Towards an Efficient Context-Aware System: Problems and Suggestions to Reduce Energy Consumption in Mobile Devices

Looking for optimizing the battery consumption is an open issue, and we think it is feasible if we analyze the battery consumption behavior of a typical context-aware application to reduce context-aware operations at runtime. This analysis is based on different context sensors configurations. Actually existing context-aware approaches are mainly based on collecting and sending context data to external components, without taking into account how expensive are these operations in terms of energy consumption. As a first result of our work in progress, we are proposing a way for reducing the context data publishing. We have designed a testing battery consumption architecture supported by Nokia Energy Profiler tool to verify consumption in different scenarios

Exploiting code mobility for dynamic binary obfuscation

Software protection aims at protecting the integrity of software applications deployed on un-trusted hosts and being subject to illegal analysis. Within an un-trusted environment a possibly malicious user has complete access to system resources and tools in order to analyze and tamper with the application code. To address this research problem, we propose a novel binary obfuscation approach based on the deployment of an incomplete application whose code arrives from a trusted network entity as a flow of mobile code blocks which are arranged in memory with a different customized memory layout. This paper presents our approach to contrast reverse engineering by defeating static and dynamic analysis, and discusses its effectivenes

Measuring security requirements for software security

For the last decade's software security has gained attention by industries, experts and all other communities. Secure software is about mitigating risks from assets to achieve business goals. Security is highly depending on the context where software is deployed. But measuring software security even within a specific context is still not mature. This is because properties and metrics for measuring security are not properly defined and methods are lacking to provide a complete picture for measuring software security. Here we identify security requirements through asset based risk management process to describe soft ware security goal. Then based on the Goal-Question-Metric approach the identified security requirements are evaluated for measuring software security

A model for the proteolytic regulation of LpxC in the lipopolysaccharide pathway of Escherichia coli

Lipopolysaccharide (LPS) is an essential structural component found in Gram-negative bacteria. The molecule is comprised of a highly conserved lipid A and a variable outer core consisting of various sugars. LPS plays important roles in membrane stability in the bacterial cell and is also a potent activator of the human immune system. Despite its obvious importance, little is understood regarding the regulation of the individual enzymes involved or the pathway as a whole. LpxA and LpxC catalyze the first two steps in the LPS pathway. The reaction catalyzed by LpxA possesses a highly unfavourable equilibrium constant with no evidence of coupling to an energetically favourable reaction. In our model the presence of the second enzyme LpxC was sufficient to abate this unfavourable reaction and confirming previous studies suggesting that this reaction is the first committed step in LPS synthesis. It is believed that the protease FtsH regulates LpxC activity via cleavage. It is also suspected that the activity of FtsH is regulated by a metabolite produced by the LPS pathway; however, it is not known which one. In order to investigate these mechanisms, we obtained kinetic parameters from literature and developed estimates for other simulation parameters. Our simulations suggest that under modest increases in LpxC activity, FtsH is able to regulate the rate of product formation. However, under extreme increases in LpxC activities such as over-expression or asymmetrical cell division then FtsH activation may not be sufficient to regulate this first stage of synthesis

Hauto: composición automática de servicios convergentes, basada en la planificación htn

Este artículo presenta HAUTO, un framework que permite componer automáticamente servicios convergentes. HAUTO se basa en la planificación automática basada en redes jerárquicas de tareas HTN y se compone de tres módulos: un módulo de procesamiento de la solicitud, que transforma el lenguaje natural e información del contexto en una instancia de planificación, el módulo de composición automática basado en la planificación HTN; y el tercero, es el entorno de ejecución para servicios convergentes (Web y Telecom). La integración de un componente de planificación provee dos funcionalidades básicas: la posibilidad de personalizar la composición de los servicios usando la información del contexto del usuario y un middleware que se integra con la ejecución de los servicios en entornos de Telecomunicaciones de alto rendimiento. Finalmente, se presenta como caso de estudio un prototipo para la gestión de alertas ambientales tempranas.This paper presents HAUTO, a framework able to compose convergent services automatically. HAUTO is based in HTN (hierarchical task networks) Automated Planning and is composed of three modules: a request processing module that transforms natural language and context information into a planning instance, the automated composition module based on HTN planning and the execution environment for convergent (Web and telecom) services. The integration of a planning component provides two basic functionalities: the possibility of customizing the composition of services using the user context information and a middleware level that integrates the execution of services in high performance telecom environments. Finally, a prototype in environmental early warning management is presented as a test case

A reference architecture for software protection

This paper describes the ASPIRE reference architecture designed to tackle one major problem in this domain: the lack of a clear process and an open software architecture for the composition and deployment of multiple software protections on software application

The ASPIRE framework for software protection

In the ASPIRE research project, a software protection tool flow was designed and prototyped that targets native ARM Android code. This tool flow supports the deployment of a number of protections against man-at-the-end attacks. In this tutorial, an overview of the tool flow will be presented and attendants will participate to a hands-on demonstration. In addition, we will present an overview of the decision support systems developed in the project to facilitate the use of the protection tool flow

Attack simulation based software protection assessment method

Software protection is an essential aspect of information security to withstand malicious activities on software, and preserving software assets. However, software developers still lacks a methodology for the assessment of the deployed protections. To solve these issues, we present a novel attack simulation based software protection assessment method to assess and compare various protection solutions. Our solution relies on Petri Nets to specify and visualize attack models, and we developed a Monte Carlo based approach to simulate attacking processes and to deal with uncertainty. Then, based on this simulation and estimation, a novel protection comparison model is proposed to compare different protection solutions. Lastly, our attack simulation based software protection assessment method is presented. We illustrate our method by means of a software protection assessment process to demonstrate that our approach can provide a suitable software protection assessment for developers and software companies