User-hosted SOA infrastructure over XMPP

The principles of Service-Oriented Architecture (SOA) argue for the design of systems composed of re-usable coarse-grained software components which consume and provide services in a service ecosystem. Despite being commonly mentioned in an enterprise context, these are very present in the web - most web applications expose some of their data via APIs, which are then used by other web and mobile applications. The proliferation of user-owned connected devices has brought value to mobile application developers which can make use of locally-available sensors and capabilities and send their information to the web, centralizing the data flows. A more distributed approach would have device capabilities offered directly on the network as services hosted by the user. These pervasive user-hosted services could be made discoverable and available over a public federated service infrastructure. The infrastructure would provide transport over an identity layer, where endpoints are addressed by their identities instead of network identifiers, and on top of which services can be exposed to be consumed by trusted friends or anonymous users, as the hosting user prefers. The work presented in this paper explores the possibility of implementing a distributed social SOA over Extensible Messaging and Presence Protocol (XMPP). It differs from traditional SOA because it attempts to counter relative centralization of the web, in favour of a fully-distributed service ecosystem where each peer can behave both as service consumer and provider. Finally, an analysis is done on how suitable XMPP is to serve as a base protocol for such infrastructure

Kestrel: Job Distribution and Scheduling using XMPP

A new distributed computing framework, named Kestrel, for Many-Task Computing (MTC) applications and implementing Virtual Organization Clusters (VOCs) is proposed. Kestrel is a lightweight, highly available system based on the Extensible Messaging and Presence Protocol (XMPP), and has been developed to explore XMPP-based techniques for improving MTC and VOC tolerance to faults due to scaling and intermittently connected heterogeneous resources. Kestrel provides a VOC with a special purpose scheduler for VOCs which can provide better scalability under certain workload assumptions, namely CPU bound processes and bag-of-task applications. Experimental results have shown that Kestrel is capable of operating a VOC of at least 1600 worker nodes with all nodes visible to the scheduler at once. When using multiple sites located in both North America and Europe, the latencies introduced to the round trip time of messages were on the order of 0.3 seconds. To offset the overhead of XMPP processing, a task execution time of 2 seconds is sufficient for a pool of 900 workers on a single site to operate at near 100% use. Requiring tasks that take on the order of 30 seconds to a minute to execute would compensate for increased latency during job dispatch across multiple sites. Kestrel\u27s architecture is rooted in pilot job frameworks heavily used in Grid computing, it is also modeled after the use of IRC by botnets to communicate between compromised machines and command and control servers. For Kestrel, the extensibility of XMPP has allowed development of protocols for identifying manager nodes, discovering the capabilities of worker agents, and for distributing tasks. The presence notifications provided by XMPP allow Kestrel to monitor the global state of the pool and to perform task dispatching based on worker availability. In this work it is argued that XMPP is by design a very good fit for cloud computing frameworks. It offers scalability, federation between servers and some autonomicity of the agents. During the summer of 2010, Kestrel was used and modified based on feedback from the STAR group at Brookhaven National Laboratories. STAR provided a virtual machine image with applications for simulating proton collisions using PYTHIA and GEANT3. A Kestrel-based virtual organization cluster, created on top of Clemson University\u27s Palmetto cluster, was able to provide over 400,000 CPU hours of computation over the course of a month using an average of 800 virtual machine instances every day, generating nearly seven terabytes of data and the largest PYTHIA production run that STAR ever achieved. Several architectural issues were encountered during the course of the experiment and were resolved by moving from the original JSON protocols used by Kestrel to native XMPP equivalents that offered better message delivery confirmation and integration with existing tools

Scalable Architecture for Distributed Video

As video applications become more important in organization’s communication, they require a new kind of architecture that meets the scalability requirements. Video applications are distributed in nature, and run almost exclusively over IP networks today. This paper investigates the architectural approaches for creating a scalable video network, and discusses the key potential bottlenecks in performance that the architecture has to address. Due to the limited size, the paper may not be able to cover scalable recording, streaming, firewall traversal, and integrations with scheduling and management applications. Since this content exists, the outstanding issues will be addresses during the presentation and in the Q&A session

A survey of secure middleware for the Internet of Things

The rapid growth of small Internet connected devices, known as the Internet of Things (IoT), is creating a new set of challenges to create secure, private infrastructures. This paper reviews the current literature on the challenges and approaches to security and privacy in the Internet of Things, with a strong focus on how these aspects are handled in IoT middleware. We focus on IoT middleware because many systems are built from existing middleware and these inherit the underlying security properties of the middleware framework. The paper is composed of three main sections. Firstly, we propose a matrix of security and privacy threats for IoT. This matrix is used as the basis of a widespread literature review aimed at identifying requirements on IoT platforms and middleware. Secondly, we present a structured literature review of the available middleware and how security is handled in these middleware approaches. We utilise the requirements from the first phase to evaluate. Finally, we draw a set of conclusions and identify further work in this area

Contributions to presence-based systems for deploying ubiquitous communication services

