XSACd—Cross-domain resource sharing & access control for smart environments

Computing devices permeate working and living environments, affecting all aspects of modern everyday lives; a trend which is expected to intensify in the coming years. In the residential setting, the enhanced features and services provided by said computing devices constitute what is typically referred to as a “smart home”. However, the direct interaction smart devices often have with the physical world, along with the processing, storage and communication of data pertaining to users’ lives, i.e. private sensitive in nature, bring security concerns into the limelight. The resource-constraints of the platforms being integrated into a smart home environment, and their heterogeneity in hardware, network and overlaying technologies, only exacerbate the above issues. This paper presents XSACd, a cross-domain resource sharing & access control framework for smart environments, combining the well-studied fine-grained access control provided by the eXtensible Access Control Markup Language (XACML) with the benefits of Service Oriented Architectures, through the use of the Devices Profile for Web Services (DPWS). Based on standardized technologies, it enables seamless interactions and fine-grained policy-based management of heterogeneous smart devices, including support for communication between distributed networks, via the associated MQ Telemetry Transport protocol (MQTT)–based proxies. The framework is implemented in full, and its performance is evaluated on a test bed featuring relatively resource-constrained smart platforms and embedded devices, verifying the feasibility of the proposed approac

Context-aware Authorization in Highly Dynamic Environments

Highly dynamic computing environments, like ubiquitous and pervasive computing environments, require frequent adaptation of applications. Context is a key to adapt suiting user needs. On the other hand, standard access control trusts users once they have authenticated, despite the fact that they may reach unauthorized contexts. We analyse how taking into account dynamic information like context in the authorization subsystem can improve security, and how this new access control applies to interaction patterns, like messaging or eventing. We experiment and validate our approach using context as an authorization factor for eventing in Web service for device (like UPnP or DPWS), in smart home security

Improving the Scalability of DPWS-Based Networked Infrastructures

The Devices Profile for Web Services (DPWS) specification enables seamless discovery, configuration, and interoperability of networked devices in various settings, ranging from home automation and multimedia to manufacturing equipment and data centers. Unfortunately, the sheer simplicity of event notification mechanisms that makes it fit for resource-constrained devices, makes it hard to scale to large infrastructures with more stringent dependability requirements, ironically, where self-configuration would be most useful. In this report, we address this challenge with a proposal to integrate gossip-based dissemination in DPWS, thus maintaining compatibility with original assumptions of the specification, and avoiding a centralized configuration server or custom black-box middleware components. In detail, we show how our approach provides an evolutionary and non-intrusive solution to the scalability limitations of DPWS and experimentally evaluate it with an implementation based on the the Web Services for Devices (WS4D) Java Multi Edition DPWS Stack (JMEDS).Comment: 28 pages, Technical Repor

Is Ambient Intelligence a truly Human-Centric Paradigm in Industry? Current Research and Application Scenario

The use of pervasive networked devices is nowadays a reality in the service sector. It impacts almost all aspects of our daily lives, although most times we are not aware of its influence. This is a fundamental characteristic of the concept of Ambient Intelligence (AmI). Ambient Intelligence aims to change the form of human-computer interaction, focusing on the user needs so they can interact in a more seamless way, with emphasis on greater user-friendliness. The idea of recognizing people and their context situation is not new and has been successfully applied with limitations, for instance, in the health and military sectors. However its appearance in the manufacturing industry has been elusive. Could the concept of AmI turn the current shop floor into a truly human centric environment enabling comprehensive reaction to human presence and action? In this article an AmI scenario is presented and detailed with applications in human’s integrity and safety.Ambient Intelligence, networks, human-computer interaction

Context-sensitive authorization for asynchronous communications

Main requirement of recent computing environments, like mobile and then ubiquitous computing, is to adapt applications to context. On the other hand, access control generally trust users once they have authenticated, despite the fact that they may reach unauthorized situations. We analyse how dynamic information can be used to improve security in the authorization process, especially in the case of asynchronous communications, like messaging or eventing. We experiment and validate our approach using context as an authorization factor for eventing in Web service for device (like UPnP or DPWS)

