Object-based Information Flow Control in Peer-to-peer Publish/Subscribe Systems

Distributed systems are getting so scalable like IoT (Internet of Things) and P2P (Peer-to-Peer) systems that millions of devices are connected and support various types of applications. Here, distributed systems are required to be secure in addition to increasing the performance, reliability, and availability and reducing the energy consumption. In distributed systems, information in objects flows to other objects by transactions reading and writing data in the objects. Here, some information of an object may illegally flow to a subject which is not allowed to get the information of the object. Especially, a leakage of sensitive information is to be prevented from occurring. In order to keep information systems secure, illegal information flow among objects has to be prevented. Types of synchronization protocols are so far discussed based on read and write access rights in the RBAC (Role-Based Access Control) model to prevent illegal information flow.In this thesis, we newly propose a P2PPSO (P2P type of topic-based PS (Publish/Subscribe) with Object concept) model and discuss the models and protocols for information flow control. A P2PPSO model is composed of peer processes (peers) which communicate with one another by publishing and subscribing event messages. Each peer can both publish and receive event messages with no centralized coordinator compared with traditional centralized PS models. Each event message published by a source peer carries information to a target peer. The contents carried by an event message are considered to be composed of objects. An object is a unit of data resource. Objects are characterized by topics, and each event message is also characterized by topics named publication topics.In order to make a P2PPSO system secure, we first newly propose a TBAC (Topic-Based Access Control) model. Here, an access right is a pair ⟨t, op⟩ of a topic t and a publish or subscribe operation op. A peer is allowed to publish an event message with publication topics and subscribe interesting topics only if the publication and subscription access rights are granted to the peer, respectively. Suppose an event message e_j published by a peer p_j carries an object on some topics into a target peer p_i. Here, information in the peer p_j illegally flows to the peer p_i if the target peer p_i is not allowed to subscribe the topics. An illegal object is an object whose topics a target peer is not allowed to subscribe. Even if an event message is received by a target peer by checking topics, objects carried by the event message may be illegal at the target peer. Hence, first, we propose a TOBS (Topics-of-Objects-Based Synchronization) protocol to prevent target peers from being delivered illegal objects in the P2PPSO system. Here, even if an event message is received by a target peer, illegal objects in the event message are not delivered to the target peer.In the TOBS protocol, every event message is assumed to be causally delivered to every common target peer in the underlying network. Suppose an event message e_2 is delivered to a target peer p_i before another event message e_1 while the event message e_1 causally precedes the event message e_2 (e_1 →_c e_2). Here, the event message e_2 is premature at the peer p_i. Hence, secondly, we propose a TOBSCO (TOBS with Causally Ordering delivery) protocol where the function to causally deliver every pair of event messages is added to the TOBS protocol. Here, we assume the underlying network supports reliable communication among every pair of peers, i.e. no event message loss, no duplicate message, and the sending order delivery of messages. Every pair of event messages received by using topics are causally delivered to every common target peer by using the vector of sequence numbers.In the TOBS and TOBSCO protocols, objects delivered to target peers are held as replicas of the objects by the target peers. If a peer updates data of an object, the peer distributes event messages, i.e. update event messages, to update every replica of the object obtained by other peers. If a peer updates an object without changing topics, the object is referred to as altered. Here, an update event message for the altered object is meaningless since peers check only topics to exchange event messages. Hence, thirdly, we propose an ETOBSCO (Efficient TOBSCO) protocol where update event messages of objects are published only if topics of the objects are updated to reduce the network overhead.In the evaluation, first, we show how many numbers of event messages and objects are prevented from being delivered to target peers in the TOBS protocol. Next, we show every pair of event messages are causally delivered but it takes longer to deliver event messages in the TOBSCO protocol than the TOBS protocol. Finally, we show the fewer number of event messages are delivered while it takes longer to update replicas of altered objects in the ETOBSCO protocol than the TOBSCO protocol.博士(工学)法政大学 (Hosei University

Connected Information Management

Society is currently inundated with more information than ever, making efficient management a necessity. Alas, most of current information management suffers from several levels of disconnectedness: Applications partition data into segregated islands, small notes don’t fit into traditional application categories, navigating the data is different for each kind of data; data is either available at a certain computer or only online, but rarely both. Connected information management (CoIM) is an approach to information management that avoids these ways of disconnectedness. The core idea of CoIM is to keep all information in a central repository, with generic means for organization such as tagging. The heterogeneity of data is taken into account by offering specialized editors. The central repository eliminates the islands of application-specific data and is formally grounded by a CoIM model. The foundation for structured data is an RDF repository. The RDF editing meta-model (REMM) enables form-based editing of this data, similar to database applications such as MS access. Further kinds of data are supported by extending RDF, as follows. Wiki text is stored as RDF and can both contain structured text and be combined with structured data. Files are also supported by the CoIM model and are kept externally. Notes can be quickly captured and annotated with meta-data. Generic means for organization and navigation apply to all kinds of data. Ubiquitous availability of data is ensured via two CoIM implementations, the web application HYENA/Web and the desktop application HYENA/Eclipse. All data can be synchronized between these applications. The applications were used to validate the CoIM ideas

Mobile Ad-Hoc Networks

Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: vehicular ad-hoc networks, security and caching, TCP in ad-hoc networks and emerging applications. It is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks

