Security in a Distributed Processing Environment

Distribution plays a key role in telecommunication and computing systems today. It has become a necessity as a result of deregulation and anti-trust legislation, which has forced businesses to move from centralised, monolithic systems to distributed systems with the separation of applications and provisioning technologies, such as the service and transportation layers in the Internet. The need for reliability and recovery requires systems to use replication and secondary backup systems such as those used in ecommerce. There are consequences to distribution. It results in systems being implemented in heterogeneous environment; it requires systems to be scalable; it results in some loss of control and so this contributes to the increased security issues that result from distribution. Each of these issues has to be dealt with. A distributed processing environment (DPE) is middleware that allows heterogeneous environments to operate in a homogeneous manner. Scalability can be addressed by using object-oriented technology to distribute functionality. Security is more difficult to address because it requires the creation of a distributed trusted environment. The problem with security in a DPE currently is that it is treated as an adjunct service, i.e. and after-thought that is the last thing added to the system. As a result, it is not pervasive and therefore is unable to fully support the other DPE services. DPE security needs to provide the five basic security services, authentication, access control, integrity, confidentiality and non-repudiation, in a distributed environment, while ensuring simple and usable administration. The research, detailed in this thesis, starts by highlighting the inadequacies of the existing DPE and its services. It argues that a new management structure was introduced that provides greater flexibility and configurability, while promoting mechanism and service independence. A new secure interoperability framework was introduced which provides the ability to negotiate common mechanism and service level configurations. New facilities were added to the non-repudiation and audit services. The research has shown that all services should be security-aware, and therefore would able to interact with the Enhanced Security Service in order to provide a more secure environment within a DPE. As a proof of concept, the Trader service was selected. Its security limitations were examined, new security behaviour policies proposed and it was then implemented as a Security-aware Trader, which could counteract the existing security limitations.IONA TECHNOLOGIES PLC & ORANG

Towards the definition of a quality model for mail servers

The paper presents an approach for building a Mail Server Quality Model, based on the ISO/IEC software quality standard. We start by defining the mail system domain to be used as general framework and the relevant technologies involved. Then a general overview of the ISO/IEC standard is given. The basic steps, the relevant considerations and criteria used to select the appropriated subcharacteristics and quality attributes are also presented. The selected attributes are categorized under the six ISO/IEC quality characteristics conforming the model. Finally some case studies requirements and two commercial mail server tools are used to evaluate the model.Postprint (published version

Design and realization of a middleware for mobile task coordination

The trend towards interconnection of applications has long been recognized as a key challenge for information systems design. Following this trend, organi- zations have developed and introduced many distributed systems with differ- ent functionalities. Furthermore, computing becomes today increasingly mobile; performances of mobile devices (i.e. PDAs and smartphones) as well as the expansion of high-speed mobile networks allows many tasks to be performed beyond stationary workspaces. The dramatic growth of stand-alone and partly incompatible applications will negatively affect the integration, coordination and communication for entire so- lution. Contemporary solutions focus on stationary systems only; the usage of mobile devices is limited to simple scenarios (i.e. information access). In order to support the seamless integration of mobile devices, future distributed solutions should take services and service meta-information into account (e.g. variation of network bandwidth, battery power, availability, connectivity, reachability, sensors data and locations of services and service providers). In this master thesis we want to analyze how a distributed environment with va- riety of separated (mobile) service providers - implemented with different tech- nologies - can be integrated and coordinated. Finding compromises between performance, comfort and intelligent intercommunication is the main goal of this thesis. Therefore, it is concentrated on the conceptualization and design of a central middleware component that provide the coordination and communication functionalities for stationary and mobile entities. In order to prove some possible communication scenarios, the thesis provides a middleware-based scenario

The Open Source DataTurbine Initiative: Streaming Data Middleware for Environmental Observing Systems

The Open Source DataTurbine Initiative is an international community of scientists and engineers sharing a common interest in real-time streaming data middleware and applications. The technology base of the OSDT Initiative is the DataTurbine open source middleware. Key applications of DataTurbine include coral reef monitoring, lake monitoring and limnology, biodiversity and animal tracking, structural health monitoring and earthquake engineering, airborne environmental monitoring, and environmental sustainability. DataTurbine software emerged as a commercial product in the 1990 s from collaborations between NASA and private industry. In October 2007, a grant from the USA National Science Foundation (NSF) Office of Cyberinfrastructure allowed us to transition DataTurbine from a proprietary software product into an open source software initiative. This paper describes the DataTurbine software and highlights key applications in environmental monitoring

Secure Network Access via LDAP

Networks need the ability to be access by secure accounts and users. The goal of this project is to configure and expand on LDAP configurations with considerations for AAA via TACACS+ and Radius for network equipment. This will provide adequate security for any given network in terms of access and prevent lose of access to devices which happens all to often with locally configured accounts on devices

