A user-centric federated single sign-on system

Current identity management systems are not concerned with user privacy. Users must assume that identity providers and service providers will ensure their privacy, which is not always the case. This paper proposes an extension of the existing federated single sign-on (FSSO) systems that adopts the beneficial properties of the user-centric identity management (UCIM) model. This new identity management system allows the users to control and enforce their privacy requirements while still retaining the convenience of single sign-on over a federation of service providers. Colored Petri Nets are used to formally model the new identity management system to provide assurance that the privacy goals are achieved. To our knowledge, Colored Petri Nets have not been used to model privacy in identity management systems before.     

一种基于Cookie的跨域单点登录方案设计

针对多应用系统下用户需多次进行身份认证导致工作效率较低及系统安全性差的问题,提出了一种基于Cookie的跨域单点登录方案。用户可以在不同域内的应用系统间安全有效地实现"一处登录,多处访问"。给出了方案的总体模型,分析了登录流程,解释了跨域的实现,详细地说明了双向认证过程,保证通信双方的身份合法性。引入角色认证管理,降低了单点登录系统与应用系统的耦合。     

支持双认证方式的单点登录方案

支持多认证方式的单点登录是目前的一个新需求,通常这又使认证协议的实现和跨域的认证更加复杂。为此提出一种灵活的支持证书、口令及其组合认证的单点登录方案。方案通过认证协议模板和临时证书票据设计,避免了单点登录的认证协议重复设计,并简化了跨域认证的信任模型。     

A lightweight middleware framework for vehicle networking application

There is a growing need for Vehicle Networking Applications (VNAs) development that does not require users to learn the details of VNA data processing and message transfer. VNAs have some special requirements differing from other general‐purpose applications, such as real‐time performance, extensibility, compatibility, and reusability. To meet with these requirements of the VNAs, we propose a lightweight middleware framework for VNAs in this article. In the middle framework, we design multi‐layer middleware architecture to separate VNAs from the software platform and to improve the adaptability for the heterogeneous network and various vehicle networking communication protocols. Meanwhile, the middleware architecture consists of fixed and exchangeable modules to improve the middleware reusability. And the component bus is presented in a framework to standardize component interfaces to improve the extensibility of middleware. The framework has an efficient and simple structure to guarantee the real‐time performance of data processing and message transferring. This middleware also provides a uniform communication mechanism to be compatible with other existing middleware. In this article, we describe the design ideas and the composition of each module in the middleware framework, and analyze the data flow in communication process. We also develop the middleware prototypes to verify the feasibility of the middleware framework. Copyright © 2015 John Wiley & Sons, Ltd.     

网格中单点登录技术的研究与方案设计

网格主要被应用于大规模、分布式、高性能的计算,为用户提供调用远程计算资源的能力.单点登录是网格计算系统的一个基本功能.提出了一个单点登录方案,该方案使用了PMI相关体系,利用属性证书进行授权.为了提高系统的性能,设计了一个基于口令的网格安全中间件,在安全传输过程中可以不进行加解密等运算操作,用户也不需要拥有自己的公钥证书、私有密钥等,并且为用户提供了方便的使用界面.     

A configurable cryptography subsystem in a middleware framework for embedded systems

Computer and network security is becoming increasingly important as both large systems and, increasingly small, embedded systems are networked. Middleware frameworks aid the system developer who must interconnect individual systems into larger interconnected, distributed systems. However, there exist very few middleware frameworks that have been designed for use with embedded systems, which constitute the vast majority of CPUs produced each year, and none offer the range of security mechanisms required by the wide range of embedded system applications. This paper describes MicroQoSCORBA, a highly configurable middleware framework for embedded systems, and its security subsystem. It first presents an analysis of security requirements for embedded applications and what can and should be done in middleware. It then presents the design of MicroQoSCORBA’s security subsystem and the wide range of mechanisms it supports. Experimental results for these mechanisms are presented for two different embedded systems and one desktop computer that collectively represent a wide range of computational capabilities.     

Revisiting single sign-on: a pragmatic approach in a new context

Single sign-on is a solution that lets users authenticate themselves once and access different applications without reauthentication. SSO assists users through all the procedures required to access heterogeneous applications. Using applications becomes easier, technical-assistance costs go down, and security improves. However, getting the most of the solution requires understanding related domains such as central user administration, the enterprise directory, and Web single sign-on. SSO is a moving target in a changing context. Many new devices, applications, and authentication methods are on the horizon, and although the general issue remains relatively simple and clearly defined, the solution's integration in an IT environment can become complicated. For these reasons, I draw attention to some of the main problems related to SSO initiatives and discuss the SSO strategy at Pictet, a private Swiss bank     

