Fog and Edge Oriented Embedded Enterprise Systems Patterns: Towards Distributed Enterprise Systems That Run on Edge and Fog Nodes

Enterprise software systems enable enterprises to enhance business and management reporting tasks in enterprise settings. Internet of Things (IoT) focuses on making interactions possible between a number of network-connected physical devices. Prominence of IoT sensors and multiple business drivers have created a contemporary need for enterprise software systems to interact with IoT devices. Business process implementations, business logic and microservices have traditionally been centralized in enterprise systems. Constraints like privacy, latency, bandwidth, connectivity and security have posed a new set of architectural challenges that can be resolved by designing enterprise systems differently so that parts of business logic and processes can run on fog and edge devices to improve privacy, minimize communication bandwidth and promote low-latency business process execution. This paper aims to propose a set of patterns for the expansion of previously-centralized enterprise systems to the edge of the network. Patterns are supported by a case study for contextualization and analysis

Health Block: A Blockchain Based Secure Healthcare Data Storage and Retrieval System for Cloud Computing

Data in healthcare domain is highly sensitive in nature. Besides, there is need for maintaining integrity of such data. Blockchain technology has emerged to solve the problem of data integrity and non-repudiation with immutable storage in distributed repository. Thus secure data storage and retrieval in cloud environments is made possible using blockchain implementation. There are many existing healthcare systems with blockchain integration found in the literature. However, there is need for a system that supports complete set of operations that are governed by smart contracts. Another important consideration is that end users should be able to operate healthcare system without the need for knowledge of blockchain technology. Towards this end, in this paper, we proposed a Blockchain based secure healthcare data storage and retrieval system known as HealthBlock for cloud computing environments. We defined smart contract with underlying structures and functions using Solidity language for Ethereum blockchain platform. We also proposed and implemented an algorithm known as Healthcare Transactions over Blockchain (HToB). This algorithm supports secure blockchain based data storage and retrieval governed by smart contracts. Our system is evaluated using user-friendly web based client application. The experimental results showed that our system is able to ensure data integrity and non-repudiation besides reaping all benefits of blockchain technology

Permissão para partilha seletiva em ambientes IoT

The increasing use of smart devices for monitoring spaces has caused an increase in concerns about the privacy of users of these spaces. Given this problem, the legislation on the right to privacy has been worked to ensure that the existing laws on this subject are sufficiently comprehensive to preserve the privacy of users. In this way, research on this topic evolves in the sense of creating systems that ensure compliance with these laws, that is, increase transparency in the treatment of user data. In the context of this dissertation, a demonstrator-based strategy is presented to provide users control over their stored data during the temporary use of an intelligent environment. In addition, this strategy includes transparency guarantees, highlights the right to forgetting, provides the ability to consent and proof of that consent. A strategy for privacy control in such environments is also mentioned in this paper. This dissertation was developed within the CASSIOPEIA project where the case study focuses on the SmartBnB problem where a user rents a smart home for a limited time. This paper presents the developed system that ensures the user’s privacy and control over their data.O uso crescente de dispositivos inteligentes para monitorização de espaços tem provocado um aumento das preocupações sobre a privacidade dos utilizadores destes espaços. Face a este problema, a legislação sobre o direito à privacidade tem sido trabalhada de forma a garantir que as leis existentes sobre este tema são suficientemente abrangentes para preservar a privacidade dos utilizadores. Desta forma, a investigação neste tópico evolui no sentido de criar sistemas que garantam o cumprimento destas leis, ou seja aumentam a transparência no tratamentos dos dados dos utilizadores. No contexto desta dissertação, é apresentada uma estratégia baseado num demonstrador para fornecer um controlo ao utilizador sobre os seus dados armazenados durante a utilização temporária de um ambiente inteligente. Para além disso, esta estratégia inclui garantias de transparência, evidencia o direito ao esquecimento, fornece a capacidade de consentimento e prova desse consentimento. É também mencionada neste documento uma estratégia para um controlo de privacidade neste tipo de ambientes. Esta dissertação foi desenvolvida no âmbito do projeto CASSIOPEIA onde o caso de estudo se foca no SmartBnB problem onde um utilizador arrenda uma casa inteligente durante um tempo limitado. Este documento apresenta o sistema desenvolvido que garante a privacidade e controlo do utilizador sobre os seus próprios dados.This work is partially funded by NGI Trust, with number 3.85, Pro-ject CASSIOPEIA.Mestrado em Engenharia de Computadores e Telemátic

End-to-end verifiable voting for developing countries - what’s hard in Lausanne is harder still in Lahore

