一个移动Agent安全旅行协议

本文提出了一种保护移动Agent不受Agent平台攻击的旅行协议。该协议基于Agent旅行的历史记录,在一定的条件下允许Agent所有者检测对Agent代码、状态和执行流的非法篡改。这个协议具有很高的安全性能,能够检测旅行途中的Agent平台对Agent数据的篡改,能够防止重播攻击。     

A secure dynamic collaboration environment in a cloud context

In recent years, the cloud has emerged as an attractive means for hosting and delivering services over the Internet. This has resulted in a renewed focus on information security in the case where data is stored in the virtual space of the cloud and is not physically accessible to the customer. This paper addresses the increasing security concerns of migrating to the cloud and utilising it for data storage, focusing on securing data in an untrusted cloud environment and ensuring detailed data access control in the cloud. Two Conceptual designs have been devised by exploring and extending the boundaries of existing secure data-storage schemes, and then combining these with well-known security principles and cutting-edge research within the field of cryptography. To further validate the conceptual designs, proof of concept prototypes have been constructed.     

A policy enforcement framework for verification and control of service collaboration

This paper proposes a policy enforcement framework to dynamically verify and control the collaboration process in Service-Oriented Architecture (SOA). Dynamic SOA collaboration is different from traditional service collaboration where the workflow is pre-defined at design time while the services used can be discovered at runtime. In dynamic collaboration, both the workflows and services can be determined at runtime. As they will be determined at runtime, many verification activities can be performed at runtime. This paper proposes a dynamic policy enforcement framework that follows the dynamic SOA collaboration process to ensure that various system constraints can be enforced at runtime. The framework includes a policy specification language, a policy completeness and consistency checking, and distributed policy enforcement. Finally, this paper presents the construction of a sample example to illustrate these features with quantitative performance data.     

A stochastic evolutionary coalition game model of secure and dependable virtual service in Sensor-Cloud

Various intrusion detection systems (IDSs) have been proposed in recent years to provide safe and reliable services in cloud computing. However, few of them have considered the existence of service attackers who can adapt their attacking strategies to the topology-varying environment and service providers’ strategies. In this paper, we investigate the security and dependability mechanism when service providers are facing service attacks of software and hardware, and propose a stochastic evolutionary coalition game (SECG) framework for secure and reliable defenses in virtual sensor services. At each stage of the game, service providers observe the resource availability, the quality of service (QoS), and the attackers’ strategies from cloud monitoring systems (CMSs) and IDSs. According to these observations, they will decide how evolutionary coalitions should be dynamically formed for reliable virtual-sensor-service composites to deliver data and how to adaptively defend in the face of uncertain attack strategies. Using the evolutionary coalition game, virtual-sensor-service nodes can form a reliable service composite by a reliability update function. With the Markov chain constructed, virtual-sensor-service nodes can gradually learn the optimal strategy and evolutionary coalition structure through the minimax-Q learning, which maximizes the expected sum of discounted payoffs defined as QoS for virtual-sensor-service composites. The proposed SECG strategy in the virtual-sensor-service attack-defense game is shown to achieve much better performance than strategies obtained from the evolutionary coalition game or stochastic game, which only maximizes each stage's payoff and optimizes a defense strategy of stochastic evolutionary, since it successfully accommodates the environment dynamics and the strategic behavior of the service attackers.     

Design and implementation of the secure compiler and virtual machine for developing secure IoT services