区域卫生信息化中单点登录系统的设计与实现

针对区域卫生信息化平台中的多个应用系统的统一认证授权和单一登录,以及基于角色的访问控制模型不能直接应用到单点登录中等问题,提出了一种基于角色组的角色控制策略和JASIG-CAS相结合的统一身份认证系统。中央认证服务(CAS)服务端引用MyBatis技术有效展示了子系统信息,各个应用系统之间采用Axis2来实现用户信息同步,并利用Session存储用户在各个系统中的权限来减少对数据库的频繁访问,从而显著改善了平台的性能。该单点登录系统实现了统一用户管理、统一权限分配、统一平台风格样式等功能。最后,采用专业压力测试工具LoadRunner8.0对平台进行了性能测试和分析,测试结果表明该系统总体性能稳定,平台设计合理。     

Analysis of privacy vulnerabilities in single sign-on mechanisms for multimedia websites

This paper studies the privacy risks for the users of two popular single sign-on platforms for web-based content access: OpenID and Facebook Connect. In particular we describe in detail a privacy vulnerability of the OpenID Authentication Protocol that leads to the exposure of the OpenID user identifier to third parties. We illustrate how OpenID agents leak the (potentially unique) OpenID identifiers of their users to third parties, like advertisement and traffic analysis corporations. This vulnerability is a real and widespread privacy risk for OpenID users. This paper also analyzes the privacy of Facebook Connect --the proprietary single sign-on platform that is gaining a lot of popularity recently-- and, we conclude that it is not affected by the same vulnerability but other important privacy issues remain. Finally, this paper studies the solution space of these problems and defines a number of possible countermeasures. In the case of the OpenID vulnerability, we propose three solutions to this problem: one for the long term to avoid the root cause of the vulnerability, and another two short-term mitigations.     

A middleware framework for application-aware and user-specific energy optimization in smart mobile devices

Mobile battery-operated devices are becoming an essential instrument for business, communication, and social interaction. In addition to the demand for an acceptable level of performance and a comprehensive set of features, users often desire extended battery lifetime. In fact, limited battery lifetime is one of the biggest obstacles facing the current utility and future growth of increasingly sophisticated “smart” mobile devices. This paper proposes a novel application-aware and user-interaction aware energy optimization middleware framework (AURA) for pervasive mobile devices. AURA optimizes CPU and screen backlight energy consumption while maintaining a minimum acceptable level of performance. The proposed framework employs a novel Bayesian application classifier and management strategies based on Markov Decision Processes and Q-Learning to achieve energy savings. Real-world user evaluation studies on Google Android based HTC Dream and Google Nexus One smartphones running the AURA framework demonstrate promising results, with up to 29% energy savings compared to the baseline device manager, and up to 5×savings over prior work on CPU and backlight energy co-optimization.     

A quality of service driven concurrency framework for object‐based middleware

Threads play a key role in object‐based middleware platforms. Implementers of such platforms can select either kernel or user‐level threads, but neither of these options are ideal. In this paper we introduce Application Scheduler Contexts (ASCs) which flexibly combine both types of thread and thereby attempt to exploit the advantages of each. Multiple ASCs can co‐exist, each with their own concurrency semantics and scheduling policy. ASCs also support quality of service (QoS) configurability, and define their own QoS schema. We show how ASCs can be efficiently implemented and how they can usefully be exploited in middleware environments. We also provide a quantitative evaluation that demonstrates the feasibility of the ASC concept in performance terms. Copyright © 2002 John Wiley & Sons, Ltd.     

TIRIAC: A trust-driven risk-aware access control framework for Grid environments

The infrastructure provided by a Grid enables researchers to collaboratively solve various research problems through sharing their resources and establishing virtual organizations (VOs). However, the distributed and dynamic nature of a Grid VO is a challenge for access control systems. All users in a VO have responsibilities which correspond to their rights. While they should be able to make use of all VO resources, irresponsibility and permission misuse (insider attack) impose costs and losses on the affected resources. Hence, the history of users’ behavior and the possibility of misuse need to be considered in the resource providers’ risk management process. In this paper, we propose the TIRIAC framework for Grid access control. TIRIAC is the first trust-driven risk-aware access control framework which uses obligations to seamlessly monitor users and mitigate risks. In the TIRIAC framework, trust evaluation and risk management are added to the base Grid access control services. Thereafter, site administrators can explicitly specify users’ responsibilities in form of obligations alongside access control rules. In addition, obligation-specific policies can be specified to mitigate risks according to their severity. We study the adoption of our framework by the European Grid Infrastructure (EGI), and demonstrate its superiority in comparison with the related work using multiple criteria. Moreover, we evaluate the performance of the framework and demonstrate its scalability in simulation experiments.     

