Revisiting Client/Server Computing

The role of the Information Technology department is changing as it continues to mature and adapt to changes in technology, much of that change dealing with its interaction with corporate end-users. IT departments must continue to move in a more user friendly direction or they are going to encounter serious political problems with top management. The increased interest in cloud computing, green computing, and in outsourcing are further indicators of the problems that IT departments are currently facing.   Information Technology departments must approach client/server with a clear view of the lasting business benefits that it can bring rather than opposing or resisting the migratio

Privacy-aware Identity Management for Client-side Mashup Applications

This paper concerns the problem of identity management in modern Web-2.0-based mashup applications. Identity management supports convenient access to information when mashups are used in sensitive environments, such an banking, investment and online shopping, by providing services such as single sign-on. We present Web2ID, a new identity management protocol tailored for mashup applications. Web2ID leverages a secure mashup framework and enables transfer of credentials between a service provider and a consumer. We also describe a new relay framework in which communication between two service providers is mediated by a relay agent within the mashup. We show that Web2ID is privacy-preserving and prevents service providers from learning a user’s surfing habits. We present an implementation of Web2ID and the relay framework using a JavaScript-based library that executes within the browser. Our implementation does not require client-side changes and is therefore fully compatible even with legacy browsers. We also highlight the key challenges faced in creating a portable, inbrowser library to support identity management in mashups

Enterprise Adoption Oriented Cloud Computing Performance Optimization

Cloud computing in the Enterprise has emerged as a new paradigm that brings both business opportunities and software engineering challenges. In Cloud computing, business participants such as service providers, enterprise solutions, and marketplace applications are required to adopt a Cloud architecture engineered for security and performance. One of the major hurdles of formal adoption of Cloud solutions in the enterprise is performance. Enterprise applications (e.g., SAP, SharePoint, Yammer, Lync Server, and Exchange Server) require a mechanism to predict and manage performance expectations in a secure way. This research addresses two areas of performance challenges: Capacity planning to ensure resources are provisioned in a way that meets requirements while minimizing total cost of ownership; and optimization to authentication protocols that enable enterprise applications to authenticate among each other and meet the performance requirements for enterprise servers, including third party marketplace applications. For the first set of optimizations, the theory was formulated using a stochastic process where multiple experiments were monitored and data collected over time. The results were then validated using a real-life enterprise product called Lync Server. The second set of optimizations was achieved by introducing provisioning steps to pre-establish trust among enterprise applications servers, the associated authorisation server, and the clients interested in access to protected resources. In this architecture, trust is provisioned and synchronized as a pre-requisite step 3 to authentication among all communicating entities in the authentication protocol and referral tokens are used to establish trust federation for marketplace applications across organizations. Various case studies and validation on commercially available products were used throughout the research to illustrate the concepts. Such performance optimizations have proved to help enterprise organizations meet their scalability requirements. Some of the work produced has been adopted by Microsoft and made available as a downloadable tool that was used by customers around the globe assisting them with Cloud adoption

An evaluation of identity in online social networking: distinguishing fact from fiction

