SECURITY POLICY ENFORCEMENT IN APPLICATION ENVIRONMENTS USING DISTRIBUTED SCRIPT-BASED CONTROL STRUCTURES

Business processes involving several partners in different organisations impose demanding requirements on procedures for specification, execution and maintenance. A framework referred to as business process management (BPM) has evolved for this purpose over the last ten years. Other approaches, such as service-oriented architecture (SOA) or the concept of virtual organisations (VOs), assist in the definition of architectures and procedures for modelling and execution of so-called collaborative business processes (CBPs). Methods for the specification of business processes play a central role in this context, and, several standards have emerged for this purpose. Among these, Web Services Business Process Execution Language (WS-BPEL, usually abbreviated BPEL) has evolved to become the de facto standard for business process definition. As such, this language has been selected as the foundation for the research in this thesis. Having a broadly accepted standard would principally allow the specification of business processes in a platform-independent manner, including the capability to specify them at one location and have them executed at others (possibly spread across different organisations). Though technically feasible, this approach has significant security implications, particularly on the side that is to execute a process. The research project focused upon these security issues arising when business processes are specified and executed in a distributed manner. The central goal has been the development of methods to cope with the security issues arising when BPEL as a standard is deployed in such a way exploiting the significant aspect of a standard to be platform-independent The research devised novel methods for specifying security policies in such a manner that the assessment of compliance with these policies is greatly facilitated such that the assessment becomes suited to be performed automatically. An analysis of the securityrelevant semantics of BPEL as a specification language was conducted that resulted in the identification of so-called security-relevant semantic patterns. Based on these results, methods to specify security policy-implied restrictions in terms of such semantic patterns and to assess the compliance of BPEL scripts with these policies have been developed. These methods are particularly suited for assessment of remotely defined BPEL scripts since they allow for pre-execution enforcement of local security policies thereby mitigating or even removing the security implications involved in distributed definition and execution of business processes. As initially envisaged, these methods are comparatively easy to apply, as they are based on technologies customary for practitioners in this field. The viability of the methods proposed for automatic compliance assessment has been proven via a prototypic implementation of the essential functionality required for proof-of-concept.Darmstadt Node of the NRG Network at University of Applied Sciences Darmstad

ECOS 2012

The 8-volume set contains the Proceedings of the 25th ECOS 2012 International Conference, Perugia, Italy, June 26th to June 29th, 2012. ECOS is an acronym for Efficiency, Cost, Optimization and Simulation (of energy conversion systems and processes), summarizing the topics covered in ECOS: Thermodynamics, Heat and Mass Transfer, Exergy and Second Law Analysis, Process Integration and Heat Exchanger Networks, Fluid Dynamics and Power Plant Components, Fuel Cells, Simulation of Energy Conversion Systems, Renewable Energies, Thermo-Economic Analysis and Optimisation, Combustion, Chemical Reactors, Carbon Capture and Sequestration, Building/Urban/Complex Energy Systems, Water Desalination and Use of Water Resources, Energy Systems- Environmental and Sustainability Issues, System Operation/ Control/Diagnosis and Prognosis, Industrial Ecology

Inherently flexible software

Software evolution is an important and expensive consequence of software. As Lehman's First Law of Program Evolution states, software must be changed to satisfy new user requirements or become progressively less useful to the stakeholders of the software. Software evolution is difficult for a multitude of different reasons, most notably because of an inherent lack of evolveability of software, design decisions and existing requirements which are difficult to change and conflicts between new requirements and existing assumptions and requirements. Software engineering has traditionally focussed on improvements in software development techniques, with little conscious regard for their effects on software evolution. The thesis emphasises design for change, a philosophy that stems from ideas in preventive maintenance and places the ease of software evolution more at the centre of the design of software systems than it is at present. The approach involves exploring issues of evolveability, such as adaptability, flexibility and extensibility with respect to existing software languages, models and architectures. A software model, SEvEn, is proposed which improves on the evolveability of these existing software models by improving on their adaptability, flexibility and extensibility, and provides a way to determine the ripple effects of changes by providing a reflective model of a software system. The main conclusion is that, whilst software evolveability can be improved, complete adaptability, flexibility and extensibility of a software system is not possible, hi addition, ripple effects can't be completely eradicated because assumptions will always persist in a software system and new requirements may conflict with existing requirements. However, the proposed reflective model of software (which consists of a set of software entities, or abstractions, with the characteristic of increased evolveability) provides trace-ability of ripple effects because it explicitly models the dependencies that exist between software entities, determines how software entities can change, ascertains the adaptability of software entities to changes in other software entities on which they depend and determines how changes to software entities affect those software entities that depend on them

Transitioning to Affordable and Clean Energy

Transitioning to Affordable and Clean Energy is a collective volume which combines original contributions and review papers that address the question how the transition to clean and affordable energy can be governed. It will cover both general analyses of the governance of transition, including policy instruments, comparative studies of countries or policies, and papers setting out scientifically sound visions of a clean and just energy system. In particular, the following aspects are foregrounded: • Governing the supply and demand side transformation • Geographical and cultural differences and their consequences for the governance of energy transitions • Sustainability and justice related to energy transitions (e.g., approaches for addressing energy poverty) Transitioning to Affordable and Clean Energy is part of MDPI's new Open Access book series Transitioning to Sustainability. With this series, MDPI pursues environmentally and socially relevant research which contributes to efforts toward a sustainable world. Transitioning to Sustainability aims to add to the conversation about regional and global sustainable development according to the 17 SDGs. The book series is intended to reach beyond disciplinary, even academic boundaries