Recent years have seen the development of computing environments for IoT (Internet of Things) services, which exchange large amounts of information using various heterogeneous devices that are always connected to networks. Since the data communication and services occur on a variety of devices, which not only include traditional computing environments and mobile devices such as smartphones, but also household appliances, embedded devices, and sensor nodes, the security requirements are becoming increasingly important at this point in time. Already, in the case of mobile applications, security has emerged as a new issue, as the dissemination and use of mobile applications have been rapidly expanding. This software, including IoT services and mobile applications, is continuously exposed to malicious attacks by hackers, because it exchanges data in the open Internet environment. The security weaknesses of this software are the direct cause of software breaches causing serious economic loss. In recent years, the awareness that developing secure software is intrinsically the most effective way to eliminate the software vulnerability, rather than strengthening the security system of the external environment, has increased. Therefore, methodology based on the use of secure coding rules and checking tools is attracting attention to prevent software breaches in the coding stage to eliminate the above vulnerabilities. This paper proposes a compiler and a virtual machine with secure software concepts for developing secure and trustworthy services for IoT environments. By using a compiler and virtual machine, we approach the problem in two stages: a prevention stage, in which the secure compiler removes the security weaknesses from the source code during the application development phase, and a monitoring stage, in which the secure virtual machine monitors abnormal behavior such as buffer overflow attacks or untrusted input data handling while applications are running.     

Hierarchical hippocratic databases with minimal disclosure for virtual organizations

The protection of customer privacy is a fundamental issue in today’s corporate marketing strategies. Not surprisingly, many research efforts have proposed new privacy-aware technologies. Among them, Hippocratic databases offer mechanisms for enforcing privacy rules in database systems for inter-organizational business processes (also known as virtual organizations). This paper extends these mechanisms to allow for hierarchical purposes, distributed authorizations and minimal disclosure supporting the business processes of virtual organizations that want to offer their clients a number of ways to fulfill a service. Specifically, we use a goal-oriented approach to analyze privacy policies of the enterprises involved in a business process. On the basis of the purpose hierarchy derived through a goal refinement process, we provide algorithms for determining the minimum set of authorizations needed to achieve a service. This allows us to automatically derive access control policies for an inter-organizational business process from the collection of privacy policies associated with different participating enterprises. By using effective on-line algorithms, the derivation of such minimal information can also be done on-the-fly by the customer wishing to access a service.This is an expanded and revised version of [20].     

A secure distributed framework for achieving k-anonymity

k-anonymity provides a measure of privacy protection by preventing re-identification of data to fewer than a group of k data items. While algorithms exist for producing k-anonymous data, the model has been that of a single source wanting to publish data. Due to privacy issues, it is common that data from different sites cannot be shared directly. Therefore, this paper presents a two-party framework along with an application that generates k-anonymous data from two vertically partitioned sources without disclosing data from one site to the other. The framework is privacy preserving in the sense that it satisfies the secure definition commonly defined in the literature of Secure Multiparty Computation.     

Pattern-based e-service modelling for virtual service enterprises

Business services are customisable, interactive processes that providers have the potential to carry out together with clients that benefit from the effects. It is understood that business service transactions are best organised by means of virtual networks, where information technology allows for configuring multiple providers and processes on a per-request basis. Existing conceptual models for virtual service enterprises (VSEs) propose business service virtualisation for flexible and agile regulation and control of coordination between multiple providers and clients. In this paper, we present an approach for realising business service virtualisation based on software service technology. In particular, we propose a service-oriented software architecture for representing virtual business service processes as e-services. E-service models specify flexible business service interactions between multiple providers and clients of virtual service enterprises and allow for regulation and enforcement of their coordination. We demonstrate the utilisation of our e-service SOA in the context of an e-science scenario, where we show how to design e-service models for the use case of virtual polymorph prediction laboratories.     

TEE: A virtual DRTM based execution environment for secure cloud-end computing

The Internet of Things (IoT) is the incoming generation of information technology. However, the huge amount of data collected by wireless sensors in IoT will impose a big challenge that can only be met by cloud computing. In particular, ensuring security in the cloud-end is necessary. Previous studies have mainly focused on secure cloud-end storage, whereas secure cloud-end computing is much less investigated. The current practice is solely based on Virtual Machines (VM), and cannot offer adequate security because the guest Operating Systems (OS) often can be compromised (e.g., by exploiting their vulnerabilities). This motivates the need of solutions for more secure cloud-end computing. This paper presents the design, implementation and analysis of a candidate solution, called Trusted Execution Environment (TEE), which takes advantage of both virtualization and trusted computing technologies simultaneously. The novelty behind TEE is the virtualization of the Dynamic Root of Trust for Measurement (DRTM).     