Context-Sensitive Authorization in Interaction Patterns

Main requirement of recent computing environments, like mobile and then ubiquitous computing, is to adapt applications to context. On the other hand, access control generally trust users once they have authenticated, despite the fact that they may reach unauthorized situations. We analyse how dynamic information can be used to improve security in the authorization process, and what are the implications when applied to interaction patterns. We experiment and validate our approach using context as an authorization factor for eventing in Web service for device (like UPnP or DPWS)

Dpws middleware to support agent-based manufacturing control and simulation

Dissertação apresentada na Faculdade de Ciências e Tecnologia da Universidade Nova de Lisboa para obtenção do grau de Mestre em Engenharia Electrotécnica e de ComputadoresIn present manufacturing systems, the current challenge is the development of highly reconfigurable, truly distributed solutions. The tendency is to build manufacturing systems with autonomous, intelligent and distributed components that will support reconfiguration and adaptability. The most promising paradigms for the implementation of such systems are multi-agents and service oriented architectures (SOA), mainly over the DPWS (Device Profile for Web Services) implementation which was aimed at devices. An important limitation of most current multi-agent systems is that the management system is not totally distributed. Failure in the agent responsible for the registry can overthrow the entire system. DPWS does not have this limitation, since the management system is totally distributed. However, DPWS does not support agent autonomy notions as efficiently. The possibility of creating a truly distributed multi-agent system by linking both approaches led to this thesis. A Middleware layer was developed that enables agents to benefit from DPWS functionalities in order to reach the proposed goal. This middleware layer joins agents, databases, hardware, simulators, human interface applications such as production system management, error correction and maintenance, etc. To prove this concept a 3D model of an agent controlled manufacturing system with transporters augmented with DPWS communication interfaces was developed

Web service control of component-based agile manufacturing systems

Current global business competition has resulted in significant challenges for manufacturing and production sectors focused on shorter product lifecyc1es, more diverse and customized products as well as cost pressures from competitors and customers. To remain competitive, manufacturers, particularly in automotive industry, require the next generation of manufacturing paradigms supporting flexible and reconfigurable production systems that allow quick system changeovers for various types of products. In addition, closer integration of shop floor and business systems is required as indicated by the research efforts in investigating "Agile and Collaborative Manufacturing Systems" in supporting the production unit throughout the manufacturing lifecycles. The integration of a business enterprise with its shop-floor and lifecycle supply partners is currently only achieved through complex proprietary solutions due to differences in technology, particularly between automation and business systems. The situation is further complicated by the diverse types of automation control devices employed. Recently, the emerging technology of Service Oriented Architecture's (SOA's) and Web Services (WS) has been demonstrated and proved successful in linking business applications. The adoption of this Web Services approach at the automation level, that would enable a seamless integration of business enterprise and a shop-floor system, is an active research topic within the automotive domain. If successful, reconfigurable automation systems formed by a network of collaborative autonomous and open control platform in distributed, loosely coupled manufacturing environment can be realized through a unifying platform of WS interfaces for devices communication. The adoption of SOA- Web Services on embedded automation devices can be achieved employing Device Profile for Web Services (DPWS) protocols which encapsulate device control functionality as provided services (e.g. device I/O operation, device state notification, device discovery) and business application interfaces into physical control components of machining automation. This novel approach supports the possibility of integrating pervasive enterprise applications through unifying Web Services interfaces and neutral Simple Object Access Protocol (SOAP) message communication between control systems and business applications over standard Ethernet-Local Area Networks (LAN's). In addition, the re-configurability of the automation system is enhanced via the utilisation of Web Services throughout an automated control, build, installation, test, maintenance and reuse system lifecycle via device self-discovery provided by the DPWS protocol...cont'd