. But in particular, the incorporation of cloud services within `Internet of Things' architectures is driving the requirements for both protection and cross-application data sharing. These concerns relate to the management of data. Traditional access control is application and principal/role specific, applied at policy enforcement points, after which there is no subsequent control over where data flows; a crucial issue once data has left its owner's control by cloud-hosted applications and within cloud-services. Information Flow Control (IFC), in addition, offers system-wide, end-to-end, flow control based on the properties of the data. We discuss the potential of cloud-deployed IFC for enforcing owners' dataflow policy with regard to protection and sharing, as well as safeguarding against malicious or buggy software. In addition, the audit log associated with IFC provides transparency, giving configurable system-wide visibility over data flows. [...]Comment: 14 pages, 8 figure

Chemistry by Mobile Phone (or how to justify more time at the bar)

By combining automatic environment monitoring with Java smartphones a system has been produced for the real-time monitoring of experiments whilst away from the lab. Changes in the laboratory environment are encapsulated as simple XML messages, which are published using an MQTT compliant broker. Clients subscribe to the MQTT stream, and produce a user display. An MQTT client written for the Java MIDP platform, can be run on a smartphone with a GPRS Internet connection, freeing us from the constraints of the lab. We present an overview of the technologies used, and how these are helping chemists make the best use of their time

Proof-of-Concept Application - Annual Report Year 1

In this document the Cat-COVITE Application for use in the CATNETS Project is introduced and motivated. Furthermore an introduction to the catallactic middleware and Web Services Agreement (WS-Agreement) concepts is given as a basis for the future work. Requirements for the application of Cat-COVITE with in catallactic systems are analysed. Finally the integration of the Cat-COVITE application and the catallactic middleware is described. --Grid Computing

Embedding agents in business applications using enterprise integration patterns

This paper addresses the issue of integrating agents with a variety of external resources and services, as found in enterprise computing environments. We propose an approach for interfacing agents and existing message routing and mediation engines based on the endpoint concept from the enterprise integration patterns of Hohpe and Woolf. A design for agent endpoints is presented, and an architecture for connecting the Jason agent platform to the Apache Camel enterprise integration framework using this type of endpoint is described. The approach is illustrated by means of a business process use case, and a number of Camel routes are presented. These demonstrate the benefits of interfacing agents to external services via a specialised message routing tool that supports enterprise integration patterns

Integrating information and knowledge for enterprise innovation

It has widely been accepted that enterprise integration, can be a source of socio-technical and cultural problems within organisations wishing to provide a focussed end-to-end business service. This can cause possible “straitjacketing” of business process architectures, thus suppressing responsive business re-engineering and competitive advantage for some companies. Accordingly, the current typology and emergent forms of Enterprise Resource Planning (ERP) and Enterprise Application Integration (EAI) technologies are set in the context of understanding information and knowledge integration philosophies. As such, key influences and trends in emerging IS integration choices, for end-to-end, cost-effective and flexible knowledge integration, are examined. As touch points across and outside organisations proliferate, via work-flow and relationship management-driven value innovation, aspects of knowledge refinement and knowledge integration pose challenges to maximising the potential of innovation and sustainable success, within enterprises. This is in terms of the increasing propensity for data fragmentation and the lack of effective information management, in the light of information overload. Furthermore, the nature of IS mediation which is inherent within decision making and workflow-based business processes, provides the basis for evaluation of the effects of information and knowledge integration. Hence, the authors propose a conceptual, holistic evaluation framework which encompasses these ideas. It is thus argued that such trends, and their implications regarding enterprise IS integration to engender sustainable competitive advantage, require fundamental re-thinking

Ensuring Cyber-Security in Smart Railway Surveillance with SHIELD

Modern railways feature increasingly complex embedded computing systems for surveillance, that are moving towards fully wireless smart-sensors. Those systems are aimed at monitoring system status from a physical-security viewpoint, in order to detect intrusions and other environmental anomalies. However, the same systems used for physical-security surveillance are vulnerable to cyber-security threats, since they feature distributed hardware and software architectures often interconnected by ‘open networks’, like wireless channels and the Internet. In this paper, we show how the integrated approach to Security, Privacy and Dependability (SPD) in embedded systems provided by the SHIELD framework (developed within the EU funded pSHIELD and nSHIELD research projects) can be applied to railway surveillance systems in order to measure and improve their SPD level. SHIELD implements a layered architecture (node, network, middleware and overlay) and orchestrates SPD mechanisms based on ontology models, appropriate metrics and composability. The results of prototypical application to a real-world demonstrator show the effectiveness of SHIELD and justify its practical applicability in industrial settings

Service-Oriented Architecture for Space Exploration Robotic Rover Systems

Currently, industrial sectors are transforming their business processes into e-services and component-based architectures to build flexible, robust, and scalable systems, and reduce integration-related maintenance and development costs. Robotics is yet another promising and fast-growing industry that deals with the creation of machines that operate in an autonomous fashion and serve for various applications including space exploration, weaponry, laboratory research, and manufacturing. It is in space exploration that the most common type of robots is the planetary rover which moves across the surface of a planet and conducts a thorough geological study of the celestial surface. This type of rover system is still ad-hoc in that it incorporates its software into its core hardware making the whole system cohesive, tightly-coupled, more susceptible to shortcomings, less flexible, hard to be scaled and maintained, and impossible to be adapted to other purposes. This paper proposes a service-oriented architecture for space exploration robotic rover systems made out of loosely-coupled and distributed web services. The proposed architecture consists of three elementary tiers: the client tier that corresponds to the actual rover; the server tier that corresponds to the web services; and the middleware tier that corresponds to an Enterprise Service Bus which promotes interoperability between the interconnected entities. The niche of this architecture is that rover's software components are decoupled and isolated from the rover's body and possibly deployed at a distant location. A service-oriented architecture promotes integrate-ability, scalability, reusability, maintainability, and interoperability for client-to-server communication.Comment: LACSC - Lebanese Association for Computational Sciences, http://www.lacsc.org/; International Journal of Science & Emerging Technologies (IJSET), Vol. 3, No. 2, February 201