22,092 research outputs found
Big Data Analytics for QoS Prediction Through Probabilistic Model Checking
As competitiveness increases, being able to guaranting QoS of delivered
services is key for business success. It is thus of paramount importance the
ability to continuously monitor the workflow providing a service and to timely
recognize breaches in the agreed QoS level. The ideal condition would be the
possibility to anticipate, thus predict, a breach and operate to avoid it, or
at least to mitigate its effects. In this paper we propose a model checking
based approach to predict QoS of a formally described process. The continous
model checking is enabled by the usage of a parametrized model of the monitored
system, where the actual value of parameters is continuously evaluated and
updated by means of big data tools. The paper also describes a prototype
implementation of the approach and shows its usage in a case study.Comment: EDCC-2014, BIG4CIP-2014, Big Data Analytics, QoS Prediction, Model
Checking, SLA compliance monitorin
A JSON Token-Based Authentication and Access Management Schema for Cloud SaaS Applications
Cloud computing is significantly reshaping the computing industry built
around core concepts such as virtualization, processing power, connectivity and
elasticity to store and share IT resources via a broad network. It has emerged
as the key technology that unleashes the potency of Big Data, Internet of
Things, Mobile and Web Applications, and other related technologies, but it
also comes with its challenges - such as governance, security, and privacy.
This paper is focused on the security and privacy challenges of cloud computing
with specific reference to user authentication and access management for cloud
SaaS applications. The suggested model uses a framework that harnesses the
stateless and secure nature of JWT for client authentication and session
management. Furthermore, authorized access to protected cloud SaaS resources
have been efficiently managed. Accordingly, a Policy Match Gate (PMG) component
and a Policy Activity Monitor (PAM) component have been introduced. In
addition, other subcomponents such as a Policy Validation Unit (PVU) and a
Policy Proxy DB (PPDB) have also been established for optimized service
delivery. A theoretical analysis of the proposed model portrays a system that
is secure, lightweight and highly scalable for improved cloud resource security
and management.Comment: 6 Page
BlockChain: A distributed solution to automotive security and privacy
Interconnected smart vehicles offer a range of sophisticated services that
benefit the vehicle owners, transport authorities, car manufacturers and other
service providers. This potentially exposes smart vehicles to a range of
security and privacy threats such as location tracking or remote hijacking of
the vehicle. In this article, we argue that BlockChain (BC), a disruptive
technology that has found many applications from cryptocurrencies to smart
contracts, is a potential solution to these challenges. We propose a BC-based
architecture to protect the privacy of the users and to increase the security
of the vehicular ecosystem. Wireless remote software updates and other emerging
services such as dynamic vehicle insurance fees, are used to illustrate the
efficacy of the proposed security architecture. We also qualitatively argue the
resilience of the architecture against common security attacks
Reconfigurable Security: Edge Computing-based Framework for IoT
In various scenarios, achieving security between IoT devices is challenging
since the devices may have different dedicated communication standards,
resource constraints as well as various applications. In this article, we first
provide requirements and existing solutions for IoT security. We then introduce
a new reconfigurable security framework based on edge computing, which utilizes
a near-user edge device, i.e., security agent, to simplify key management and
offload the computational costs of security algorithms at IoT devices. This
framework is designed to overcome the challenges including high computation
costs, low flexibility in key management, and low compatibility in deploying
new security algorithms in IoT, especially when adopting advanced cryptographic
primitives. We also provide the design principles of the reconfigurable
security framework, the exemplary security protocols for anonymous
authentication and secure data access control, and the performance analysis in
terms of feasibility and usability. The reconfigurable security framework paves
a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication
Authentication and authorisation in entrusted unions
This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported
- …