Architecture, Services and Protocols for CRUTIAL

This document describes the complete specification of the architecture, services and protocols of the project CRUTIAL. The CRUTIAL Architecture intends to reply to a grand challenge of computer science and control engineering: how to achieve resilience of critical information infrastructures (CII), in particular in the electrical sector. In general lines, the document starts by presenting the main architectural options and components of the architecture, with a special emphasis on a protection device called the CRUTIAL Information Switch (CIS). Given the various criticality levels of the equipments that have to be protected, and the cost of using a replicated device, we define a hierarchy of CIS designs incrementally more resilient. The different CIS designs offer various trade offs in terms of capabilities to prevent and tolerate intrusions, both in the device itself and in the information infrastructure. The Middleware Services, APIs and Protocols chapter describes our approach to intrusion tolerant middleware. The CRUTIAL middleware comprises several building blocks that are organized on a set of layers. The Multipoint Network layer is the lowest layer of the middleware, and features an abstraction of basic communication services, such as provided by standard protocols, like IP, IPsec, UDP, TCP and SSL/TLS. The Communication Support layer features three important building blocks: the Randomized Intrusion-Tolerant Services (RITAS), the CIS Communication service and the Fosel service for mitigating DoS attacks. The Activity Support layer comprises the CIS Protection service, and the Access Control and Authorization service. The Access Control and Authorization service is implemented through PolyOrBAC, which defines the rules for information exchange and collaboration between sub-modules of the architecture, corresponding in fact to different facilities of the CII’s organizations. The Monitoring and Failure Detection layer contains a definition of the services devoted to monitoring and failure detection activities. The Runtime Support Services, APIs, and Protocols chapter features as a main component the Proactive-Reactive Recovery service, whose aim is to guarantee perpetual correct execution of any components it protects.Project co-funded by the European Commission within the Sixth Frame-work Programme (2002-2006

Fuzzy Multi Agent System for Automatic Classification and Negotiation of QOS in Cloud Computing

The use of Multi Agents Systems (MAS), Cloud Computing (CC) and Fuzzy Inference System (FIS) in e-commerce has increased in recent years. The purpose of these systems is to enable users of electronic markets to make transactions in the best conditions and to help them in their decisions. The design and implementation is often characterized by the constant manipulation of information, many of which are imperfect. The use of the multi-agent paradigm for the realization of these systems implies the need to integrate mechanisms that take into account the processing of fuzzy information. This makes it necessary to design multi-agent systems (MAS) with fuzzy characteristics. For the modeling and realization of this system, we chose to use the FMAS model. This paper deals with the presentation of the use of the Fuzzy MAS model for the development of a management and decision support application in a virtual market with high availability. After the presentation of the system to be realized in the first section, we describe in the second section the application of the model FMAS for the design and the realization of this system. We then specify the JADE implementation platform and how the fuzzy agents of our model (Expert, Choice and Query) can be implemented using this platform

Fuzzy multi agent system for automatic classification and negotiation of QOS in cloud computing

The use of Multi Agents Systems (MAS), Cloud Computing (CC) and Fuzzy Inference System (FIS) in e-commerce has increased in recent years. The purpose of these systems is to enable users of electronic markets to make transactions in the best conditions and to help them in their decisions. The design and implementation is often characterized by the constant manipulation of information, many of which are imperfect. The use of the multi-agent paradigm for the realization of these systems implies the need to integrate mechanisms that take into account the processing of fuzzy information. This makes it necessary to design multi-agent systems (MAS) with fuzzy characteristics. For the modeling and realization of this system, we chose to use the FMAS model. This paper deals with the presentation of the use of the Fuzzy MAS model for the development of a management and decision support application in a virtual market with high availability. After the presentation of the system to be realized in the first section, we describe in the second section the application of the model FMAS for the design and the realization of this system. We then specify the JADE implementation platform and how the fuzzy agents of our model (Expert, Choice and Query) can be implemented using this platform

Unified enterprise modelling language-based interoperability for collaborative access control framework in critical infrastructures

International audienceDue to physical and logical vulnerabilities, a critical infrastructure (CI) can encounter failures of various degrees of severity, and since there are many interdependencies between CIs, simple failures can have dramatic consequences on the whole infrastructure. In this paper, we mainly focus on malicious threats that might affect the communication and information systems (the critical information infrastructure, or CII) dedicated to critical infrastructures. We define a new collaborative access control framework called PolyOrBAC, to address the security problems that are specific of CIIs. This approach offers each organisation taking part in the CII the capacity of collaborating with the other ones, while maintaining a control on its resources and on its internal security policy. The approach is demonstrated on a practical scenario, based on real emergency actions in an electric power grid infrastructure

Delay and energy consumption of MQTT over QUIC: an empirical characterization using commercial-off-the-shelf devices

The QUIC protocol, which was originally proposed by Google, has recently gained a remarkable presence. Although it has been shown to outperform TCP over a wide range of scenarios, there exist some doubts on whether it might be an appropriate transport protocol for IoT. In this paper, we specifically tackle this question, by means of an evaluation carried out over a real platform. In particular, we conduct a thorough characterization of the performance of the MQTT protocol, when used over TCP and QUIC. We deploy a real testbed, using commercial off-the-shelf devices, and we analyze two of the most important key performance indicators for IoT: delay and energy consumption. The results evince that QUIC does not only yield a notable decrease in the delay and its variability, over various wireless technologies and channel conditions, but it does not hinder the energy consumption.This project has received funding from the Spanish Government (Ministerio de Economía y Competitividad, Fondo Europeo de Desarrollo Regional, MINECO-FEDER) by means of the project FIERCE: Future Internet Enabled Resilient smart CitiEs (RTI2018-093475-AI00)