In recent years end-to-end verifiable voting (E2EVV) has emerged as a promising new paradigm to conduct evidence-based elections. However, E2EVV systems thus far have primarily been designed for the developed world and the fundamental assumptions underlying the design of these systems do not readily translate to the developing world, and may even act as potential barriers to adoption of these systems. This is unfortunate because developing countries account for 80\% of the global population, and given their economic and socio-political dilemmas and their track record of contentious elections, these countries arguably stand to benefit most from this exciting new paradigm. In this paper, we highlight various limitations and challenges in adapting E2EVV systems to these environments, broadly classed across social, political, technical, operational, and human dimensions. We articulate corresponding research questions and identify significant literature gaps in these categories. We also suggest relevant strategies to aid researchers, practitioners, and policymakers in visualizing and exploring solutions that align with the context and unique ground realities in these environments. Our goal is to outline a broader research agenda for the community to successfully adapt E2EVV voting systems to developing countries

End-to-end verifiable voting for developing countries -- what's hard in Lausanne is harder still in Lahore

In recent years end-to-end verifiable voting (E2EVV) has emerged as a promising new paradigm to conduct evidence-based elections. However, E2EVV systems thus far have primarily been designed for the developed world and the fundamental assumptions underlying the design of these systems do not readily translate to the developing world, and may even act as potential barriers to adoption of these systems. This is unfortunate because developing countries account for 80\% of the global population, and given their economic and socio-political dilemmas and their track record of contentious elections, these countries arguably stand to benefit most from this exciting new paradigm. In this paper, we highlight various limitations and challenges in adapting E2EVV systems to these environments, broadly classed across social, political, technical, operational, and human dimensions. We articulate corresponding research questions and identify significant literature gaps in these categories. We also suggest relevant strategies to aid researchers, practitioners, and policymakers in visualizing and exploring solutions that align with the context and unique ground realities in these environments. Our goal is to outline a broader research agenda for the community to successfully adapt E2EVV voting systems to developing countries

Proactive Legal Design for Health Data Sharing Based on Smart Contracts

© 2021 Hart Publishing, Bloomsbury Publishing.fi=vertaisarvioitu|en=peerReviewed

Towards an Accountable Web of Personal Information: the Web-of-Receipts

Consent is a corner stone in any Privacy practice or public policy. Much beyond a simple "accept" button, we show in this paper that obtaining and demonstrating valid Consent can be a complex matter since it is a multifaceted problem. This is important for both Organisations and Users. As shown in recent cases, not only cannot an individual prove what they accepted at any point in time, but also organisations are struggling with proving such consent was obtained leading to inefficiencies and non-compliance. To a large extent, this problem has not obtained sufficient visibility and research effort. In this paper, we review the current state of Consent and tie it to a problem of Accountability. We argue for a different approach to how the Web of Personal Information operates: the need of an accountable Web in the form of Personal Data Receipts which are able to protect both individuals and organisation. We call this evolution the Web-of-Receipts: online actions, from registration to real-time usage, is preceded by valid consent and is auditable (for Users) and demonstrable (for Organisations) at any moment by using secure protocols and locally stored artefacts such as Receipts. The key contribution of this paper is to elaborate on this unique perspective, present proof-of-concept results and lay out a research agenda

