An Interaction-based Software-Defined Security Model and Platform to secure cloud resources

University of Technology Sydney. Faculty of Engineering and Information Technology.Cloud computing has transformed a large portion of the IT industry through its ability to provision infrastructure resources – computing, networking, storage, and software– as services. Transferring to such an infrastructure relies on virtualization and its dynamic construction ability to spread over a geographical area. The challenge is in finding effective mechanisms for isolating security issues in cloud infrastructure. Isolation implies creating security boundaries for protecting cloud assets at different levels of a cloud security architecture. Building security boundaries is critical not only for recognizing security violations but also for creating security solutions. However, it is challenging as virtual boundaries are not as clear-cut as physical boundaries in traditional infrastructure. The difficulty rises as virtual boundaries among components are not well defined and often undefined, and hence they are not visible/controllable by the providers. Additionally, defining object boundaries is extremely difficult because virtual objects are dynamic in both characteristics and functionality. Many efforts have been made to address security isolation challenges, but no attempt has been made to consider an overall solution to a dynamic, intelligent, programable, and on-demand security isolation system. Moreover, there is no platform/framework to deliver programmable and on-demand construction of security boundaries to protect cloud resources. We develop a new method to protect cloud infrastructure with new intelligent isolation mechanisms to detect and predict security breaks. This research applies promising new technologies, including software-defined networking and network function virtualization, in providing on-demand security services over large-scale cloud infrastructure and overcoming challenges in constructing dynamic security boundaries. To protect cloud resources, we propose a Policy-based Interaction Model and develop the Software-Defined Security Service. We develop a novel intelligent security isolation interaction algorithm to model security boundaries. To do so, we proposed a Policy-driven Interaction Model to construct dynamic security boundaries intelligently. A Software-Defined Security Service (SDS2) model was developed with three novel components, including security controller, Sec-Manage protocol, and the virtual security function. The SDS2 carries the concepts of a logically centralized security controller to provision on-demand security services. The research novelty lies in its innovative and intelligent security isolation interaction model, novel approach in detecting and predicting security violations, and constructing dynamic, programmable, and on-demand VSFs. It enables i) overall visibility on security boundaries within the cloud infrastructure, ii) the automation of provisioning security services on-demand, iii) a proactive security technique against security interaction violations, iv) separation of security services for both cloud providers and tenants

Is a Semantic Web Agent a Knowledge-Savvy Agent?

The issue of knowledge sharing has permeated the field of distributed AI and in particular, its successor, multiagent systems. Through the years, many research and engineering efforts have tackled the problem of encoding and sharing knowledge without the need for a single, centralized knowledge base. However, the emergence of modern computing paradigms such as distributed, open systems have highlighted the importance of sharing distributed and heterogeneous knowledge at a larger scale—possibly at the scale of the Internet. The very characteristics that define the Semantic Web—that is, dynamic, distributed, incomplete, and uncertain knowledge—suggest the need for autonomy in distributed software systems. Semantic Web research promises more than mere management of ontologies and data through the definition of machine-understandable languages. The openness and decentralization introduced by multiagent systems and service-oriented architectures give rise to new knowledge management models, for which we can’t make a priori assumptions about the type of interaction an agent or a service may be engaged in, and likewise about the message protocols and vocabulary used. We therefore discuss the problem of knowledge management for open multi-agent systems, and highlight a number of challenges relating to the exchange and evolution of knowledge in open environments, which pertinent to both the Semantic Web and Multi Agent System communities alike

An Approach to Agent-Based Service Composition and Its Application to Mobile

This paper describes an architecture model for multiagent systems that was developed in the European project LEAP (Lightweight Extensible Agent Platform). Its main feature is a set of generic services that are implemented independently of the agents and can be installed into the agents by the application developer in a flexible way. Moreover, two applications using this architecture model are described that were also developed within the LEAP project. The application domain is the support of mobile, virtual teams for the German automobile club ADAC and for British Telecommunications

Agricultural information dissemination using ICTs: a review and analysis of information dissemination models in China

Open Access funded by China Agricultural UniversityOver the last three decades, China’s agriculture sector has been transformed from the traditional to modern practice through the effective deployment of Information and Communication Technologies (ICTs). Information processing and dissemination have played a critical role in this transformation process. Many studies in relation to agriculture information services have been conducted in China, but few of them have attempted to provide a comprehensive review and analysis of different information dissemination models and their applications. This paper aims to review and identify the ICT based information dissemination models in China and to share the knowledge and experience in applying emerging ICTs in disseminating agriculture information to farmers and farm communities to improve productivity and economic, social and environmental sustainability. The paper reviews and analyzes the development stages of China’s agricultural information dissemination systems and different mechanisms for agricultural information service development and operations. Seven ICT-based information dissemination models are identified and discussed. Success cases are presented. The findings provide a useful direction for researchers and practitioners in developing future ICT based information dissemination systems. It is hoped that this paper will also help other developing countries to learn from China’s experience and best practice in their endeavor of applying emerging ICTs in agriculture information dissemination and knowledge transfer

Realising Team-Working in the Field: An Agent-based Approach

Multi-agent systems technology is applied to enable co-operation between mobile workers in the field, minimising user intervention and increasing reachability. A component-based approach is taken to simplify the management of deployed co-operation services. A Personal Assistant running on a mobile device is introduced to show how an intelligent and autonomous agent can increase the utility of users during workforce co-operation processes. Finally, a real world trial of the technology by network installation and maintenance engineers in the UK is described. Some technical issues revealed during the trial are discussed, as is the impact of the technology on the business process