PROPOSED MIDDLEWARE SOLUTION FOR RESOURCE-CONSTRAINED DISTRIBUTED EMBEDDED NETWORKS

The explosion in processing power of embedded systems has enabled distributed embedded networks to perform more complicated tasks. Middleware are sets of encapsulations of common and network/operating system-specific functionality into generic, reusable frameworks to manage such distributed networks. This thesis will survey and categorize popular middleware implementations into three adapted layers: host-infrastructure, distribution, and common services. This thesis will then apply a quantitative approach to grading and proposing a single middleware solution from all layers for two target platforms: CubeSats and autonomous unmanned aerial vehicles (UAVs). CubeSats are 10x10x10cm nanosatellites that are popular university-level space missions, and impose power and volume constraints. Autonomous UAVs are similarly-popular hobbyist-level vehicles that exhibit similar power and volume constraints. The MAVLink middleware from the host-infrastructure layer is proposed as the middleware to manage the distributed embedded networks powering these platforms in future projects. Finally, this thesis presents a performance analysis on MAVLink managing the ARM Cortex-M 32-bit processors that power the target platforms

RESTful Wireless Sensor Networks

Sensor networks have diverse structures and generally employ proprietary protocols to gather useful information about the physical world. This diversity generates problems to interact with these sensors since custom APIs are needed which are tedious, error prone and have steep learning curve. In this thesis, I present RESThing, a lightweight REST framework for wireless sensor networks to ease the process of interacting with these sensors by making them accessible over the Web. I evaluate the system and show that it is feasible to support widely used and standard Web protocols in wireless sensor networks. Being able to integrate these tiny devices seamlessly into the global information medium, we can achieve the Web of Things

Quality assessment technique for ubiquitous software and middleware

The new paradigm of computing or information systems is ubiquitous computing systems. The technology-oriented issues of ubiquitous computing systems have made researchers pay much attention to the feasibility study of the technologies rather than building quality assurance indices or guidelines. In this context, measuring quality is the key to developing high-quality ubiquitous computing products. For this reason, various quality models have been defined, adopted and enhanced over the years, for example, the need for one recognised standard quality model (ISO/IEC 9126) is the result of a consensus for a software quality model on three levels: characteristics, sub-characteristics, and metrics. However, it is very much unlikely that this scheme will be directly applicable to ubiquitous computing environments which are considerably different to conventional software, trailing a big concern which is being given to reformulate existing methods, and especially to elaborate new assessment techniques for ubiquitous computing environments. This paper selects appropriate quality characteristics for the ubiquitous computing environment, which can be used as the quality target for both ubiquitous computing product evaluation processes ad development processes. Further, each of the quality characteristics has been expanded with evaluation questions and metrics, in some cases with measures. In addition, this quality model has been applied to the industrial setting of the ubiquitous computing environment. These have revealed that while the approach was sound, there are some parts to be more developed in the future

Web service control of component-based agile manufacturing systems

Current global business competition has resulted in significant challenges for manufacturing and production sectors focused on shorter product lifecyc1es, more diverse and customized products as well as cost pressures from competitors and customers. To remain competitive, manufacturers, particularly in automotive industry, require the next generation of manufacturing paradigms supporting flexible and reconfigurable production systems that allow quick system changeovers for various types of products. In addition, closer integration of shop floor and business systems is required as indicated by the research efforts in investigating "Agile and Collaborative Manufacturing Systems" in supporting the production unit throughout the manufacturing lifecycles. The integration of a business enterprise with its shop-floor and lifecycle supply partners is currently only achieved through complex proprietary solutions due to differences in technology, particularly between automation and business systems. The situation is further complicated by the diverse types of automation control devices employed. Recently, the emerging technology of Service Oriented Architecture's (SOA's) and Web Services (WS) has been demonstrated and proved successful in linking business applications. The adoption of this Web Services approach at the automation level, that would enable a seamless integration of business enterprise and a shop-floor system, is an active research topic within the automotive domain. If successful, reconfigurable automation systems formed by a network of collaborative autonomous and open control platform in distributed, loosely coupled manufacturing environment can be realized through a unifying platform of WS interfaces for devices communication. The adoption of SOA- Web Services on embedded automation devices can be achieved employing Device Profile for Web Services (DPWS) protocols which encapsulate device control functionality as provided services (e.g. device I/O operation, device state notification, device discovery) and business application interfaces into physical control components of machining automation. This novel approach supports the possibility of integrating pervasive enterprise applications through unifying Web Services interfaces and neutral Simple Object Access Protocol (SOAP) message communication between control systems and business applications over standard Ethernet-Local Area Networks (LAN's). In addition, the re-configurability of the automation system is enhanced via the utilisation of Web Services throughout an automated control, build, installation, test, maintenance and reuse system lifecycle via device self-discovery provided by the DPWS protocol...cont'd