An Access Control and Trust Management Framework for Loosely-Coupled Multidomain Environment

Multidomain environments where multiple organizations interoperate with each other are becoming a reality as can be seen in emerging Internet-based enterprise applications. Access control to ensure secure interoperation in such an environment is a crucial challenge. A multidomain environment can be categorized as tightly-coupled and loosely-coupled. The access control challenges in the loosely-coupled environment have not been studied adequately in the literature. In a loosely-coupled environment, different domains do not know each other before they interoperate. Therefore, traditional approaches based on users' identities cannot be applied directly. Motivated by this, researchers have developed several attribute-based authorization approaches to dynamically build trust between previously unknown domains. However, these approaches all focus on building trust between individual requesting users and the resource providing domain. We demonstrate that such approaches are inefficient when the requests are issued by a set of users assigned to a functional role in the organization. Moreover, preserving principle of security has long been recognized as a challenging problem when facilitating interoperations. Existing research work has mainly focused on solving this problem only in a tightly-coupled environment where a global policy is used to preserve the principle of security. In this thesis, we propose a role-based access control and trust management framework for loosely-coupled environments. In particular, we allow the users to specify the interoperation requests in terms of requested permissions and propose several role mapping algorithms to map the requested permissions into roles in the resource providing domain. Then, we propose a Simplify algorithm to simplify the distributed proof procedures when a set of requests are issued according to the functions of some roles in the requesting domain. Our experiments show that our Simplify algorithm significantly simplifies such procedures when the total number of credentials in the environment is sufficiently large, which is quite common in practical applications. Finally, we propose a novel policy integration approach using the special semantics of hybrid role hierarchy to preserve the principle of security. At the end of this dissertation a brief discussion of implemented prototype of our framework is present

Interoperability, Trust Based Information Sharing Protocol and Security: Digital Government Key Issues

Improved interoperability between public and private organizations is of key significance to make digital government newest triumphant. Digital Government interoperability, information sharing protocol and security are measured the key issue for achieving a refined stage of digital government. Flawless interoperability is essential to share the information between diverse and merely dispersed organisations in several network environments by using computer based tools. Digital government must ensure security for its information systems, including computers and networks for providing better service to the citizens. Governments around the world are increasingly revolving to information sharing and integration for solving problems in programs and policy areas. Evils of global worry such as syndrome discovery and manage, terror campaign, immigration and border control, prohibited drug trafficking, and more demand information sharing, harmonization and cooperation amid government agencies within a country and across national borders. A number of daunting challenges survive to the progress of an efficient information sharing protocol. A secure and trusted information-sharing protocol is required to enable users to interact and share information easily and perfectly across many diverse networks and databases globally.Comment: 20 page

Viewpoints on emergent semantics

Authors include:Philippe Cudr´e-Mauroux, and Karl Aberer (editors), Alia I. Abdelmoty, Tiziana Catarci, Ernesto Damiani, Arantxa Illaramendi, Robert Meersman, Erich J. Neuhold, Christine Parent, Kai-Uwe Sattler, Monica Scannapieco, Stefano Spaccapietra, Peter Spyns, and Guy De Tr´eWe introduce a novel view on how to deal with the problems of semantic interoperability in distributed systems. This view is based on the concept of emergent semantics, which sees both the representation of semantics and the discovery of the proper interpretation of symbols as the result of a self-organizing process performed by distributed agents exchanging symbols and having utilities dependent on the proper interpretation of the symbols. This is a complex systems perspective on the problem of dealing with semantics. We highlight some of the distinctive features of our vision and point out preliminary examples of its applicatio

Privacy-preserved security-conscious framework to enhance web service composition

