Biblio

Tactical edge networks represent a uniquely challenging environment from the communications perspective, due to their limited bandwidth and high node mobility. Several middleware communication solutions have been proposed to address those issues, adopting an evolutionary design approach that requires facing quite a few complications to provide applications with a suited network programming model while building on top of the TCP/IP stack. Information Centric Networking (ICN), instead, represents a revolutionary, clean slate approach that aims at replacing the entire TCP/IP stack with a new communication paradigm, better suited to cope with fluctuating channel conditions and network disruptions. This paper, stemmed from research conducted within NATO IST-161 RTG, investigates the effectiveness of Named Data Networking (NDN), the de facto standard implementation of ICN, in the context of tactical edge networks and its potential for adoption. We evaluated an NDN-based Blue Force Tracking (BFT) dissemination application within the Anglova scenario emulation environment, and found that NDN obtained better-than-expected results in terms of delivery ratio and latency, at the expense of a relatively high bandwidth consumption.

Ubiquitous or pervasive computing is a new kind of computing, where specialized elements of hardware and software will have such high level of deployment that their use will be fully integrated with the environment. Augmented reality extends reality with virtual elements but tries to place the computer in a relatively unobtrusive, assistive role. To our knowledge, there is no specialized network middleware solution for large-scale mobile and pervasive augmented reality games. We present a work that focus on the creation of such network middleware for mobile and pervasive entertainment, applied to the area of large scale augmented reality games. In, this context, mechanisms are being studied, proposed and evaluated to deal with issues such as scalability, multimedia data heterogeneity, data distribution and replication, consistency, security, geospatial location and orientation, mobility, quality of service, management of networks and services, discovery, ad-hoc networking and dynamic configuration

Ubiquitous or pervasive computing is a new kind of computing, where specialized elements of hardware and software will have such high level of deployment that their use will be fully integrated with the environment. Augmented reality extends reality with virtual elements but tries to place the computer in a relatively unobtrusive, assistive role. In this paper we propose, test and analyse a security and privacy architecture for a previously proposed middleware architecture for mobile and pervasive large scale augmented reality games, which is the main contribution of this paper. The results show that the security features proposed in the scope of this work do not affect the overall performance of the system.

IoT middleware is an additional layer between IoT devices and the cloud applications that reduces computation and data handling on the cloud. In a typical IoT system model, middleware primarily connects to different IoT devices via IoT gateway. Device data stored on middleware is sensitive and private to a user. Middleware must have built-in mechanisms to address these issues, as well as the implementation of user authentication and access control. This paper presents the current methods used for access control on middleware and introduces Attribute-based encryption (ABE) on middleware for access control. ABE combines access control with data encryption for ensuring the integrity of data. In this paper, we propose Ciphertext-policy attribute-based encryption, abbreviated CP-ABE scheme on the middleware layer in the IoT system architecture for user access control. The proposed scheme is aimed to provide security and efficiency while reducing complexity on middleware. We have used the AVISPA tool to strengthen the proposed scheme.

Internet of Things (IoT) is a fairly disruptive technology with inconceivable growth, impact, and capability. We present the role of REST API in the IoT Systems and some initial concepts of IoT, whose technology is able to record and count everything. We as well highlight the concept of middleware that connects these devices and cloud. The appearance of new IoT applications in the cloud has brought new threats to security and privacy of data. Therefore it is required to introduce a secure IoT system which doesn't allow attackers infiltration in the network through IoT devices and also to secure data in transit from IoT devices to cloud. We provide the details on how Representational State Transfer (REST) API allows to securely expose connected devices to applications on cloud and users. In the proposed model, middleware is primarily used to expose device data through REST and to hide details and act as an interface to the user to interact with sensor data.

This paper surveys a review of Internet of Things (IoT) protocols, Service oriented Middleware in IoT. The modern development of IoT, expected to create many divorce application in health care without human intervention. Various protocols are involved in the applications development. Researchers are doing research for desirable protocol with all functionalities. Middleware for an IoT provides interoperability between the devices or applications. The engineering of an IoT dependent on Service Oriented Architecture (SOA), it operates as middleware. We survey the existing SOA based IoT middleware and its functionalities.

