A standard-driven communication protocol for disconnected clinics in rural areas

The importance of the Electronic Health Record (EHR), which stores all healthcare-related data belonging to a patient, has been recognized in recent years by governments, institutions, and industry. Initiatives like Integrating the Healthcare Enterprise (IHE) have been developed for the definition of standard methodologies for secure and interoperable EHR exchanges among clinics and hospitals. Using the requisites specified by these initiatives, many large-scale projects have been set up to enable healthcare professionals to handle patients' EHRs. Applications deployed in these settings are often considered safety-critical, thus ensuring such security properties as confidentiality, authentication, and authorization is crucial for their success. In this paper, we propose a communication protocol, based on the IHE specifications, for authenticating healthcare professionals and assuring patients' safety in settings where no network connection is available, such as in rural areas of some developing countries. We define a specific threat model, driven by the experience of use cases covered by international projects, and prove that an intruder cannot cause damages to the safety of patients and their data by performing any of the attacks falling within this threat model. To demonstrate the feasibility and effectiveness of our protocol, we have fully implemented it

A framework for safe composition of heterogeneous SOA services in a pervasive computing environment with resource constraints

The Service Oriented Computing (SOC) paradigm, defines services as software artifacts whose implementations are separated from their specifications. Application developers rely on services to simplify the design, reduce the development time and cost. Within the SOC paradigm, different Service Oriented Architectures (SOAs) have been developed. These different SOAs provide platform independence, programming-language independence, defined standards, and network support. Even when different SOAs follow the same SOC principles, in practice it is difficult to compose services from heterogeneous architectures. Automatic the process of composition of services from heterogeneous SOAs is not a trivial task. Current composition tools usually focus on a single SOA, while others do not provide mechanisms for ensuring safety of composite services and their interactions. Given that some services might perform critical operations or manage sensitive data, defining safety for services and checking for compliance is crucial. This work proposes and workflow specification language for composite services that is SOA-independent. It also presents a framework for automatic composition of services of heterogeneous SOAs, supporting web services (WS) and OSGi services as an example. It integrates formal software analysis methods to ensure the safety of composite services and their interactions. Experiments are conducted to study the performance of the composite service generated automatically by the framework with composite services using current composition methods. We use as an example a smart home composite service for the management of medicines, deployed in a regular and in a resource-constrained network environment

HUC-HISF: A Hybrid Intelligent Security Framework for Human-centric Ubiquitous Computing

制度:新 ; 報告番号:乙2336号 ; 学位の種類:博士(人間科学) ; 授与年月日:2012/1/18 ; 早大学位記番号:新584

Cloud Services Brokerage for Mobile Ubiquitous Computing

Recently, companies are adopting Mobile Cloud Computing (MCC) to efficiently deliver enterprise services to users (or consumers) on their personalized devices. MCC is the facilitation of mobile devices (e.g., smartphones, tablets, notebooks, and smart watches) to access virtualized services such as software applications, servers, storage, and network services over the Internet. With the advancement and diversity of the mobile landscape, there has been a growing trend in consumer attitude where a single user owns multiple mobile devices. This paradigm of supporting a single user or consumer to access multiple services from n-devices is referred to as the Ubiquitous Cloud Computing (UCC) or the Personal Cloud Computing. In the UCC era, consumers expect to have application and data consistency across their multiple devices and in real time. However, this expectation can be hindered by the intermittent loss of connectivity in wireless networks, user mobility, and peak load demands. Hence, this dissertation presents an architectural framework called, Cloud Services Brokerage for Mobile Ubiquitous Cloud Computing (CSB-UCC), which ensures soft real-time and reliable services consumption on multiple devices of users. The CSB-UCC acts as an application middleware broker that connects the n-devices of users to the multi-cloud services. The designed system determines the multi-cloud services based on the user's subscriptions and the n-devices are determined through device registration on the broker. The preliminary evaluations of the designed system shows that the following are achieved: 1) high scalability through the adoption of a distributed architecture of the brokerage service, 2) providing soft real-time application synchronization for consistent user experience through an enhanced mobile-to-cloud proximity-based access technique, 3) reliable error recovery from system failure through transactional services re-assignment to active nodes, and 4) transparent audit trail through access-level and context-centric provenance

Web services approach for ambient assisted living in mobile environments

Web services appeared as a promising technology for Web environments independent of technologies, services, and applications. First, a performance comparison study between the two most used Web service architectures, SOAP and REST, is presented, considering messages exchange between clients and a server. Based on this study, the REST architecture was chosen to deploy the system because it gets better results compared to SOAP architecture. Currently, there are some issues related with this approach that should be studied. For instance, if massive quantities of data are sent to databases it can influence significantly the performance of the whole system. The Advanced Message Queuing Protocol (AMPQ) appears as a promising solution to address this problem. Then, in order to evaluate the performance of this approach, this work presents a performance evaluation and a comparison study of RESTful Web services and the AMQP Protocol considering exchanging messages between clients and a server. The study is based on the averaged exchanged messages for a certain period of time. It was observed and concluded that, for large quantities of messages exchange, the best results comes from the Advanced Message Queuing Protocol. Message Queuing Telemetry Transport (MQTT) was addressed in this work because it is a similar protocol to AMQP but it can be used by mobile devices with a processing capacity smallest unlike the AMQP that needs greater processing capacity. These studies are performed in the context of Ambient Assisted Living environments, since the work was applied to this topic in order to experiment the effectiveness and evaluate the performance of these protocols in this scenario

15 Years of Enterprise Architecting at HICSS: Revisiting the Critical Problems

The Enterprise Architecture (EA) minitrack has been a mainstay of HICSS for the past 15 years. The methodology, tools, and processes of enterprise architecting have evolved during that period. In 2005, Kaisler and Armour identified some critical challenges in modeling, management, and maintenance for EA that needed attention to ensure a viable technical discipline. Over 15 years, we have accepted 93 papers for presentation. Reviewing these papers and drawing up on our experience over the past 15 years, we conclude that some progress has been made, some challenges remain to be addressed, and some new challenges have emerged. This paper revises existing challenges and identifies additional challenges to be addressed in the next 10 years