58,670 research outputs found
A SEMANTIC BASED POLICY MANAGEMENT FRAMEWORK FOR CLOUD COMPUTING ENVIRONMENTS
Cloud computing paradigm has gained tremendous momentum and generated intensive interest.
Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption.
In this dissertation, we mainly focus on issues related to policy management and access control in the cloud.
Currently, users have to use diverse access control mechanisms to protect their data when stored on the cloud service providers (CSPs).
Access control policies may be specified in different policy languages and heterogeneity of access policies pose significant problems.An ideal policy management system should be able to work with all data regardless of where they are stored.
Semantic Web technologies when used for policy management, can help address the crucial issues of interoperability of heterogeneous CSPs.
In this dissertation, we propose a semantic based policy management framework for cloud computing environments which consists of two main components, namely policy management and specification component and policy evolution component.
In the policy management and specification component, we first introduce policy management as a service (PMaaS), a cloud based policy management framework that give cloud users a unified control point for specifying authorization policies, regardless of where the data is stored. Then, we present semantic based policy management framework which enables users to specify access control policies using semantic web technologies and helps address heterogeneity issues of cloud computing environments.
We also model temporal constraints and restrictions in GTRBAC using OWL and show how ontologies can be used to specify temporal constraints.
We present a proof of concept implementation of the proposed framework and provide some performance evaluation.
In the policy evolution component, we propose to use role mining techniques to deal with policy evolution issues and present StateMiner, a heuristic algorithm to find an RBAC state as close as possible to both the deployed RBAC state and the optimal state. We also implement the proposed algorithm and perform some experiments to demonstrate its effectiveness
Implementation of Aspect-oriented Business Process Models with Web Services
In software development, crosscutting concerns, such as security, audit, access control, authentication, logging, persistence, transaction, error handling etc. can be modularized using the aspect-oriented paradigm. In busi- ness process modeling, aspects have been used to reduce visualization complexity, increase reuse and improve model maintainability. There are techniques which address aspects in modeling and implementation phases of business process; however, these techniques adopt different semantic representations, hindering the integration of these phases into the BPM lifecycle. This work proposes an architecture for service discovery capable of selecting web services that implement crosscutting concerns and meet the goals established in the aspect modeling phase, executing them accordingly with a prioritization. A proof of concept to analyze the proposed architecture and generated artifacts was performed. Afterwards, the proposal was evaluated by means of an experiment. The results suggest that the def- inition of an operational goal enables the business spe- cialists to concentrate on the modeling of the aspect without necessarily concerning its implementation, since a proper option for implementation is discovered during the execution of the process
Flexible coordination techniques for dynamic cloud service collaboration
The provision of individual, but also composed services is central in cloud service provisioning. We describe a framework for the coordination of cloud services, based on a tuple‐space architecture which uses an ontology to describe the services. Current techniques for service collaboration offer limited scope for flexibility. They are based on statically describing and compositing services. With the open nature of the web and cloud services, the need for a more flexible, dynamic approach to service coordination becomes evident. In order to support open communities of service providers, there should be the option for these providers to offer and withdraw their services to/from the community. For this to be realised, there needs to be a degree of self‐organisation. Our techniques for coordination and service matching aim to achieve this through matching goal‐oriented service requests with providers that advertise their offerings dynamically. Scalability of the solution is a particular concern that will be evaluated in detail
Business integration models in the context of web services.
E-commerce development and applications have
been bringing the Internet to business and marketing
and reforming our current business styles and
processes. The rapid development of the Web, in
particular, the introduction of the semantic web and
web service technologies, enables business
processes, modeling and management to enter an
entirely new stage. Traditional web based business
data and transactions can now be analyzed,
extracted and modeled to discover new business
rules and to form new business strategies, let alone
mining the business data in order to classify
customers or products. In this paper, we investigate
and analyze the business integration models in the
context of web services using a micro-payment
system because a micro-payment system is
considered to be a service intensive activity, where
many payment tasks involve different forms of
services, such as payment method selection for
buyers, security support software, product price
comparison, etc. We will use the micro-payment case
to discuss and illustrate how the web services
approaches support and transform the business
process and integration model.
Magpie: towards a semantic web browser
Web browsing involves two tasks: finding the right web page and then making sense of its content. So far, research has focused on supporting the task of finding web resources through ‘standard’ information retrieval mechanisms, or semantics-enhanced search. Much less attention has been paid to the second problem. In this paper we describe Magpie, a tool which supports the
interpretation of web pages. Magpie offers complementary knowledge sources, which a reader can call upon to quickly gain access to any background knowledge relevant to a web resource. Magpie automatically associates an ontologybased
semantic layer to web resources, allowing relevant services to be invoked within a standard web browser. Hence, Magpie may be seen as a step towards a semantic web browser. The functionality of Magpie is illustrated using examples of how it has been integrated with our lab’s web resources
Research and Development Workstation Environment: the new class of Current Research Information Systems
Against the backdrop of the development of modern technologies in the field
of scientific research the new class of Current Research Information Systems
(CRIS) and related intelligent information technologies has arisen. It was
called - Research and Development Workstation Environment (RDWE) - the
comprehensive problem-oriented information systems for scientific research and
development lifecycle support. The given paper describes design and development
fundamentals of the RDWE class systems. The RDWE class system's generalized
information model is represented in the article as a three-tuple composite web
service that include: a set of atomic web services, each of them can be
designed and developed as a microservice or a desktop application, that allows
them to be used as an independent software separately; a set of functions, the
functional filling-up of the Research and Development Workstation Environment;
a subset of atomic web services that are required to implement function of
composite web service. In accordance with the fundamental information model of
the RDWE class the system for supporting research in the field of ontology
engineering - the automated building of applied ontology in an arbitrary domain
area, scientific and technical creativity - the automated preparation of
application documents for patenting inventions in Ukraine was developed. It was
called - Personal Research Information System. A distinctive feature of such
systems is the possibility of their problematic orientation to various types of
scientific activities by combining on a variety of functional services and
adding new ones within the cloud integrated environment. The main results of
our work are focused on enhancing the effectiveness of the scientist's research
and development lifecycle in the arbitrary domain area.Comment: In English, 13 pages, 1 figure, 1 table, added references in Russian.
Published. Prepared for special issue (UkrPROG 2018 conference) of the
scientific journal "Problems of programming" (Founder: National Academy of
Sciences of Ukraine, Institute of Software Systems of NAS Ukraine
- …