System penetration testing is an important measure of discovering information system security issues. This paper summarizes and analyzes the high-risk problems found in the penetration testing of the artificial storm prediction system for power grid storm disasters from four aspects: application security, middleware security, host security and network security. In particular, in order to overcome the blindness of PGRDAIPS current SQL injection penetration test, this paper proposes a SQL blind bug based on improved second-order fragmentation reorganization. By modeling the SQL injection attack behavior and comparing the SQL injection vulnerability test in PGRDAIPS, this method can effectively reduce the blindness of SQL injection penetration test and improve its accuracy. With the prevalence of ubiquitous power internet of things, the electric power information system security defense work has to be taken seriously. This paper can not only guide the design, development and maintenance of disaster prediction information systems, but also provide security for the Energy Internet disaster safety and power meteorological service technology support.

Antifragile systems enhance their capabilities and become stronger when exposed to adverse conditions, stresses or attacks, making antifragility a desirable property for cyber defence systems that operate in contested military environments. Self-improvement in autonomic systems refers to the improvement of their self-* capabilities, so that they are able to (a) better handle previously known (anticipated) situations, and (b) deal with previously unknown (unanticipated) situations. In this position paper, we present a vision of using self-improvement through learning to achieve antifragility in autonomic cyber defence systems. We first enumerate some of the major challenges associated with realizing distributed self-improvement. We then propose a reference model for middleware frameworks for self-improving autonomic systems and a set of desirable features of such frameworks.

The interest over building security-based solutions to reduce the vulnerability exploits and mitigate the risks associated with smart homes in IoT is growing. However, our investigation identified to architect and implement distributed security mechanisms is still a challenge because is necessary to handle security and privacy in IoT middleware with a strong focus. Our investigation, it was identified the significant proportion of the systems that did not address security and did not describe the security approach in any meaningful detail. The idea proposed in this work is to provide middleware aim to implement security mechanisms in smart home and contribute as how guide to beginner developers' IoT middleware. The advantages of using MidSecThings are to avoid leakage data, unavailable service, unidentification action and not authorized access over IoT devices in smart home.

With the increasing interest in studying Automated Driving System (ADS)-equipped vehicles through simulation, there is a growing need for comprehensive and agile middleware to provide novel Virtual Analysis (VA) functions of ADS-equipped vehicles towards enabling a reliable representation for pre-deployment test. The National Institute of Standards and Technology (NIST) Universal Cyber-physical systems Environment for Federation (UCEF) is such a VA environment. It provides Application Programming Interfaces (APIs) capable of ensuring synchronized interactions across multiple simulation platforms such as LabVIEW, OMNeT++, Ricardo IGNITE, and Internet of Things (IoT) platforms. UCEF can aid engineers and researchers in understanding the impact of different constraints associated with complex cyber-physical systems (CPS). In this work UCEF is used to produce a simulated Operational Domain Design (ODD) for ADS-equipped vehicles where control (drive cycle/speed pattern), sensing (obstacle detection, traffic signs and lights), and threats (unusual signals, hacked sources) are represented as UCEF federates to simulate a drive cycle and to feed it to vehicle dynamics simulators (e.g. OpenModelica or Ricardo IGNITE) through the Functional Mock-up Interface (FMI). In this way we can subject the vehicle to a wide range of scenarios, collect data on the resulting interactions, and analyze those interactions using metrics to understand trustworthiness impact. Trustworthiness is defined here as in the NIST Framework for Cyber-Physical Systems, and is comprised of system reliability, resiliency, safety, security, and privacy. The goal of this work is to provide an example of an experimental design strategy using Fractional Factorial Design for statistically assessing the most important safety metrics in ADS-equipped vehicles.

This paper proposes an intelligent functional architecture for an advanced launch site system that is composed of five parts: the intelligent technical area, the intelligent launching region, the intelligent flight and landing area, the intelligent command and control system, and the intelligent analysis assessment system. The five parts consist of the infrastructure, facilities, equipment, hardware and software and thus include the whole mission processes of ground and launch systems from flight articles' entry to launch. The architectural framework is designed for the intelligent elements of the parts. The framework is also defined as the interrelationship and the interface of the elements, including the launch vehicle and flight payloads. Based on the Internet of Things (IoT), the framework is integrated on four levels: the physical layer, the perception layer, the network layer, and the application layer. The physical layer includes the physical objects and actuators of the launch site. The perception layer consists of the sensors and data processing system. The network layer supplies the access gateways and backbone network. The application layer serves application systems through the middleware platform. The core of the intelligent system is the controller of the automatic control system crossing the four layers. This study builds the models of the IoT, cloud platform, middleware, integrated access gateway, and automatic control system for actual ground and launch systems. A formal approach describes and defines the architecture, models and autonomous control flows in the paper. The defined models describe the physical objects, intelligent elements, interface relations, status transformation functions, etc. The test operation and launch processes are connected with the intelligent system model. This study has been applied to an individual mission project and achieved good results. The architecture and the models of this study regulate the relationship between the elements of the intelligent system. The study lays a foundation for the architectural construction, the simulation and the verification of the intelligent systems at the launch site.

