Requirements-Driven Adaptation of Choreographed Interactions

Electronic services are emerging as the de-facto enabler of interaction interoperability across organization boundaries. Cross-organizational interactions are often “choreographed”, i.e. specified by a messaging protocol from a global point of view independent of the local view of each interacting organization. Local requirements motivating an interaction as well as the global contextual requirements governing the interaction inevitably evolve over time, requiring adaptation of the corresponding interaction protocol. Adaptation of an interaction protocol must ensure the satisfaction of both sets of interaction requirements while maintaining consistency between the global view and the local views of an interaction specification. Such adaptation is not possible with the current state-of-the-art representations of choreographed interactions, as they capture only operational messaging specifications detached from both local organizational requirements as well as global contextual requirements. This thesis presents three novel contributions that tackle adaptation of choreographed interaction protocols: an automated technique for deriving an interaction protocol from requirements, a formalization of consistency between local and global views, and a framework for guiding the adaptation of a choreographed interaction. A choreographed interaction is specified using models of organizational requirements motivating the interaction. We employ the formal semantics embedded in requirements models to automatically derive an interaction protocol. We propose a framework for relating the global and local views of interaction specification and maintaining consistency between them. We develop a metamodel for interaction specification, from which we enumerate adaptation operations. We build a catalogue that provides guidance on performing each operation and propagating changes between the global and local views. These contributions are evaluated using examples from the literature as well as a real-world case study

Scalable And Secure Provenance Querying For Scientific Workflows And Its Application In Autism Study

In the era of big data, scientific workflows have become essential to automate scientific experiments and guarantee repeatability. As both data and workflow increase in their scale, requirements for having a data lineage management system commensurate with the complexity of the workflow also become necessary, calling for new scalable storage, query, and analytics infrastructure. This system that manages and preserves the derivation history and morphosis of data, known as provenance system, is essential for maintaining quality and trustworthiness of data products and ensuring reproducibility of scientific discoveries. With a flurry of research and increased adoption of scientific workflows in processing sensitive data, i.e., health and medication domain, securing information flow and instrumenting access privileges in the system have become a fundamental precursor to deploying large-scale scientific workflows. That has become more important now since today team of scientists around the world can collaborate on experiments using globally distributed sensitive data sources. Hence, it has become imperative to augment scientific workflow systems as well as the underlying provenance management systems with data security protocols. Provenance systems, void of data security protocol, are susceptible to vulnerability. In this dissertation research, we delineate how scientific workflows can improve therapeutic practices in autism spectrum disorders. The data-intensive computation inherent in these workflows and sensitive nature of the data, necessitate support for scalable, parallel and robust provenance queries and secured view of data. With that in perspective, we propose $OPQL^{Pig}$, a parallel, robust, reliable and scalable provenance query language and introduce the concept of access privilege inheritance in the provenance systems. We characterize desirable properties of role-based access control protocol in scientific workflows and demonstrate how the qualities are integrated into the workflow provenance systems as well. Finally, we describe how these concepts fit within the DATAVIEW workflow management system

Securing Software in the Presence of Third-Party Modules

Modular programming is a key concept in software development where the program consists of code modules that are designed and implemented independently. This approach accelerates the development process and enhances scalability of the final product. Modules, however, are often written by third parties, aggravating security concerns such as stealing confidential information, tampering with sensitive data, and executing malicious code.Trigger-Action Platforms (TAPs) are concrete examples of employing modular programming. Any user can develop TAP applications by connecting trigger and action services, and publish them on public repositories. In the presence of malicious application makers, users cannot trust applications written by third parties, which can threaten users’ and platform’s security. We present SandTrap, a novel runtime monitor for JavaScript that can be used to securely integrate third-party applications. SandTrap enforces fine-grained access control policies at the levels of module, API, value, and context. We instantiate SandTrap to IFTTT, Zapier, and Node-RED, three popular JavaScript-driven TAPs, and illustrate how it enforces various policies on a set of benchmarks while incurring a tolerable runtime overhead. We also prove soundness and transparency of the monitoring framework on an essential model of Node-RED. Furthermore, nontransitive policies have been recently introduced as a natural fit for coarse-grained information-flow control where labels are specified at the level of modules. The flow relation does not need to be transitive, resulting in nonstandard noninterference and enforcement mechanism. We develop a lattice encoding to prove that nontransitive policies can be reduced to classical transitive policies. We also devise a lightweight program transformation that leverages standard flow-sensitive information-flow analyses to enforce nontransitive policies more permissively

