A DEVSECOPS APPROACH FOR DEVELOPING AND DEPLOYING CONTAINERIZED CLOUD-BASED SOFTWARE ON SUBMARINES

There are unique challenges for using secure cloud services in disconnected resource-constrained environments and with controlled data. To address those challenges, this thesis introduces a tactical-edge platform-as-a-service (PaaS) solution with a declarative-delivery method for submarine Consolidated Afloat Network Enterprise Services (CANES) operating systems. The PaaS is adapted from the Department of Defense’s Big Bang core elements for submarine-focused outcomes. Using the Team Submarine Project Blue initiative as a case study, this thesis consists of a feasibility study for running containerized applications on different submarine-compatible baselines and applying a prototype declarative software-delivery method called ZARF. We demonstrated the feasibility of using ZARF for packaging and automated deployment of the Project Blue PaaS and its software to the submarine CANES infrastructure. This research culminated in successful integration tests on a current and future submarine hardware and software baseline. The thesis documents the execution of the research, lessons learned, and recommendations for the Navy’s path forward for development of secure software and declarative deployment in air-gapped environments.Outstanding ThesisLieutenant, United States NavyApproved for public release. Distribution is unlimited

Assured Android Execution Environments

Current cybersecurity best practices, techniques, tactics and procedures are insufficient to ensure the protection of Android systems. Software tools leveraging formal methods use mathematical means to assure both a design and implementation for a system and these methods can be used to provide security assurances. The goal of this research is to determine methods of assuring isolation when executing Android software in a contained environment. Specifically, this research demonstrates security properties relevant to Android software containers can be formally captured and validated, and that an implementation can be formally verified to satisfy a corresponding specification. A three-stage methodology called The Formal Verification Cycle is presented. This cycle focuses on the iteration over a set of security properties to validate each within a specification and their verification within a software implementation. A security property can be validated when its functional language prototype (e.g. a Haskell coded version of the property) is converted and processed by a formal method (e.g. a theorem proof assistant). This validation of the property enables the definition of the property in a software specification, which can be implemented separately in an imperative programming language (e.g. the Go programming language). Once the implementation is complete another formal method can be used (e.g. symbolic execution) to verify the imperative implementation satisfies the validated specification. Successful completion of this cycle shows a given implementation is equivalent to a functional language prototype, and this cycle assures a specification for the original desired security properties was properly implemented. This research shows an application of this cycle to develop Assured Android Execution Environments

Analysis The Effect of Planning Effectiveness On Regional Development Mediated The Implementation Of The Performance Accountability System

This study examined the relationship between planning effectiveness and regional development, and the mediating role of the performance accountability system in this relationship. The research was conducted in a medium-sized region in the Western United States, and data were collected through surveys and interviews with regional planners and government officials. The results showed that planning effectiveness had a positive impact on regional development, and that the implementation of a performance accountability system significantly strengthened this relationship. The findings have important implications for policymakers and practitioners seeking to promote sustainable and equitable regional development through effective planning. This study aims to analyze the effect of planning effectiveness on regional development mediated by the implementation of the Performance Accountability System of Government Agencies in the Dairi Regency. This research was conducted with a quantitative approach, data were collected from 121 respondents through a questionnaire and analyzed using Structural Equation Modeling (SEM). The results of the research through hypothesis testing indicate that the effectiveness of planning has a positive and significant effect on regional development mediated by the implementation of the Performance Accountability System of Government Agencies in the Dairi Regenc

BANDWIDTH CONTROL BASED ON IP ADDRESS

This report provides an insight of problem identification, related secondary data (literature reviews), the possible approach in completing the project and the result/discussion arguments. The progress of the project are also been projected in this report. It can be referred to the diagrams, testing results and some comparisons that will be later discuss in depth. The proposed method is based on the current situation that every network is experiencing which is the congested problem as a result of some phenomenon that occurs such as the bottleneck problems and ip spoofing. Upon the completion of this project, it is expected to deliver a fair distribution of network bandwidth to the users. It is practically done by controlling the bandwidth usage from a dedicated server and a resource locator so that the abuser can be pin-pointed and the whereabouts can also be determined. A network policy is also being implemented here with the integration of the PHP language, the MySQL as the main data storage and also the GIS application such as the mapserver for the resource locator part. This paper will also focus on the security part and data visualization from the result

BANDWIDTH CONTROL BASED ON IP ADDRESS

This report provides an insight of problem identification, related secondary data (literature reviews), the possible approach in completing the project and the result/discussion arguments. The progress of the project are also been projected in this report. It can be referred to the diagrams, testing results and some comparisons that will be later discuss in depth. The proposed method is based on the current situation that every network is experiencing which is the congested problem as a result of some phenomenon that occurs such as the bottleneck problems and ip spoofing. Upon the completion of this project, it is expected to deliver a fair distribution of network bandwidth to the users. It is practically done by controlling the bandwidth usage from a dedicated server and a resource locator so that the abuser can be pin-pointed and the whereabouts can also be determined. A network policy is also being implemented here with the integration of the PHP language, the MySQL as the main data storage and also the GIS application such as the mapserver for the resource locator part. This paper will also focus on the security part and data visualization from the result

