A Flexible and Secure Deployment Framework for Distributed Applications

This paper describes an implemented system which is designed to support the deployment of applications offering distributed services, comprising a number of distributed components. This is achieved by creating high level placement and topology descriptions which drive tools that deploy applications consisting of components running on multiple hosts. The system addresses issues of heterogeneity by providing abstractions over host-specific attributes yielding a homogeneous run-time environment into which components may be deployed. The run-time environments provide secure binding mechanisms that permit deployed components to bind to stored data and services on the hosts on which they are running.Comment: 2nd International Working Conference on Component Deployment (CD 2004), Edinburgh, Scotlan

A Middleware Framework for Constraint-Based Deployment and Autonomic Management of Distributed Applications

We propose a middleware framework for deployment and subsequent autonomic management of component-based distributed applications. An initial deployment goal is specified using a declarative constraint language, expressing constraints over aspects such as component-host mappings and component interconnection topology. A constraint solver is used to find a configuration that satisfies the goal, and the configuration is deployed automatically. The deployed application is instrumented to allow subsequent autonomic management. If, during execution, the manager detects that the original goal is no longer being met, the satisfy/deploy process can be repeated automatically in order to generate a revised deployment that does meet the goal.Comment: Submitted to Middleware 0

Secure Component Deployment in the OSGi(tm) Release 4 Platform

Last years have seen a dramatic increase in the use of component platforms, not only in classical application servers, but also more and more in the domain of Embedded Systems. The OSGi(tm) platform is one of these platforms dedicated to lightweight execution environments, and one of the most prominent. However, new platforms also imply new security flaws, and a lack of both knowledge and tools for protecting the exposed systems. This technical report aims at fostering the understanding of security mechanisms in component deployment. It focuses on securing the deployment of components. It presents the cryptographic mechanisms necessary for signing OSGi(tm) bundles, as well as the detailed process of bundle signature and validation. We also present the SFelix platform, which is a secure extension to Felix OSGi(tm) framework implementation. It includes our implementation of the bundle signature process, as specified by OSGi(tm) Release 4 Security Layer. Moreover, a tool for signing and publishing bundles, SFelix JarSigner, has been developed to conveniently integrate bundle signature in the bundle deployment process

Provalets: Component-Based Mobile Agents as Microservices for Rule-Based Data Access, Processing and Analytics

Provalets are mobile rule agents for rule-based data access, semantic processing, and inference analytics. They can be dynamically deployed as microservices from Maven repositories into standardized container environments such as OSGi, where they can be used via simple REST calls. The programming model supports rapid prototyping and reuse of Provalets components to build Linked Enterprise Data applications where the sensible corporate data is not transmitted outside the enterprise, but instead the Provalets providing data processing and knowledge inference capabilities are moved closer to the data

NetServ Framework Design and Implementation 1.0

Eyeball ISPs today are under-utilizing an important asset: edge routers. We present NetServ, a programmable node architecture aimed at turning edge routers into distributed service hosting platforms. This allows ISPs to allocate router resources to content publishers and application service pro\-vi\-ders motivated to deploy content and services at the network edge. This model provides important benefits over currently available solutions like CDN. Content and services can be brought closer to end users by dynamically installing and removing custom modules as needed throughout the network. Unlike previous programmable router proposals which focused on customizing features of a router, NetServ focuses on deploying content and services. All our design decisions reflect this change in focus. We set three main design goals: a wide-area deployment, a multi-user execution environment, and a clear economic benefit. We built a prototype using Linux, NSIS signaling, and the Java OSGi framework. We also implemented four prototype applications: ActiveCDN provides publisher-specific content distribution and processing; KeepAlive Responder and Media Relay reduce the infrastructure needs of telephony providers; and Overload Control makes it possible to deploy more flexible algorithms to handle excessive traffic

Analysis of key aspects to manage Wireless Sensor Networks in Ambient Assisted Living environments

Wireless Sensor Networks (WSN) based on ZigBee/IEEE 802.15.4 will be key enablers of non-invasive, highly sensitive infrastructures to support the provision of future ambient assisted living services. This paper addresses the main design concerns and requirements when conceiving ambient care systems (ACS), frameworks to provide remote monitoring, emergency detection, activity logging and personal notifications dispatching services. In particular, the paper describes the design of an ACS built on top of a WSN composed of Crossbow's MICAz devices, external sensors and PDAs enabled with ZigBee technology. The middleware is integrated in an OSGi framework that processes the acquired information to provide ambient services and also enables smart network control. From our experience, we consider that in a future, the combination of ZigBee technology together with a service oriented architecture may be a versatile approach to AAL services offering, both from the technical and business points of view