Hierarchical control policy for dynamic resource management in grid virtual organization

This paper proposes a hierarchical control system in grid virtual organization. The hierarchical system can be decomposed into multiple application groups, which can be further decomposed into multiple applications. At the top of the hierarchy, the global controller controls the gross allocation of resources to the groups. At the next level down, the group controller coordinates the local deployments of all applications that consume the local allocation of resources. At the lowest level, the local controllers adjust the local resource usages to optimize the utility of single application. The hierarchical control system considers all applications and coordinates all layers of grid architecture upon any changes. According to different time granularity, we adopt a different control scheme. The global control considers all applications and coordinates three layers of grid architecture in response to large system changes at coarse time granularity, while local control adapts a single application to small changes at fine granularity. This paper adopts utility-driven cross layer optimization for grid applications to find a system wide optimization and solves the cross-layer optimization by using pricing based decomposition. A set of hierarchical utility functions is used to measure the performance of the grid system that follows the system, group and application hierarchy. This paper uses total utility to measure the overall quality of grid system. The experiments are conducted to test the performance of the hierarchical control algorithms.

Design and implementation of S-MARKS: A secure middleware for pervasive computing applications

As portable devices have become a part of our everyday life, more people are unknowingly participating in a pervasive computing environment. People engage with not a single device for a specific purpose but many devices interacting with each other in the course of ordinary activity. With such prevalence of pervasive technology, the interaction between portable devices needs to be continuous and imperceptible to device users. Pervasive computing requires a small, scalable and robust network which relies heavily on the middleware to resolve communication and security issues. In this paper, we present the design and implementation of S-MARKS which incorporates device validation, resource discovery and a privacy module.     

A role-oriented service system architecture for enterprise process collaboration

Workflow management is a key technique for coordinating various business processes. Traditional workflow systems are often built with the client/server architecture, in which, a single workflow server takes the responsibility of the entire operation. This paper discusses a model-driven process enactment environment, which can support an enterprise businesses collaboration. Some key technologies regarding models and the system are discussed in the paper, including the mappings between activities in process models and the service function of applications, how to use XML in the process model, and other workflow engine techniques. A software architecture supporting role-oriented services within the process-driven enterprise enactment environment has been proposed and implemented. The proposed framework has been validated with a case study in the 4PL business system.     

Case for dynamic deployment in a grid-based distributed query processor

Grid computing enables users to perform computationally expensive applications on distributed resources acquired dynamically. Users are allowed to combine structured data and analysis components into new applications from distributed sites into new applications. Distributed query processing offers an established way of structuring such computations, and well-known tools like OGSA-DAI and OGSA-DQP provide respectively a common interface to heterogeneous databases, and a way of exploiting distributed resources. Such significant benefits are however often undermined by high communication costs due to the need to move data between distributed resources. This paper describes an approach that addresses this by dynamically deploying query processing engines, analysis services and databases within virtual machines, on an internet-scale, so as to reduce communication costs. Results of internet-scale experiments are presented to demonstrate the performance benefits. Further, the use of dynamic deployment features based on requirements allows the creation of an ad-hoc runtime engine and thus opens up the possibility of creating a virtual marketplace for software and hardware resources.     

Security and privacy for multimedia database management systems

This paper describes security and privacy issues for multimedia database management systems. Multimedia data includes text, images, audio and video. It describes access control for multimedia database management systems and describes security policies and security architectures for such systems. Privacy problems that result from multimedia data mining are also discussed.