Security and privacy issues in some special-puropse networks

This thesis is about providing security and privacy to new emergent applications which are based on special-purpose networks. More precisely, we study different aspects regarding security and privacy issues related to sensor networks, mobile ad hoc networks, vehicular ad hoc networks and social networks.Sensor networks consist of resource-constrained wireless devices with sensor capabilities. This emerging technology has a wide variety of applications related to event surveillance like emergency response, habitat monitoring or defense-related networks.Ad hoc networks are suited for use in situations where deploying an infrastructure is not cost effective or is not possible for any other reason. When the nodes of an ad hoc network are small mobile devices (e.g. cell phones or PDAs), such a network is called mobile ad hoc network. One of many possible uses of MANETs is to provide crisis management services applications, such as in disaster recovery, where the entire communication infrastructure is destroyed and reestablishing communication quickly is crucial. Another useful situation for MANETs is a scenario without fixed communication systems where there is the need for any kind of collaborative computing. Such situation can occur in both business and military environments.When the mobile nodes of a MANET are embedded in cars, such a network is called Vehicular Ad hoc Network (VANET). This kind of networks can be very useful to increase the road traffic safety and they will be deployed for real use in the forthcoming years. As a proof of that, eight important European vehicle manufacturers have founded the CAR 2 CAR Communication Consortium. This non-profit organisation is dedicated to the objective of further increasing traffic safety and efficiency by means of inter-vehicle communications.Social networks differ from the special-purpose networks commented above in that they are not physical networks. Social networks are applications that work through classic networks. They can be defined as a community of web users where each user can publish and share information and services. Social networks have become an object of study both in computer and social sciences, with even dedicated journals and conferences.The special-purpose networks described above provide a wide range of new services and applications. Even though they are expected to improve the society in several ways, these innovative networks and their related applications bring also security and privacy issues that must be addressed.This thesis solves some security and privacy issues related to such new applications and services. More specifically, it focuses on:·Secure information transmission in many-to-one scenarios with resource-constrained devices such as sensor networks.·Secure and private information sharing in MANETs.·Secure and private information spread in VANETs.·Private resource access in social networks.Results presented in this thesis include four contributions published in ISI JCR journals (IEEE Transactions on Vehicular Technology, Computer Networks (2) and Computer Communications) and two contributions published in two international conferences (Lecture Notes in Computer Science).Esta tesis trata diversos problemas de seguridad y privacidad que surgen al implantar en escenarios reales novedosas aplicaciones basadas en nuevos y emergentes modelos de red. Estos nuevos modelos de red difieren significativamente de las redes de computadores clásicas y son catalogadas como redes de propósito especial. Específicamente, en este trabajo se estudian diferentes aspectos relacionados con la seguridad de la información y la privacidad de los usuarios en redes de sensores, redes ad hoc móviles (MANETs), redes ad hoc vehiculares (VANETs) y redes sociales.Las redes de sensores están formadas por dispositivos inalámbricos muy limitados a nivel de recursos (capacidad de computación y batería) que detectan eventos o condiciones del entorno donde se instalan. Esta tecnología tiene una amplia variedad de aplicaciones entre las que destacan la detección de emergencias o la creación de perímetros de seguridad. Una MANET esta formada por nodos móviles conectados entre ellos mediante conexiones inalámbricas y de forma auto-organizada. Este tipo de redes se constituye sin la ayuda de infraestructuras, por ello son especialmente útiles en situaciones donde implantar una infraestructura es inviable por ser su coste demasiado elevado o por cualquier otra razón. Una de las muchas aplicaciones de las MANETs es proporcionar servicio en situaciones críticas (por ejemplo desastres naturales) donde la infraestructura de comunicaciones ha sido destruida y proporcionar conectividad rápidamente es crucial. Otra aplicación directa aparece en escenarios sin sistemas de comunicación fijos donde existe la necesidad de realizar algún tipo de computación colaborativa entre diversas máquinas. Esta situación se da tanto en ámbitos empresariales como militares.Cuando los nodos móviles de una MANET se asocian a vehículos (coches, camiones.), dicha red se denomina red ad hoc vehicular o VANET. Este tipo de redes pueden ser muy útiles para incrementar la seguridad vial y se espera su implantación para uso real en los próximos años. Como prueba de la gran importancia que tiene esta tecnología, los ocho fabricantes europeos más importantes han fundado la CAR 2 CAR Communication Consortium. Esta organización tiene como objetivo incrementar la seguridad y la eficiencia del tráfico mediante el uso de comunicaciones entre los vehículos.Las redes sociales se diferencian de las redes especiales descritas anteriormente en que éstas no son redes físicas. Las redes sociales son aplicaciones que funcionan a través de las redes de computadores clásicas. Una red de este tipo puede ser definida como una comunidad de usuarios web en donde dichos usuarios pueden publicar y compartir información y servicios. En la actualidad, las redes sociales han adquirido gran importancia ofreciendo un amplio abanico de posibilidades a sus usuarios: trabajar de forma colaborativa, compartir ficheros, búsqueda de nuevos amigos, etc.A continuación se resumen las aplicaciones en las que esta tesis se centra según el tipo de red asociada:·Transmisión segura de información en escenarios muchos-a-uno (múltiples emisores y un solo receptor) donde los dispositivos en uso poseen recursos muy limitados. Este escenario es el habitual en redes de sensores.·Distribución de información de forma segura y preservando la privacidad de los usuarios en redes ad hoc móviles.·Difusión de información (con el objeto de incrementar la seguridad vial) fidedigna preservando la privacidad de los usuarios en redes ad hoc vehiculares.·Acceso a recursos en redes sociales preservando la privacidad de los usuarios. Los resultados de la tesis incluyen cuatro publicaciones en revistas ISI JCR (IEEE Transactions on Vehicular Technology, Computer Networks (2) y Computer Communications) y dos publicaciones en congresos internacionales(Lecture Notes in Computer Science)

Digital Twins and Blockchain for IoT Management

Security and privacy are primary concerns in IoT management. Security breaches in IoT resources, such as smart sensors, can leak sensitive data and compromise the privacy of individuals. Effective IoT management requires a comprehensive approach to prioritize access security and data privacy protection. Digital twins create virtual representations of IoT resources. Blockchain adds decentralization, transparency, and reliability to IoT systems. This research integrates digital twins and blockchain to manage access to IoT data streaming. Digital twins are used to encapsulate data access and view configurations. Access is enabled on digital twins, not on IoT resources directly. Trust structures programmed as smart contracts are the ones that manage access to digital twins. Consequently, IoT resources are not exposed to third parties, and access security breaches can be prevented. Blockchain has been used to validate digital twins and store their configuration. The research presented in this paper enables multitenant access and customization of data streaming views and abstracts the complexity of data access management. This approach provides access and configuration security and data privacy protection.Comment: Reference: Mayra, Samaniego and Ralph, Deters. 2023. Digital Twins and Blockchain for IoT Management. In The 5th ACM International Symposium on Blockchain and Secure Critical Infrastructure (BSCI '23), July 10-14, 2023, Melbourne, VIC, Australia. ACM, New York, NY, USA, 11 pages. https://doi.org/10.1145/3594556.359461