Cyber-physical systems are characterized by strong interactions between their physical and computation parts. The increasing complexity of such systems, now used in numerous application domains (e.g., aeronautics, healthcare), in conjunction with hard to predict surrounding environments or the use of non-traditional middleware and with the presence of non-deterministic or non-explainable software outputs, tend to make traditional Verification and Validation (V&V) techniques ineffective. This paper presents the H2020 ADVANCE project, which aims precisely at addressing the Verification and Validation challenges that the next-generation of cyber-physical systems bring, by exploring techniques, methods and tools for achieving the technical objective of improving the overall efficiency and effectiveness of the V&V process. From a strategic perspective, the goal of the project is to create an international network of expertise on the topic of V&V of cyber-physical systems.

In this paper, an intruder detection system has been built with an implementation of convolutional neural network (CNN) using raspberry pi, Microsoft's Azure and Twilio cloud systems. The CNN algorithm which is stored in the cloud is implemented to basically classify input data as either intruder or user. By using the raspberry pi as the middleware and raspberry pi camera for image acquisition, efficient execution of the learning and classification operations are performed using higher resources that cloud computing offers. The cloud system is also programmed to alert designated users via multimedia messaging services (MMS) when intruders or users are detected. Furthermore, our work has demonstrated that, though convolutional neural network could impose high computing demands on a processor, the input data could be obtained with low-cost modules and middleware which are of low processing power while subjecting the actual learning algorithm execution to the cloud system.

Edge and Fog computing paradigms are used to process big data generated by the increasing number of IoT devices. These paradigms have enabled cities to become smarter in various aspects via real-time data-driven applications. While these have addressed some flaws of cloud computing some challenges remain particularly in terms of privacy and security. We create a testbed based on a distributed processing platform called the Information flow of Things (IFoT) middleware. We briefly describe a decentralized traffic speed query and routing service implemented on this framework testbed. We configure the testbed to test countermeasure systems that aim to address the security challenges faced by prior paradigms. Using this testbed, we investigate a novel decentralized anomaly detection approach for time-sensitive distributed smart transportation systems.

The benefits of data distribution to multiple storage platforms with different characteristics have been widely acknowledged. Such systems are more tolerant to outages and bottlenecks and allow for more flexible policies regarding cost reduction, security and workload diversity. To leverage platforms simultaneously additional orchestration steps are needed. Existing approaches either implement such steps in the application's source code, resulting to minimum reusability across applications, or handle them at the infrastructure level. The latter usually involves over-engineering to handle different application behaviors and binds the system to a specific infrastructure. In this paper we present a middle-ware that decouples the I/O path from the application's source code and performs in-transit processing before data lands on the storage platforms. Abstracting the I/O process as a graph of reusable components allows the developers to easily implement complex storage solutions without the burden of writing custom code. Similarly, the administrators can create their own graph that reflects the infrastructure setup and append it to the preceding graph, so that various policies and infrastructure-related changes can be performed transparently to the application. Users can also extend the graph chain to enhance the application's functionality by using plug-ins. Our approach eliminates the need for custom I/O management code and allows for the applications to evolve independently of the storage back-end. To evaluate our system we employed a secure web service scenario that was seamlessly adapted to the changes in its storage back-end.

The EU SoftFIRE project has built an experimentation platform for NFV and SDN experiments, tailored for testing and evaluating 5G network applications and solutions. The platform is a fully orchestrated virtualisation testbed consisting of multiple component testbeds across Europe. Users of the platform can deploy their virtualisation experiments via the platform's Middleware. This paper introduces the SoftFIRE testbed and its Middleware, and presents a set of KPI results for evaluation of experiment deployment performance.