一种基于VPN的安全电子邮件

随着电子政务和电子商务的逐渐普及,通过电子邮件在Internet上传递的机密信息也在迅速增加,因此对电子邮件的安全性和非公开性提出了更高的要求。论述了网络监听对当前电子邮件形成的安全威胁及VPN的安全机制,并在Linux环境下实现了一个基于IPSec的安全电子邮件网关模型。     

A reliable recommendation and privacy-preserving based cross-layer reputation mechanism for mobile cloud computing

Mobile cloud computing (MCC) is gaining popularity due to anywhere anytime data access. However, at the same time it also introduces the new privacy and security threats that have become an obstacle to the widespread use and popularity of MCC. In this paper, we propose a reliable recommendation and privacy preserving based cross-layer reputation mechanism (RP-CRM) to provide secure and privacy-aware communication process in wireless mesh networks (WMNs) based MCC (WM-MCC). RP-CRM integrates the cross-layer design with recommendation reputation reliability evaluation mechanism and the privacy preserving scheme to identify and manage the internal malicious nodes and protect the security and privacy against internal multi-layer attack, bad mouthing attack and information disclosure attack. Simulation results and performance analysis demonstrate that RP-CRM can provide rapid and accurate malicious node identification and management, and provide security and privacy protection against aforementioned attacks more effectively and efficiently.     

A high-speed and low-cost storage architecture based on virtual interface

Over the years, the network storage bandwidth has increased rapidly while the node-to-node latency has not decreased much. This is because the latency is dominated by the protocol software execution time in the kernel, instead of by the raw transmission time over the link. Virtual Interface (VI) protocol has been proposed to overcome the software overhead of the TCP/IP. In this paper, we introduce another new technology vSCSI (VI-attached SCSI) to compete with iSCSI in LAN (Local Area Networks) environment, and compare performance of vSCSI and iSCSI experimentally. Meanwhile, we present a Virtual Interface Storage Architecture (VISA) as a new network storage architecture which uses vSCSI as the network communication protocol. Then, we can take advantage of VI’s superior performance over TCP/IP in LAN environment. Also, actually we have implemented and measured our data transport and Remote Procedure Call (RPC) layer over VI. The aim of our design and implementation is to put forward new techniques to reduce overheads.     

Complex service design: A virtual enterprise architecture for logistics service

This paper presents an interdisciplinary systems approach to service modeling, design and deployment. The study is based on a longitudinal case study of the development process of a complex logistic service system based on an advanced logistics model. The case examines the development of a Virtual Enterprise Architecture (VEA) for an automatic high-speed transport and sorting system applied in airports for baggage handling. The study traces the evolution of the system from the early conceptual phases to a successful commercial service deployed at Changi, Singapore Airport. The study is conducted using a retrospective analysis of the case using a design science research approach. The paper evaluates and discusses the issues of creating and designing a new complex logistics service, distinct from the physical product, based on an advanced discrete event-based simulation model. The paper concludes by presenting a generalized and validated conceptual framework for a VEA based on an advanced simulation model. The paper thus contributes to the field of service systems and service management by identifying a novel approach to effective design of a new service.     

A timed mobile agent planning approach for distributed information retrieval in dynamic network environments

The number of mobile agents and total execution time are two factors used to represent the system overhead that must be considered as part of mobile agent planning (MAP) for distributed information retrieval. In addition to these two factors, the time constraints at the nodes of an information repository must also be taken into account when attempting to improve the quality of information retrieval. In previous studies, MAP approaches could not consider dynamic network conditions, e.g., variable network bandwidth and disconnection, such as are found in peer-to-peer (P2P) computing. For better performance, mobile agents that are more sensitive to network conditions must be used. In this paper, we propose a new MAP approach that we have named Timed Mobile Agent Planning (Tmap). The proposed approach minimizes the number of mobile agents and total execution time while keeping the turnaround time to a minimum, even if some nodes have a time constraint. It also considers dynamic network conditions to reflect the dynamic network condition more accurately. Moreover, we incorporate a security and fault-tolerance mechanism into the planning approach to better adapt it to real network environments.