Aspects of Leadership

Aspects of Leadership is a new book edited by Lieutenant Colonel Carroll Connelley and Dr. Paolo Tripodi, the Ethics Branch head, and comprised of essays by a group of 20 leadership and ethics scholars and practitioners. The Lejeune Leadership Institute Ethics Branch, Marine Corps University, provides current and relevant scholarly research and instruction on ethics and moral leadership and the law of war. This collection of essays provides timely and insightful views on current leadership behavior and ethical concerns that men and women of the armed forces face in the demanding, complex, and prolonged decade of armed conflict

Technologies and Applications for Big Data Value

This open access book explores cutting-edge solutions and best practices for big data and data-driven AI applications for the data-driven economy. It provides the reader with a basis for understanding how technical issues can be overcome to offer real-world solutions to major industrial areas. The book starts with an introductory chapter that provides an overview of the book by positioning the following chapters in terms of their contributions to technology frameworks which are key elements of the Big Data Value Public-Private Partnership and the upcoming Partnership on AI, Data and Robotics. The remainder of the book is then arranged in two parts. The first part “Technologies and Methods” contains horizontal contributions of technologies and methods that enable data value chains to be applied in any sector. The second part “Processes and Applications” details experience reports and lessons from using big data and data-driven approaches in processes and applications. Its chapters are co-authored with industry experts and cover domains including health, law, finance, retail, manufacturing, mobility, and smart cities. Contributions emanate from the Big Data Value Public-Private Partnership and the Big Data Value Association, which have acted as the European data community's nucleus to bring together businesses with leading researchers to harness the value of data to benefit society, business, science, and industry. The book is of interest to two primary audiences, first, undergraduate and postgraduate students and researchers in various fields, including big data, data science, data engineering, and machine learning and AI. Second, practitioners and industry experts engaged in data-driven systems, software design and deployment projects who are interested in employing these advanced methods to address real-world problems

Technologies and Applications for Big Data Value

This open access book explores cutting-edge solutions and best practices for big data and data-driven AI applications for the data-driven economy. It provides the reader with a basis for understanding how technical issues can be overcome to offer real-world solutions to major industrial areas. The book starts with an introductory chapter that provides an overview of the book by positioning the following chapters in terms of their contributions to technology frameworks which are key elements of the Big Data Value Public-Private Partnership and the upcoming Partnership on AI, Data and Robotics. The remainder of the book is then arranged in two parts. The first part “Technologies and Methods” contains horizontal contributions of technologies and methods that enable data value chains to be applied in any sector. The second part “Processes and Applications” details experience reports and lessons from using big data and data-driven approaches in processes and applications. Its chapters are co-authored with industry experts and cover domains including health, law, finance, retail, manufacturing, mobility, and smart cities. Contributions emanate from the Big Data Value Public-Private Partnership and the Big Data Value Association, which have acted as the European data community's nucleus to bring together businesses with leading researchers to harness the value of data to benefit society, business, science, and industry. The book is of interest to two primary audiences, first, undergraduate and postgraduate students and researchers in various fields, including big data, data science, data engineering, and machine learning and AI. Second, practitioners and industry experts engaged in data-driven systems, software design and deployment projects who are interested in employing these advanced methods to address real-world problems

Equality Governance via Policy Analysis? The Implementation of Gender Impact Assessment in the European Union and Gender-based Analysis in Canada

Gender impact assessment has been both celebrated as a beacon of hope for the cause of gender equality and criticised as being ineffectual. More than 20 years of gender mainstreaming have demonstrated that equality governance with and through impact assessment is an intersectional and still evolving process. Arn T. Sauer's study examines the instruments of gendered policy analysis and the conditions under which they are being used by the Canadian federal government and the European Commission. Interviews with experts from public administration and instrument designers as well as document analyses reveal benefits and challenges and show that the success of equality governance depends upon whether knowledge about gendered policy and appropriate administrative practices are embedded, embodied and entrenched in public administration

Equality Governance via Policy Analysis?

Gender impact assessment has been both celebrated as a beacon of hope for the cause of gender equality and criticised as being ineffectual. More than 20 years of gender mainstreaming have demonstrated that equality governance with and through impact assessment is an intersectional and still evolving process. Arn T. Sauer's study examines the instruments of gendered policy analysis and the conditions under which they are being used by the Canadian federal government and the European Commission. Interviews with experts from public administration and instrument designers as well as document analyses reveal benefits and challenges and show that the success of equality governance depends upon whether knowledge about gendered policy and appropriate administrative practices are embedded, embodied and entrenched in public administration

Equality Governance via Policy Analysis?

Gender impact assessment has been both celebrated as a beacon of hope for the cause of gender equality and criticised as being ineffectual. More than 20 years of gender mainstreaming have demonstrated that equality governance with and through impact assessment is an intersectional and still evolving process. Arn T. Sauer's study examines the instruments of gendered policy analysis and the conditions under which they are being used by the Canadian federal government and the European Commission. Interviews with experts from public administration and instrument designers as well as document analyses reveal benefits and challenges and show that the success of equality governance depends upon whether knowledge about gendered policy and appropriate administrative practices are embedded, embodied and entrenched in public administration