The emergence of loosely coupled and platform-independent Service-Oriented Computing (SOC) has encouraged the development of large computing infrastructures like the Internet, thus enabling organizations to share information and offer valueadded services tailored to a wide range of user needs. Web Service Composition (WSC) has a pivotal role in realizing the vision of implementing just about any complex business processes. Although service composition assures cost-effective means of integrating applications over the Internet, it remains a significant challenge from various perspectives. Security and privacy are among the barriers preventing a more extensive application of WSC. First, users possess limited prior knowledge of security concepts. Second, WSC is hindered by having to identify the security required to protect critical user information. Therefore, the security available to users is usually not in accordance with their requirements. Moreover, the correlation between user input and orchestration architecture model is neglected in WSC with respect to selecting a high performance composition execution process. The proposed framework provides not only the opportunity to securely select services for use in the composition process but also handles service users’ privacy requirements. All possible user input states are modelled with respect to the extracted user privacy preferences and security requirements. The proposed approach supports the mathematical modelling of centralized and decentralized orchestration regarding service provider privacy and security policies. The output is then utilized to compare and screen the candidate composition routes and to select the most secure composition route based on user requests. The D-optimal design is employed to select the best subset of all possible experiments and optimize the security conscious of privacy-preserving service composition. A Choreography Index Table (CIT) is constructed for selecting a suitable orchestration model for each user input and to recommend the selected model to the choreographed level. Results are promising that indicate the proposed framework can enhance the choreographed level of the Web service composition process in making adequate decisions to respond to user requests in terms of higher security and privacy. Moreover, the results reflect a significant value compared to conventional WSC, and WSC optimality was increased by an average of 50% using the proposed CIT

Claims-aware middleware for securing IoT services

Take a look at the world around us. There has been tremendous change in the way of living. With the world around us getting smart, Internet of Things is gaining ground in our life. Applications like smart home and eHealth are so user friendly that any person with zero programming background is able to use it. But for the developer, due to the ubiquitous nature and distributed architecture of IoT which includes devices, applications and humans, it presents a complex structure. Also, the incorporation of thousands of heterogeneous things with different configurations into a single network creates the risk of threat against security and privacy. These challenges make the significance of a middleware important. Middleware is a software layer that provides the platform for various devices with different protocols to communicate with ease and provides all the functions intended for a particular task. Hosting these tasks as microservices simplifies the job of an application developer. In this thesis work, we introduce a claims-aware middleware to address one of the major challenges in IoT which is security. A proof of concept has been developed by implementing a prototype of our framework. The evaluation results of the prototype show the feasibility and the stability of the security framework

SoK: Exploring Blockchains Interoperability

Distributed ledger technologies like blockchain have gained great attention in both academia and industry. Blockchain as a potentially disruptive technology can advance many different fields, e.g., cryptocurrencies, supply chains, and the industrial Internet of Things. The next-generation blockchain ecosystem is expected to consist of various homogeneous and heterogeneous distributed ledgers. These ledger systems will inevitably require a certain level of proper cooperation of multiple blockchains to enrich advanced functionalities and enhance interoperable capabilities for future applications. The interoperability among blockchains will definitely revolutionize current blockchain design principles, like the emergence of Internet. The development of cross-blockchain applications involves much complexity regarding the variety of underlying cross-blockchain communication. The way to effectively enable interoperability across multiple blockchains is thus essential and expecting to confront various unprecedented challenges. For instance, due to different transaction structures, ensuring the properties of ACID (Atomicity, Consistency, Isolation, Durability) in transactions processing and verification processes across diverse blockchain systems remains a challenging task in both academia and industry. This paper provides a systematic and comprehensive review of the current progress of blockchain interoperability. We explore both general principles and practical schemes to achieve interoperable blockchain systems. We then survey and compare the state-of-the-art solutions to deal with the interoperability of blockchains in detail. Finally, we discuss several critical challenges and some potential research directions to advance the research on exploring blockchain interoperability

Smart Manufacturing

This book is a collection of 11 articles that are published in the corresponding Machines Special Issue “Smart Manufacturing”. It represents the quality, breadth and depth of the most updated study in smart manufacturing (SM); in particular, digital technologies are deployed to enhance system smartness by (1) empowering physical resources in production, (2) utilizing virtual and dynamic assets over the Internet to expand system capabilities, (3) supporting data-driven decision-making activities at various domains and levels of businesses, or (4) reconfiguring systems to adapt to changes and uncertainties. System smartness can be evaluated by one or a combination of performance metrics such as degree of automation, cost-effectiveness, leanness, robustness, flexibility, adaptability, sustainability, and resilience. This book features, firstly, the concepts digital triad (DT-II) and Internet of digital triad things (IoDTT), proposed to deal with the complexity, dynamics, and scalability of complex systems simultaneously. This book also features a comprehensive survey of the applications of digital technologies in space instruments; a systematic literature search method is used to investigate the impact of product design and innovation on the development of space instruments. In addition, the survey provides important information and critical considerations for using cutting edge digital technologies in designing and manufacturing space instruments