From Conventional to State-of-the-Art IoT Access Control Models

open access articleThe advent in Online Social Networks (OSN) and Internet of Things (IoT) has created a new world of collaboration and communication between people and devices. The domain of internet of things uses billions of devices (ranging from tiny sensors to macro scale devices) that continuously produce and exchange huge amounts of data with people and applications. Similarly, more than a billion people are connected through social networking sites to collaborate and share their knowledge. The applications of IoT such as smart health, smart city, social networking, video surveillance and vehicular communication are quickly evolving people’s daily lives. These applications provide accurate, information-rich and personalized services to the users. However, providing personalized information comes at the cost of accessing private information of users such as their location, social relationship details, health information and daily activities. When the information is accessible online, there is always a chance that it can be used maliciously by unauthorized entities. Therefore, an effective access control mechanism must be employed to ensure the security and privacy of entities using OSN and IoT services. Access control refers to a process which can restrict user’s access to data and resources. It enforces access rules to grant authorized users an access to resources and prevent others. This survey examines the increasing literature on access control for traditional models in general, and for OSN and IoT in specific. Challenges and problems related to access control mechanisms are explored to facilitate the adoption of access control solutions in OSN and IoT scenarios. The survey provides a review of the requirements for access control enforcement, discusses several security issues in access control, and elaborates underlying principles and limitations of famous access control models. We evaluate the feasibility of current access control models for OSN and IoT and provide the future development direction of access control for the sam

Component-based Adaptation Methods for Service-Oriented Peer-to-Peer Software Architectures

Service-oriented peer-to-peer architectures aim at supporting application scenarios of dispersed collaborating groups in which the participating users are capable of providing and consuming local resources in terms of peer services. From a conceptual perspective, service-oriented peer-to-peer architectures adopt relevant concepts of two well-established state-of-the-art software architectural styles, namely service-oriented architectures (also known as SOA) and peer-to-peer architectures (P2P). One major argumentation of this thesis is that the adoption of end-user adaptability (or tailorability) concepts is of major importance for the successful deployment of service-oriented peer-to-peer architectures that support user collaboration. Since tailorability concepts have so far not been analyzed for both peer-to-peer and service-oriented architectures, no relevant models exist that could serve as a tailorability model for service-oriented peer-to-peer architectures. In order to master the adaptation of peer services, as well as peer service compositions within service-oriented peer-to-peer architectures, this dissertation proposes the adoption of component-oriented development methods. These so-called component-based adaptation methods enable service providers to adapt their provided services during runtime. Here, a model for analyzing existing dependencies on subscribed ser-vice consumers ensures that a service provider is able to adapt his peer services without violating any dependencies. In doing so, an adaptation policy that can be pre-arranged within a peer group regulates the procedures of how to cope with existing dependencies in the scope of a group. The same methods also serve as a way to handle exceptional cases, in particular the failure of a dependent service provider peer and, hence, a service that is part of a local service composition. In this, the hosting runtime environment is responsible for detecting exceptions and for initiating the process of exception resolution. During the resolution phase, a user can be actively involved at selected decision points in order to resolve the occurred exception in unpredictable contexts. An exception could also be the reason for the violation of an integrity constraint that serves as a contract between various peers that interact within a given collaboration. The notion of integrity constraints and the model of handling the constraint violation aim at improving the reliability of target-oriented peer collaborations. This dissertation is composed of three major parts that each makes a significant contribution to the state of the art. First of all, a formal architectural style (SOP2PA) is introduced to define the fundamental elements that are necessary to build service-oriented peer-to-peer architectures, as well as their relationships, constraints, and operational semantics. This architectural style also formalizes the above-mentioned adaptation methods, the exception handling model that embraces these methods, the analysis model for managing consumer dependencies, as well as the integrity constraints model. Subsequently, on this formal basis, a concrete (specific) service-oriented peer-to-peer architecture (DEEVOLVE) is conceptualized that serves as the default implementation of that style. Here, the notions described above are materialized based on state-of-the-art software engineering methods and models. Finally, the third contribution of this work outlines an application scenario stemming from the area of construction informatics, in which the default implementation DEEVOLVE is deployed in order to support dispersed planning activities of structural engineers

