Microservices Validation: Methodology and Implementation

Due to the wide spread of cloud computing, arises actual question about architecture, design and implementation of cloud applications. The microservice model describes the design and development of loosely coupled cloud applications when computing resources are provided on the basis of automated IaaS and PaaS cloud platforms. Such applications consist of hundreds and thousands of service instances, so automated validation and testing of cloud applications developed on the basis of microservice model is a pressing issue. There are constantly developing new methods of testing both individual microservices and cloud applications at a whole. This article presents our vision of a framework for the validation of the microservice cloud applications, providing an integrated approach for the implementation of various testing methods of such applications, from basic unit tests to continuous stability testing

Vulnerability analysis: protecting information in the IoT

The research was designed to study IoT security vulnerabilities and how to better protect IoT communications. By researching the system a Fitbit uses for communications, this research analyzes and reveals security defects in the IoT architecture. The research first uses a man-in the middle (MITM) attack to intercept and analyze the Fitbit system traffic to identify security weakness. Then uses a replay attack to further validate these flaws. Finally, countermeasures against these security threats are proposed. The research findings show the Fitbit’s IoT communication architecture has serious information security risks. Firstly, the Fitbit tested does not encrypt the raw data between the mobile app and Fitbit servers. It uses HTTPS to secure communication between the mobile phone and the Fitbit servers. Once HTTPS is broken, all raw data can be read and tampered with. Secondly, Fitbit uses Base64 credentials to associate the Fitbit tracker, and Fitbit app with the Fitbit user account. Base64 can be easily broken on the Internet or using other tools. Attackers can generate fake Base64 credentials to hack a user account. According to the experimental results from the study, the IoT should secure every node in its architecture. It is also necessary to encrypt the raw data and not just rely on HTTPS. It is recommended to replace the Base64 algorithm with AES and hashing

VR-Banway: implementação de um agregador local de dados de sensores em computadores de placa única e redes de malha

Mestrado em Engenharia de Computadores e TelemáticaInternet of Things (IoT) is a generic category of ICT architectures that includes the use of sensor-based, communication-enabled systems. A common architectural element in IoT is the sensors gateway that collects data from nearby sensors and relays them to higher-order remote services. The VR2Market project, in which this work is integrated, uses two implementations of the gateway, based on Android smartphones and RPI boards. With the new proposed IoT-inspired computing module, it is possible to migrate gateways to a smaller, more efficient hardware, while retaining the high-level programming abstraction. In this work, we propose and implement a new version of the gateway, named VR-Banway, using the Intel Edison compute module, taking into consideration the integration with additional service layers in VR2Market system, especially with respect to the required Ad hoc networks support. VR-Banway proved to be a solution capable of replacing the existing gateway component in the VR2Market system. The new approach uses a smaller module, reduces power consumption and is more portable. VR-Banway has been used in the context of firefighters monitoring, but is ready to be deployed in other domains.A Internet of Things (IoT) é uma categoria genérica das arquiteturas de TIC que inclui o uso de sistemas baseados em sensores e comunicações. Um elemento comum das arquiteturas IoT é o agregador que recolhe dados de sensores nas proximidades e reencaminha-os para serviços remotos de mais alto nível. O projeto VR2Market, no qual este trabalho está integrado, usa duas implementações do agregador de dados, implementados em Android e RPI. Com o novo módulo proposto, inspirado na IoT, é possível migrar os agregadores de dados para dispositivos mais pequenos e mais eficientes mantendo a abstração de programação de alto nível. Neste trabalho, propomos e implementamos uma nova versão do agregador de dados, chamado VR-Banway, usando o módulo computacional Intel Edison, tendo em consideração a integração de novas camadas de serviços no VR2Market, especialmente no que diz respeito ao suporte de redes Ad hoc. VR-Banway provou ser uma solução capaz de substituir o componente de agregador de dados existente no sistema VR2Market. A nova abordagem usa um módulo mais pequeno, reduz o consumo de energia e é mais portátil. VR-Banway foi usado no contexto de monitorização de bombeiros, mas está preparado para ser implementado noutros domínios

Overview of Cloud Computing

This updated book (Version 1.2) serves to fill a void in introductory textbook on cloud computing publishing. The target audience are readers with some technical background that are also interested in the business aspects of cloud computing. The book intentionally does not focus on technical details and does not include step-by-step instructions in order to avoid becoming obsolete too quickly. While new tools and concepts are sure to continue to come up at a rapid pace, the bulk of the book should remain true and useful for a number of years. Examples are usually based on the Google Cloud Platform, but the principles covered in the book are equally relevant to users of other cloud platforms.Published