BANDWITH CONTROL BASED ON IP ADDRESS

This report provides an insight of problem identification, related secondary data (literature reviews), the possible approach in completing the project and the result/discussion arguments. The progress of the project are also been projected in this report. It can be referred to the diagrams, testing results and some comparisons that will be later discuss in depth. The proposed method is based on the current situation that every network especially in UTP is experiencing which is the congested problem as a result of some phenomenon that occurs such as the bottleneck problems and ip spoofing. Upon the completion of this project, it is expected to deliver a fair distribution of network bandwidth to the users. It is practically done by controlling the bandwidth usage from a dedicated server and a resource locator so that the abuser can be pin-pointed and the whereabouts can also be determined. A network policy is also being implemented here with the integration of the PHP language, the MySQL as the main data storage and also the GIS application such as the mapserver for the resource locator part. This paper will also focus on the security part and data visualization from the result

BANDWITH CONTROL BASED ON IP ADDRESS

This report provides an insight of problem identification, related secondary data (literature reviews), the possible approach in completing the project and the result/discussion arguments. The progress of the project are also been projected in this report. It can be referred to the diagrams, testing results and some comparisons that will be later discuss in depth. The proposed method is based on the current situation that every network especially in UTP is experiencing which is the congested problem as a result of some phenomenon that occurs such as the bottleneck problems and ip spoofing. Upon the completion of this project, it is expected to deliver a fair distribution of network bandwidth to the users. It is practically done by controlling the bandwidth usage from a dedicated server and a resource locator so that the abuser can be pin-pointed and the whereabouts can also be determined. A network policy is also being implemented here with the integration of the PHP language, the MySQL as the main data storage and also the GIS application such as the mapserver for the resource locator part. This paper will also focus on the security part and data visualization from the result

Testbeds in Computer Science

International audienceComputer scientists working on the design of hardware and software architectures and in particular on the design of distributed architectures (network, high performance computing, cloud, sensor networks, IoT, etc.) need to evaluate the relevance of their proposal at scale on a regular basis. Hence, their practice relies on frequent experimental evaluations, which leads to specific needs in term of experimental control. In this context, reproducing the work of other colleagues happens to be very difficult as it requires not only to have precise information about experimental conditions (software stack, external load, hardware type and configuration, etc.) but also to have a testbed allowing to recreate similar experimental conditions. A few experimental testbeds allowing for fine-grain experimental control have been built in the last decade (Grid5000, R2Lab, …). Such testbeds are mutualized and generally open-access, which makes it possible to compare in a fair and truthful way alternative approaches at large scale. In this webinar, Lucas Nussbaum will provide an overview of these projects and of their internals

Scaling your experiments

National audienceThere is a wide range of options to experiment on distributed systems and networking. Simulators running on a laptop or self-made testbeds are sometimes enough, but our field usually targets large to very large systems with potentially millions or billions of elements. In such a case, relying on a laptop or a self-made testbed is impossible. To scale up our experimental research, we can rely on larger-scale infrastructures and testbeds.In a first part, this talk will provide an overview of the landscape of infrastructures and testbeds supporting experimental research in distributed systems and networking.In a second part, we will focus on SDN/NFV experimentation, and will provide some feedback about the current state of available experimentation tools targeting large scale systems

An Integrated, Secured, Open-Source Medical Prototype for Collaborative Patient Management on the Internet

Conventional approaches to building critical and secured systems are based on the use of commercial tools for development and maintenance. Changes in the marketplace and the acceptance of the open-source model have brought this assumption into question. The combination of open-source\u27s rapid rise and the introduction of pervasive computing has made the computing industry more receptive to open-source tools and products. The open-source model allows systems to be controlled by a single individual or a small developer group that reduces dependence on individual experts. The availability of free system source codes, an expanding commercial support market, and increasing global collaborative projects makes open-source an important development in the computing environment and an exciting innovation in software engineering. Open-source projects require a level of modeling to successfully implement a solution. This study implemented a Web application prototype that models medical business logic and state that is secured. The researcher adopted the object-oriented design methodology and prototyping that improved security and lowered overall development cost. The open-source community had played an increasingly significant role in the business plans of established computing companies, in university research labs, and in the development of new companies focused on open-source support and integration issues. The openness of the Internet presents both system development and privacy issues. The availability of free tools and instructions on how to compromise systems is alarming within the online community. Thus, open-source security tools are helping protect people\u27s privacy by enforcing authentication, confidentiality, and information integrity to prevent unauthorized access. Open-source growth motivated this research to develop a medical prototype for online collaboration. Open-source tools including PHP, MySQL, Apache Web Server, and the Linux operating system were used to develop the secured application through prototyping. The main contribution of this study is that it demonstrated the exclusive use of open-source software and tools for an online application. The researcher hypothesized that open-source tools like PHP, MySQL, XML, and LINUX are the answer to building dynamic multi-tiers and cost effective systems faster. The research also explored major tools available for open-source software development