Online social networks are understood to replicate the real life connections between people. As the technology matures, more people are joining social networking communities such as MySpace (www.myspace.com) and Facebook (www.facebook.com). These online communities provide the opportunity for individuals to present themselves and maintain social interactions through their profiles. Such traces in profiles can be used as evidence in deciding the level of trust with which to imbue individuals in making access control decisions. However, online profiles have serious implications over the reality of identity disclosure. There are many reasons why someone may choose not to reveal their true self, which sometimes leads to misidentification or deception. On one hand, the structure of online profiles allows anonymity, which gives users the opportunity to create a persona that may not represent their true identity. On the other hand, we often play multiple identities in different contexts where such behaviour is acceptable. However, realizing the context for each identity representation depends on the individual. As a result, some represented identities will be essentially real, if edited for public view, some will be disguised, and others will be fictitious or humorous. The millions of social network profiles, and billions of connections between them, make it difficult to formalize an automated approach to differentiate fact from fiction in online self-described identities. How can we be sure with whom we are interacting, and whether these individuals or groups are being truthful with the online identities they present to the rest of the community? What tools and techniques can be used to gather, organize, and explore the available data for informing the level of honesty that should be entrusted to an individual? Can we verify the validity of the identity automatically, based on the available information online? We aim to evaluate identity representation online and examine how identity can be verified in a less trusted online community. We propose a personality classifier model to identify a user‟s personality (such as expressive, valid, active, positive, popular, sociable and traceable) using traces of 2.2 million profile features collected from MySpace. We use data mining techniques and social network analysis to extract significant patterns in the data and network structure, and improve the classifier during the cycle of development. We evaluate our classifier model on profiles with known identities such as „real‟ and „fake‟. Our results indicate that by utilizing people‟s online, self-reported information, personality, and their network of friends and interactions, we are able to provide evidence for validating the type of identity in a manner that is both accurate and scalable

Mashup Ecosystems: Integrating Web Resources on Desktop and Mobile Devices

The Web is increasingly used as an application platform, and recent development of it has introduced software ecosystems where different actors collaborate. This collaboration is international from day one, and it evolves and grows rapidly. In web ecosystems applications are provided as services, and interdependencies between ecosystem parts can vary from very strong and obvious to loose and recondite. Mashups -- web application hybrids that combine resources from different services into an integrated system that has increased value from user perspective -- are exploiting services of the Web and creating ecosystems where end-users, mashup authors, and service providers collaborate. The term "resources" is used here in a broad sense, and it can refer to user's local data, infinite content of the Web, and even executable code. This dissertation presents mashups as a new breed of web applications that are intended for parsing the web content into an easily accessed form on both regular desktop computers as well as on mobile devices. Constantly evolving web technologies and new web services open up unforeseen possibilities for mashup development. However, developing mashups with current methods and tools for existing deployment environments is challenging. First, the Web as an application platform faces numerous shortcomings, second, web application development practices in general are still immature, and third, development of mashups has additional requirements that need to be addressed. In addition, mobility sets even more challenges for mashup authoring. This dissertation describes and addresses numerous issues regarding mashup ecosystems and client-side mashup development. To achieve this, we have implemented technical research artifacts including mashup ecosystems and different kinds of mashup compositions. The artifacts are developed with numerous runtime environments and tools and targeted at different end-user platforms. This has allowed us to evaluate methods, tools, and practises used during the implementation. As result, this dissertation identifies the fundamental challenges of mashup ecosystems and describes how service providers and mashup ecosystem authors can address these challenges in practice. In addition, example implementation of a specialized multimedia mashup ecosystem for mobile devices is described. To address mashup development issues, this dissertation introduces practical guidelines and a reference architecture that can be applied when mashups are created with traditional web development tools. Moreover, environments that can be used on mobile devices to create mashups that have access to both web and local resources are introduced. Finally, a novel approach to web software development -- creating software as a mashup -- is introduced, and a realization of such concept is described