An Integrated Architecture for Ad Hoc Grids

Extensive research has been conducted by the grid community to enable large-scale collaborations in pre-configured environments. grid collaborations can vary in scale and motivation resulting in a coarse classification of grids: national grid, project grid, enterprise grid, and volunteer grid. Despite the differences in scope and scale, all the traditional grids in practice share some common assumptions. They support mutually collaborative communities, adopt a centralized control for membership, and assume a well-defined non-changing collaboration. To support grid applications that do not confirm to these assumptions, we propose the concept of ad hoc grids. In the context of this research, we propose a novel architecture for ad hoc grids that integrates a suite of component frameworks. Specifically, our architecture combines the community management framework, security framework, abstraction framework, quality of service framework, and reputation framework. The overarching objective of our integrated architecture is to support a variety of grid applications in a self-controlled fashion with the help of a self-organizing ad hoc community. We introduce mechanisms in our architecture that successfully isolates malicious elements from the community, inherently improving the quality of grid services and extracting deterministic quality assurances from the underlying infrastructure. We also emphasize on the technology-independence of our architecture, thereby offering the requisite platform for technology interoperability. The feasibility of the proposed architecture is verified with a high-quality ad hoc grid implementation. Additionally, we have analyzed the performance and behavior of ad hoc grids with respect to several control parameters

The use of TRAO to manage evolution risks in e-government

The need to develop and provide more efficient ways of providing Electronic Government Services to key stakeholders in government has brought about varying degrees of evolution in government. This evolution is seen in different ways like the merging of government departments, the merging of assets or its components with legacy assets etc. This has involved the incorporation of several practices that are geared towards the elimination of processes that are repetitive and manual while attempting to progressively encourage the interaction that exists between the different stakeholders. However, some of these practices have further complicated processes in government thus creating avenues for vulnerabilities which if exploited expose government and government assets to risks and threats. Focusing on ways to manage the issues accompanied with evolution can better prepare governments for manging the associated vulnerabilities, risks and threats. The basis of a conceptual framework is provided to establish the relationships that exist between the E-Government, asset and security domains. Thus, this thesis presents a design research project used in the management of evolution-related risks. The first part of the project focusses on the development of a generic ontology known as TRAO and a scenario ontology TRAOSc made up of different hypothetical scenarios. The resulting efficiency of the development of these ontologies have facilitated the development of an intelligent tool TRAOSearch that supports high-level semantically enriched queries. Results from the use of a case study prove that there are existing evolution-related issues which governments may not be fully prepared for. Furthermore, an ontological approach in the management of evolution-related risks showed that government stakeholders were interested in the use of intelligent processes that could improve government effectiveness while analysing the risks associated with doing this. Of more importance to this research was the ability to make inferences from the ontology on existing complex relationships that exist in the form of dependencies and interdependencies between Stakeholders and Assets. Thus, this thesis presents contributions in the aspect of advancing stakeholders understanding on the types of relationships that exist in government and the effect these relationships may have on service provisioning. Another novel contribution can be seen in the correction of the ambiguity associated with the terms Service, IT Service and E-Government. Furthermore, the feedback obtained from the use of an ontology-based tool during the evaluation phase of the project provides insights on whether governments must always be at par with technological evolution