1,661 research outputs found
Recommended from our members
Towards a Security, Privacy, Dependability, Interoperability Framework for the Internet of Things
A popular application of ambient intelligence systems constitutes of assisting living services on smart buildings. As intelligence is imported in embedded equipment, the system becomes able to provide smart services (e.g. control lights, airconditioning, provide energy management services etc.). IoT is the main enabler of such environments. However, the interconnection of these cyber-physical systems and the processing of personal data raise serious security and privacy issues. In this paper we present a framework that can guarantee Security, Privacy, Dependability and Interoperability (SPDI) in IoT. Taking advantage of the underlying IoT deployment, the proposed framework not only implements the requested smart functionality but also provide modelling and administration that can guarantee those SPDI properties. Moreover, we provide an application example of the framework in a smart building scenario
The case for cloud service trustmarks and assurance-as-a-service
Cloud computing represents a significant economic opportunity for Europe. However, this growth is threatened by adoption barriers largely related to trust. This position paper examines trust and confidence issues in cloud computing and advances a case for addressing them through the implementation of a novel trustmark scheme for cloud service providers. The proposed trustmark would be both active and dynamic featuring multi-modal information about the performance of the underlying cloud service. The trustmarks would be informed by live performance data from the cloud service provider, or ideally an independent third-party accountability and assurance service that would communicate up-to-date information relating to service performance and dependability. By combining assurance measures with a remediation scheme, cloud service providers could both signal dependability to customers and the wider marketplace and provide customers, auditors and regulators with a mechanism for determining accountability in the event of failure or non-compliance. As a result, the trustmarks would convey to consumers of cloud services and other stakeholders that strong assurance and accountability measures are in place for the service in question and thereby address trust and confidence issues in cloud computing
Size Matters: Microservices Research and Applications
In this chapter we offer an overview of microservices providing the
introductory information that a reader should know before continuing reading
this book. We introduce the idea of microservices and we discuss some of the
current research challenges and real-life software applications where the
microservice paradigm play a key role. We have identified a set of areas where
both researcher and developer can propose new ideas and technical solutions.Comment: arXiv admin note: text overlap with arXiv:1706.0735
The Case for Cloud Service Trustmarks and Assurance-as-a-Service
Cloud computing represents a significant economic opportunity for Europe.
However, this growth is threatened by adoption barriers largely related to
trust. This position paper examines trust and confidence issues in cloud
computing and advances a case for addressing them through the implementation of
a novel trustmark scheme for cloud service providers. The proposed trustmark
would be both active and dynamic featuring multi-modal information about the
performance of the underlying cloud service. The trustmarks would be informed
by live performance data from the cloud service provider, or ideally an
independent third-party accountability and assurance service that would
communicate up-to-date information relating to service performance and
dependability. By combining assurance measures with a remediation scheme, cloud
service providers could both signal dependability to customers and the wider
marketplace and provide customers, auditors and regulators with a mechanism for
determining accountability in the event of failure or non-compliance. As a
result, the trustmarks would convey to consumers of cloud services and other
stakeholders that strong assurance and accountability measures are in place for
the service in question and thereby address trust and confidence issues in
cloud computing.Comment: 6 pages and 1 figur
Distribution pattern-driven development of service architectures
Distributed systems are being constructed by composing a number of discrete components. This practice is particularly prevalent within the Web service domain in the form of service process orchestration and choreography. Often, enterprise systems are built from many existing discrete applications such as legacy applications exposed using Web service interfaces. There are a number of architectural configurations or distribution patterns, which express how a composed system is to be deployed in a distributed environment. However, the amount of code
required to realise these distribution patterns is considerable. In this paper, we propose a distribution
pattern-driven approach to service composition and architecting. We develop, based on a catalog of patterns, a UML-compliant framework, which takes existing Web service interfaces as its input and generates executable Web service compositions based on a distribution pattern chosen by the software architect
Recommended from our members
Survivor: An Approach for Adding Dependability to Legacy Workflow Systems
Although they often provide critical services, most workflow systems are not dependable. There has been much literature on dependable/survivable distributed systems; most is concerned with developing new architectures, not adapting pre-existing ones. Additionally, the literature is focused on hardening, security-based defense, as opposed to recovery. For deployed systems, it is often infeasible to completely replace existing infrastructures; what is more pragmatic are ways in which existing distributed systems can be adapted to offer better dependability. In this paper, we outline a general architecture that can easily be retrofitted to legacy workflow systems in order to improve dependability and fault tolerance. We do this by monitoring enactment and replicating partial workflow states as tools for detection, analysis and recovery. We discuss some policies that can guide these mechanisms. Finally, we describe and evaluate our implementation, Survivor, which modified an existing workflow system provided by the Naval Research Lab
Enforcing reputation constraints on business process workflows
The problem of trust in determining the flow of execution of business processes has been in the centre of research interst in the last decade as business processes become a de facto model of Internet-based commerce, particularly with the increasing popularity in Cloud computing. One of the main mea-sures of trust is reputation, where the quality of services as provided to their clients can be used as the main factor in calculating service and service provider reputation values. The work presented here contributes to the solving of this problem by defining a model for the calculation of service reputa-tion levels in a BPEL-based business workflow. These levels of reputation are then used to control the execution of the workflow based on service-level agreement constraints provided by the users of the workflow. The main contribution of the paper is to first present a formal meaning for BPEL processes, which is constrained by reputation requirements from the users, and then we demonstrate that these requirements can be enforced using a reference architecture with a case scenario from the domain of distributed map processing. Finally, the paper discusses the possible threats that can be launched on such an architecture
An LTL Semantics of Business Workflows with Recovery
We describe a business workflow case study with abnormal behavior management
(i.e. recovery) and demonstrate how temporal logics and model checking can
provide a methodology to iteratively revise the design and obtain a correct-by
construction system. To do so we define a formal semantics by giving a
compilation of generic workflow patterns into LTL and we use the bound model
checker Zot to prove specific properties and requirements validity. The working
assumption is that such a lightweight approach would easily fit into processes
that are already in place without the need for a radical change of procedures,
tools and people's attitudes. The complexity of formalisms and invasiveness of
methods have been demonstrated to be one of the major drawback and obstacle for
deployment of formal engineering techniques into mundane projects
Issues about the Adoption of Formal Methods for Dependable Composition of Web Services
Web Services provide interoperable mechanisms for describing, locating and
invoking services over the Internet; composition further enables to build
complex services out of simpler ones for complex B2B applications. While
current studies on these topics are mostly focused - from the technical
viewpoint - on standards and protocols, this paper investigates the adoption of
formal methods, especially for composition. We logically classify and analyze
three different (but interconnected) kinds of important issues towards this
goal, namely foundations, verification and extensions. The aim of this work is
to individuate the proper questions on the adoption of formal methods for
dependable composition of Web Services, not necessarily to find the optimal
answers. Nevertheless, we still try to propose some tentative answers based on
our proposal for a composition calculus, which we hope can animate a proper
discussion
- …