Next-Generation Networks (NGNs) will converge the existing fixed and wireless networks. These networks rely on the IMS (IP Multimedia Subsystem), introduced by the 3GPP. The presence service came into being in instant messaging applications. A user¿s presence information consists in any context that is necessary for applications to handle and adapt the user's communications. The presence service is crucial in the IMS to deploy ubiquitous services. SIMPLE is the standard protocol for handling presence and instant messages. This protocol disseminates users' presence information through subscriptions, notifications and publications. SIMPLE generates much signaling traffic for constantly disseminating presence information and maintaining subscriptions, which may overload network servers. This issue is even more harmful to the IMS due to its centralized servers. A key factor in the success of NGNs is to provide users with always-on services that are seamlessly part of their daily life. Personalizing these services according to the users' needs is necessary for the success of these services. To this end, presence information is considered as a crucial tool for user-based personalization. This thesis can be briefly summarized through the following contributions: We propose filtering and controlling the rate of presence publications so as to reduce the information sent over access links. We probabilistically model presence information through Markov chains, and analyzed the efficiency of controlling the rate of publications that are modeled by a particular Markov chain. The reported results show that this technique certainly reduces presence overload. We mathematically study the amount of presence traffic exchanged between domains, and analyze the efficiency of several strategies for reducing this traffic. We propose an strategy, which we call Common Subscribe (CS), for reducing the presence traffic exchanged between federated domains. We compare this strategy traffic with that generated by other optimizations. The reported results show that CS is the most efficient at reducing presence traffic. We analyze the load in the number of messages that several inter-domain traffic optimizations cause to the IMS centralized servers. Our proposed strategy, CS, combined with an RLS (i.e., a SIMPLE optimization) is the only optimization that reduces the IMS load; the others increase this load. We estimate the efficiency of the RLS, thereby concluding that the RLS is not efficient under certain circumstances, and hence this optimization is discouraged. We propose a queuing system for optimizing presence traffic on both the network core and access link, which is capable to adapt the publication and notification rate based on some quality conditions (e.g, maximum delay). We probabilistically model this system, and validate it in different scenarios. We propose, and implement a prototype of, a fully-distributed platform for handling user presence information. This approach allows integrating Internet Services, such as HTTP or VoIP, and optimizing these services in an easy, user-personalized way. We have developed SECE (Sense Everything, Control Everything), a platform for users to create rules that handle their communications and Internet Services proactively. SECE interacts with multiple third-party services for obtaining as much user context as possible. We have developed a natural-English-like formal language for SECE rules. We have enhanced SECE for discovering web services automatically through the Web Ontology Language (OWL). SECE allows composing web services automatically based on real-world events, which is a significant contribution to the Semantic Web. The research presented in this thesis has been published through 3 book chapters, 4 international journals (3 of them are indexed in JCR), 10 international conference papers, 1 demonstration at an international conference, and 1 national conferenceNext-Generation Networks (NGNs) son las redes de próxima generación que soportaran la convergencia de redes de telecomunicación inalámbricas y fijas. La base de NGNs es el IMS (IP Multimedia Subsystem), introducido por el 3GPP. El servicio de presencia nació de aplicaciones de mesajería instantánea. La información de presencia de un usuario consiste en cualquier tipo de información que es de utilidad para manejar las comunicaciones con el usuario. El servicio de presencia es una parte esencial del IMS para el despliegue de servicios ubicuos. SIMPLE es el protocolo estándar para manejar presencia y mensajes instantáneos en el IMS. Este protocolo distribuye la información de presencia de los usuarios a través de suscripciones, notificaciones y publicaciones. SIMPLE genera mucho tráfico por la diseminación constante de información de presencia y el mantenimiento de las suscripciones, lo cual puede saturar los servidores de red. Este problema es todavía más perjudicial en el IMS, debido al carácter centralizado de sus servidores. Un factor clave en el éxito de NGNs es proporcionar a los usuarios servicios ubicuos que esten integrados en su vida diaria y asi interactúen con los usuarios constantemente. La personalización de estos servicios basado en los usuarios es imprescindible para el éxito de los mismos. Para este fin, la información de presencia es considerada como una herramienta base. La tesis realizada se puede resumir brevemente en los siguientes contribuciones: Proponemos filtrar y controlar el ratio de las publicaciones de presencia para reducir la cantidad de información enviada en la red de acceso. Modelamos la información de presencia probabilísticamente mediante cadenas de Markov, y analizamos la eficiencia de controlar el ratio de publicaciones con una cadena de Markov. Los resultados muestran que este mecanismo puede efectivamente reducir el tráfico de presencia. Estudiamos matemáticamente la cantidad de tráfico de presencia generada entre dominios y analizamos el rendimiento de tres estrategias para reducir este tráfico. Proponemos una estrategia, la cual llamamos Common Subscribe (CS), para reducir el tráfico de presencia entre dominios federados. Comparamos el tráfico generado por CS frente a otras estrategias de optimización. Los resultados de este análisis muestran que CS es la estrategia más efectiva. Analizamos la carga en numero de mensajes introducida por diferentes optimizaciones de tráfico de presencia en los servidores centralizados del IMS. Nuestra propuesta, CS, combinada con un RLS (i.e, una optimización de SIMPLE), es la unica optimización que reduce la carga en el IMS. Estimamos la eficiencia del RLS, deduciendo que un RLS no es eficiente en ciertas circunstancias, en las que es preferible no usar esta optimización. Proponemos un sistema de colas para optimizar el tráfico de presencia tanto en el núcleo de red como en la red de acceso, y que puede adaptar el ratio de publicación y notificación en base a varios parametros de calidad (e.g., maximo retraso). Modelamos y analizamos este sistema de colas probabilísticamente en diferentes escenarios. Proponemos una arquitectura totalmente distribuida para manejar las información de presencia del usuario, de la cual hemos implementado un prototipo. Esta propuesta permite la integracion sencilla y personalizada al usuario de servicios de Internet, como HTTP o VoIP, asi como la optimizacón de estos servicios. Hemos desarrollado SECE (Sense Everything, Control Everything), una plataforma donde los usuarios pueden crear reglas para manejar todas sus comunicaciones y servicios de Internet de forma proactiva. SECE interactúa con una multitud de servicios para conseguir todo el contexto possible del usuario. Hemos desarollado un lenguaje formal que parace como Ingles natural para que los usuarios puedan crear sus reglas. Hemos mejorado SECE para descubrir servicios web automaticamente a través del lenguaje OWL (Web Ontology Language)