A framework for building mobile single and multi-robot applications

The complexity of robot software systems calls for the use of a well-conceived architecture together with programming tools to support it. One common feature of robot architectures is the modular decomposition of systems into simpler and largely independent components. These components implement primitive actions and report events about their state. The robot programming framework proposed here includes a tool (RoboGraph) to program and coordinate the activity (tasks) of these middleware modules. Project developers use the same task programming IDE (RoboGraph) on two different levels. The first is to program tasks that must be executed autonomously by one robot and the second is to program tasks that can include several robots and building elements.Tasks are described using a Signal Interpreted Petri Net (SIPN) editor and stored in an xml file. A dispatcher loads these files and executes the different Petri nets as needed. A monitor that shows the state of all the running nets is very useful for debugging and tracing purposes. The whole system has been used in several applications: A tour-guide robot (GuideBot), a multi-robot surveillance project (WatchBot) and a hospital food and laundry transportation system based on mobile robots.     

A study of unpredictability in fault-tolerant middleware

In enterprise applications relying on fault-tolerant middleware, it is a common engineering practice to establish service-level agreements (SLAs) based on the 95th or the 99th percentiles of the latency, to allow a margin for unexpected variability. However, the extent of this unpredictability has not been studied systematically. We present an extensive empirical study of unpredictability in 16 distributed systems, ranging from simple transport protocols to fault-tolerant, middleware-based enterprise applications, and we show that the inherent unpredictability in the systems examined arises from at most 1% of the remote invocations. In the normal, fault-free operating mode most remote invocations have a predictable end-to-end latency, but the maximum latency follows unpredictable trends and is comparable with the time needed to recover from a fault. The maximum latency is not influenced by the system’s workload, cannot be regulated through configuration parameters and is not correlated with the system’s resource consumption. The high-latency outliers (up to three orders of magnitude higher than the average latency) have multiple causes and may originate in any component of the system. However, after filtering out 1% of the invocations with the highest recorded response-times, the latency becomes bounded with high statistical confidence (p < 0.01). We have verified this result on different operating systems (Linux 2.4, Linux 2.6, Linux-rt, TimeSys), middleware platforms (CORBA and EJB), programming languages (C, C++ and Java), replication styles (active and warm passive) and applications (e-commerce and online gaming). Moreover, this phenomenon occurs at all the layers of middleware-based systems, from the communication protocols to the business logic.     

A framework for modeling positive class expansion with single snapshot

In many real-world data mining tasks, the connotation of the target concept may change as time goes by. For example, the connotation of “learned knowledge” of a student today may be different from his/her “learned knowledge” tomorrow, since the “learned knowledge” of the student is expanding everyday. In order to learn a model capable of making accurate predictions, the evolution of the concept must be considered, and thus, a series of data sets collected at different time is needed. In many tasks, however, there is only a single data set instead of a series of data sets. In other words, only a single snapshot of the data along the time axis is available. In this paper, we formulate the Positive Class Expansion with single Snapshot (PCES) problem and discuss its difference with existing problem settings. To show that this new problem is addressable, we propose a framework which involves the incorporation of desirable biases based on user preferences. The resulting optimization problem is solved by the Stochastic Gradient Boosting with Double Target approach, which achieves encouraging performance on PCES problems in experiments.     

GriF: A Grid framework for a Web Service approach to reactive scattering

Grid empowered calculations are becoming an important advanced tool indispensable for scientific advances. The possibility of simplifying and harmonizing the work carried out by computational scientists using a Web Service approach is considered here. To this end, a new Collaborative Grid Framework has been developed and tested. As a study case a three dimensional reactive scattering code dealing with atom-diatom systems has been considered. To this end an extended study of the energy dependence of the electronically adiabatic reactivity of N+N₂ has been performed on the EGEE Grid.     

A qualitative human-centric evaluation of flexibility in middleware implementations

Today middleware is much more powerful, more reliable and faster than it used to be. Nevertheless, for the application developer, the complexity of using middleware platforms has increased accordingly. The volume and variety of application contexts that current middleware technologies have to support require that developers be able to anticipate the widest possible range of execution environments, desired and undesired effects of different programming strategies, handling procedures for runtime errors, and so on. This paper shows how a generic framework designed to evaluate the usability of notations (the Cognitive Dimensions of Notations Framework, or CDN) has been instantiated and used to analyze the cognitive challenges involved in adapting middleware platforms. This human-centric perspective allowed us to achieve novel results compared to existing middleware evaluation research, typically centered around system performance metrics. The focus of our study is on the process of adapting middleware implementations, rather than in the end product of this activity. Our main contributions are twofold. First, we describe a qualitative CDN-based method to analyze the cognitive effort made by programmers while adapting middleware implementations. And second, we show how two platforms designed for flexibility have been compared, suggesting that certain programming language design features might be particularly helpful for developers.