Managing computational complexity through using partitioning, approximation and coordination

Problem: Complex systems are composed of many interdependent subsystems with a level of complexity that exceeds the ability of a single designer. One way to address this problem is to partition the complex design problem into smaller, more manageable design tasks that can be handled by multiple design teams. Partitioning-based design methods are decision support tools that provide mathematical foundations, and computational methods to create such design processes. Managing the interdependency among these subsystems is crucial and a successful design process should meet the requirements of the whole system which needs coordinating the solutions for all the partitions after all. Approach: Partitioning and coordination should be performed to break down the system into subproblems, solve them and put these solutions together to come up with the ultimate system design. These two tasks of partitioning-coordinating are computationally demanding. Most of the proposed approaches are either computationally very expensive or applicable to only a narrow class of problems. These approaches also use exact methods and eliminate the uncertainty. To manage the computational complexity and uncertainty, we approximate each subproblem after partitioning the whole system. In engineering design, one way to approximate the reality is using surrogate models (SM) to replace the functions which are computationally expensive to solve. This task also is added to the proposed computational framework. Also, to automate the whole process, creating a knowledge-based reusable template for each of these three steps is required. Therefore, in this dissertation, we first partition/decompose the complex system, then, we approximate the subproblem of each partition. Afterwards, we apply coordination methods to guide the solutions of the partitions toward the ultimate integrated system design. Validation: The partitioning-approximation-coordination design approach is validated using the validation square approach that consists of theoretical and empirical validation. Empirical validation of the design architecture is carried out using two industry-driven problems namely the a hot rod rolling problem’, ‘a dam network design problem’, ‘a crime prediction problem’ and ‘a green supply chain design problem’. Specific sub-problems are formulated within these problem domains to address various research questions identified in this dissertation. Contributions: The contributions from the dissertation are categorized into new knowledge in five research domains: • Creating an approach to building an ensemble of surrogate models when the data is limited – when the data is limited, replacing computationally expensive simulations with accurate, low-dimensional, and rapid surrogates is very important but non-trivial. Therefore, a cross-validation-based ensemble modeling approach is proposed. • Using temporal and spatial analysis to manage the uncertainties - when the data is time-based (for example, in meteorological data analysis) and when we are dealing with geographical data (for example, in geographical information systems data analysis), instead of feature-based data analysis time series analysis and spatial statistics are required, respectively. Therefore, when the simulations are for time and space-based data, surrogate models need to be time and space-based. In surrogate modeling, there is a gap in time and space-based models which we address in this dissertation. We created, applied and evaluated the effectiveness of these models for a dam network planning and a crime prediction problem. • Removing assumptions regarding the demand distributions in green supply chain networks – in the existent literature for supply chain network design, there are always assumptions about the distribution of the demand. We remove this assumption in the partition-approximate-compose of the green supply chain design problem. • Creating new knowledge by proposing a coordination approach for a partitioned and approximated network design. A green supply chain under online (pull economy) and in-person (push economy) shopping channels is designed to demonstrate the utility of the proposed approach

Identification of Dynamic Systems Using Bayesian Networks

Cílem této práce je vytvoření spojení mezi Bayesovskými sítěmi a parametrickou identifikací dynamických systémů. Nejprvé byl zpracován průzkum dostupné literatury a byly zformulovány důležité teoretické základy. Poté jsou uvedeny modely dynamických systémů na bázi Bayesovských sítí. Těžištěm práce je návrh a ověření metodologie identifikace dynamických systémů pomocí Bayesovských sítí. Součástí metodologie je nový přístup k volbě řádu výsledného modelu. Na závěr, byla ověřena navržená metoda identifikace dynamických systémů pomocí Bayesovských sítí na fyzikálních modelech dynamických systémů.Obecně je možno konstatovat, že je disertační práce zaměřena na návrh nového přístupu k identifikaci dynamických systémů ovlivněných šumem. Uvedené modely dynamických systémů na bázi Bayesovských sítí mohou být také využité k estimaci stavu, sledování a řízení dynamických systémů.The aim of this thesis is to provide the bridging between Bayesian networks and system identification. Firstly, the literature review and necessary theoretical prerequisites are provided. Secondly, Bayesian network based models of dynamic systems are introduced. Next, the methodology of Bayesian network based system identification is proposed and explored on simulated datasets. In addition, a new approach to the order selection for a resulting model is proposed and verified. Finally, the proposed Bayesian network based system identification approach is verified on real dynamic systems.Overally, the thesis proposes a new approach to system identification of dynamic systems influenced by noisy signals. In addition, Bayesian network based models proposed in this thesis can be used for state estimation, monitoring and control of dynamic systems

Developing a framework for the modernisation of passenger railway maintenance depots in developing countries

Industrial Engineerin