Agent-Based Cloud Resource Management for Secure Cloud Infrastructures

The cloud offers clear benefits for computations as well as for storage for diverse application areas. Security concerns are by far the greatest barriers to the wider uptake of cloud computing, particularly for privacy-sensitive applications. The aim of this article is to propose an approach for establishing trust between users and providers of cloud infrastructures (IaaS model) based on certified trusted agents. Such approach would remove barriers that prevent security sensitive applications being moved to the cloud. The core technology encompasses a secure agent platform for providing the execution environment for agents and the secure attested software base which ensures the integrity of the host platform. In this article we describe the motivation, concept, design and initial implementation of these technologies

Towards a virtual trusted platform

Abstract: The advances and adoption of Trusted Computing and hardware assisted virtualisation technologies in standard PC platforms promise new approaches in building a robust virtualisation platform for security sensitive software modules. The amalgam of these technologies allows an attractive off-the-shelf environment, capable of supporting security levels potentially higher than commonly deployed today. This article proposes a practical approach of combining technology elements available today to create such a platform using available components. The design supports operating high-security and low-security compartments side by side. The high security compartment is able to use the functionality of the Trusted Platform Module. The low security compartment is isolated through hardware-assisted virtualisation. The platform boots via Intel Trusted Execution Technology to resist manipulation. We discuss the building blocks of the architecture and present a number of open research challenges

Miniaturized Protein Microarray with Internal Calibration as Point-of-Care Device for Diagnosis of Neonatal Sepsis

Neonatal sepsis is still a leading cause of death among newborns. Therefore a protein-microarray for point-of-care testing that simultaneously quantifies the sepsis associated serum proteins IL-6, IL-8, IL-10, TNF alpha, S-100, PCT, E-Selectin, CRP and Neopterin has been developed. The chip works with only a 4 μL patient serum sample and hence minimizes excessive blood withdrawal from newborns. The 4 μL patient samples are diluted with 36 μL assay buffer and distributed to four slides for repetitive measurements. Streptavidin coated magnetic particles that act as distinct stirring detection components are added, not only to stir the sample, but also to detect antibody antigen binding events. We demonstrate that the test is complete within 2.5 h using a single step assay. S-100 conjugated to BSA is spotted in increasing concentrations to create an internal calibration. The presented low volume protein-chip fulfills the requirements of point-of-care testing for accurate and repeatable (CV < 14%) quantification of serum proteins for the diagnosis of neonatal sepsis

Enhancing Results of Microarray Hybridizations Through Microagitation

Protein and DNA microarrays have become a standard tool in proteomics/genomics research. In order to guarantee fast and reproducible hybridization results, the diffusion limit must be overcome. Surface acoustic wave (SAW) micro-agitation chips efficiently agitate the smallest sample volumes (down to 10 μL and below) without introducing any dead volume. The advantages are reduced reaction time, increased signal-to-noise ratio, improved homogeneity across the microarray, and better slide-to-slide reproducibility. The SAW micromixer chips are the heart of the Advalytix ArrayBooster, which is compatible with all microarrays based on the microscope slide format

Avoiding Man-in-the-Middle Attacks When Verifying Public Terminals

Contains fulltext : 91585.pdf (author's version ) (Open Access)7th International IFIP Summer School, Trento, Italy, 2011 5-9 September, 5 september 201

Framing Efficiency Optimization for DVB-S2 Systems with QoS Guarantees

This paper deals with the design, evaluation and performance comparison of smart framing strategies that complement the packet scheduler in DVB-S2 systems with Adaptive Coding and Modulation, when QoS guarantees are to be provided. User data packets are transmitted grouped in frames according to a scheduling algorithm. Each of these frames uses a selected modulation and coding setting (ModCod), the most efficient pair that provides sufficient robustness given the channel state experienced by the satellite terminals that will receive the data. This is promising for the achievement of highly efficient resource utilization; however, the inherent spectral efficiency of the selected ModCod can be cancelled by a poor framing efficiency, i.e. transmitting frames with large padding component. In this paper, an extension of the Group-efficient Scheduler [3] is proposed to support QoS guarantees. In addition, smart framing strategies are proposed, which optimize the total transmission efficiency by different flavors of trade-off between spectral efficiency and framing efficiency. Finally, the performances of the QoS extension of the Group-efficient Scheduler complemented by the aforementioned smart framing strategies are compared in terms of different QoS metrics

Framing Efficiency Optimization for DVB-S2 Systems

This paper deals with the design, evaluation and comparison of smart framing strategies that complement the packet scheduler in DVB-S2 systems with Adaptive Coding and Modulation. Provided that user data packets are transmitted grouped in frames, each of them using a modulation and coding setting (ModCod), the inherent spectral efficiency of the selected ModCod can be cancelled by a poor framing efficiency, i.e. transmitting frames with large padding component. For this reason, smart framing strategies are proposed in this paper, which optimize the framing efficiency

Towards Trust Services for Language-Based Virtual Machines for Grid Computing

Abstract. The concept of Trusted Computing (TC) promises a new approach to improve the security of computer systems. The core functionality, based on a hardware component known as Trusted Platform Module (TPM), is integrated into commonly available hardware. Still, only limited software support exists, especially in the context of grid computing. This paper discusses why platform independent virtual machines (VM) with their inherent security features are an ideal environment for trusted applications and services. Based on different TC architectures building a chain-of-trust, a VM can be executed in a secure way. This chain-of-trust can be extended at run-time by considering the identity of the application code and by deriving attestable properties from the VMs configuration. An interface to provide applications with TC services like sealing or remote attestation regardless of the underlying host architecture is discussed