Serviços orientados a eventos da vida controlados pelo cidadão

Doutoramento em Engenharia InformáticaA progressiva introdução das Tecnologias da Informação e Comunicação na Administração Pública (AP) provocou uma grande evolução na prestação de serviços ao cidadão. Transitou-se de um paradigma de prestação de serviços baseado nas competências de cada instituição, resultado da organização da AP em silos, para um paradigma de prestação de serviços integrados, que pode envolver a participação de serviços de várias instituições, que para o efeito trocam informação entre si, porventura sem que o cidadão disso se aperceba. Um dos objetivos da integração de serviços é a prestação de serviços que visam satisfazer situações do dia-a-dia do cidadão que implicam a interação com serviços da AP, i.e., serviços orientados a eventos da vida (serviços OEV). No entanto, apesar da bondade do objetivo, a integração de serviços é complexa e tem o potencial para criar situações desfavoráveis para o cidadão, nomeadamente para sua privacidade. Com efeito, o cidadão deixa de ter o controlo sobre a difusão da sua informação pelas várias instituições, uma vez que são estas que comunicam entre si para obter a informação necessária para a prestação dos respetivos serviços. Nesta tese propomos um modelo de prestação de serviços OEV, o modelo CHAPAS, que pretende: (i) desincentivar a comunicação direta entre instituições para a obtenção de informação do cidadão, (ii) colocar o cidadão no controlo da disseminação da sua informação pelas várias instituições e (iii) fomentar a minimização da informação que o cidadão tem de fornecer às várias instituições para obter os serviços que pretende. Para cumprir esses objetivos, transferimos para o cidadão a responsabilidade pela obtenção de todos os serviços que compõem um serviço OEV, e dotámos o cidadão de uma aplicação, o Chappie, que lhe permite: (i) compor o serviço OEV que pretende obter, (ii) verificar que informação tem de fornecer para obter cada um dos serviços que compõem o serviço OEV e, caso o cidadão assim o decida, (iii) proceder à obtenção desses vários serviços. Como o cidadão pode fornecer a cada instituição toda a informação necessária para que esta lhe preste o serviço pretendido, mesmo que tenha de os obter previamente de outras instituições, estas deixam de ter necessidade de comunicar entre si para obter a informação que necessitam para a prestação dos respetivos serviços, o que permite limitar a difusão de informação do cidadão e dessa forma proteger a sua privacidade. Para a avaliação do modelo usámos o evento da vida de compra de casa, que envolve interações do cidadão com serviços de várias instituições da AP e particulares e cujas características nos permitem explorar as várias vertentes do modelo. Com base nele, desenvolvemos um cenário de exploração e protótipos do Chappie e dos vários serviços, que nos permitiram concluir da viabilidade do modelo CHAPAS, com algumas vantagens e com algumas limitações, para ser uma alternativa viável para a prestação de serviços de governo eletrónico ao cidadão.The introduction of Information and Communication Technologies in the Public Administration (PA) gave rise to a huge evolution in the provisioning of public services to the citizen. It evolved from a service provisioning paradigm based in the competences of each PA department, which directly results from the PA siloed organization, into an integrated service provisioning paradigm, that may involve multiple PA departments that exchange information with each other, possibly without the citizen being aware of those exchanges. One of the reasons for this service integration is the provisioning of better services targeted to the satisfaction of citizens’ everyday situations that require interaction with many PA services, i.e., life-event services. Despite the goodness in the goal of improving the citizen interaction with PA, the integration of PA services is complex and may create adverse situations for the citizens, namely regarding their privacy. The citizen loses the control over the dissemination of his personal information throughout the many PA departments, as they communicate with each other to gather the information required for service provisioning. In this thesis, we propose a model for life-event service provision, the CHAPAS model, with the following goals: (i) to discourage direct communication between PA departments to exchange citizens’ information; (ii) to place the citizen in control of the dissemination of his information throughout the many PA departments; and (iii) to promote the minimization of the disclosure of citizens’ information to PA departments when obtaining the wanted services. To fulfill these goals, we transfer the responsibility for obtaining all the partial services that composes a life event service to the citizen that is empowered with an application, the Chappie, which enables him to: (i) compose the life-event service he wants; (ii) verify the information he must disclose to obtain each and every partial service that composes the life-event service he wants; and upon a citizen decision, (iii) obtain all those partial services. As the citizen is able to supply all the information that a PA department needs to provide the service the citizen wants, departments no longer need to communicate with each other to gather the information they need for service provisioning. This enhances the protection of citizens’ privacy as we avoid the dissemination of citizens’ information without his control. For CHAPAS model validation, we used the Buying a Home life event, which requires citizen interactions with services from several PA departments and private institutions, and whose characteristics allows for a full exploration of the model. We developed an exploitation scenario and prototypes for the citizen Chappie and for the several services from which we concluded that the CHAPAS model, with some advantages and some disadvantages, might be a viable alternative for the provisioning of e-government services to citizens