This work presents ChainFS, a middleware system that secures cloud storage services using a minimally trusted Blockchain. ChainFS hardens the cloud-storage security against forking attacks. The ChainFS middleware exposes a file-system interface to end users. Internally, ChainFS stores data files in the cloud and exports minimal and necessary functionalities to the Blockchain for key distribution and file operation logging. We implement the ChainFS system on Ethereum and S3FS and closely integrate it with FUSE clients and Amazon S3 cloud storage. We measure the system performance and demonstrate low overhead.

In current, RFID (Radio Frequency Identification) Middleware is widely used in nearly all RFID applications, and provides service for raw data capturing, security data reading/writing as well as sensors controlling. However, as the existing Middlewares were organized with rigorous data comparison and data encryption, it is seriously affecting the usefulness and execution efficiency. Thus, in order to improve the utilization rate of effective data, increase the reading/writing speed as well as preserving the security of RFID, this paper proposed a PSO (Particle swarm optimization) clustering scheme to accelerate the procedure of data operation. Then with the help of PSO cluster, the RFID Middleware can provide better service for both data security and data availability. At last, a comparative experiment is proposed, which is used to further verify the advantage of our proposed scheme.

Security and protection are among the most squeezing worries that have developed with the Internet. As systems extended and turned out to be more open, security hones moved to guarantee insurance of the consistently developing Internet, its clients, and information. Today, the Internet of Things (IoT) is rising as another sort of system that associates everything to everybody, all over. Subsequently, the edge of resistance for security and protection moves toward becoming smaller on the grounds that a break may prompt vast scale irreversible harm. One element that eases the security concerns is validation. While diverse confirmation plans are utilized as a part of vertical system storehouses, a typical personality and validation plot is expected to address the heterogeneity in IoT and to coordinate the distinctive conventions exhibit in IoT. In this paper, a light weight secure framework is proposed. The proposed framework is analyzed for performance with security mechanism and found to be better over critical parameters.

In the present generation internet plays a major role. The data being sent by the user is created by the things like pc, mobiles, sensors etc. and these data are sent to the cloud system. When a data from the IOT devices are sent to the cloud, there is a question of privacy and security. To provide security for the data well-known security algorithms are used in fog layer and are successful in transferring the data without any damage. Here different techniques used for providing security for IOT data are discussed.

With the prevalence of Internet of Things (IoT) devices and systems, touching almost every single aspect of our modern life, one core factor that will determine whether this technology will succeed, and gain people trust, or fail is security. This technology aimed to facilitate and improve the quality of our life; however, it is hysterical and fast growth makes it an attractive and prime target for a whole variety of hackers posing a significant risk to our technology and IT infrastructures at both enterprise and individual levels. This paper discusses and identifies some critical aspects from software security perspective that need to be addressed and considered when designing IoT applications. This paper mainly concerned with potential security issues of the applications running on IoT devices including insecure interfaces, insecure software, constrained application protocol and middleware security. This effort is part of a funded research project that investigates internet of things (IoT) security and privacy issues related to architecture, connectivity and data collection.

Despite the popularity of wireless sensor networks (WSNs) in a wide range of applications, security problems associated with them have not been completely resolved. Middleware is generally introduced as an intermediate layer between WSNs and the end user to resolve some limitations, but most of the existing middleware is unable to protect data from malicious and unknown attacks during transmission. This paper introduces an intelligent middleware based on an unsupervised learning technique called Generative Adversarial Networks (GANs) algorithm. GANs contain two networks: a generator (G) network and a detector (D) network. The G creates fake data similar to the real samples and combines it with real data from the sensors to confuse the attacker. The D contains multi-layers that have the ability to differentiate between real and fake data. The output intended for this algorithm shows an actual interpretation of the data that is securely communicated through the WSN. The framework is implemented in Python with experiments performed using Keras. Results illustrate that the suggested algorithm not only improves the accuracy of the data but also enhances its security by protecting data from adversaries. Data transmission from the WSN to the end user then becomes much more secure and accurate compared to conventional techniques.

To ensure the accountability of a cloud environment, security policies may be provided as a set of properties to be enforced by cloud providers. However, due to the sheer size of clouds, it can be challenging to provide timely responses to all the requests coming from cloud users at runtime. In this paper, we design and implement a middleware, PERMON, as a pluggable interface to OpenStack for intercepting and verifying the legitimacy of user requests at runtime, while leveraging our previous work on proactive security verification to improve the efficiency. We describe detailed implementation of the middleware and demonstrate its usefulness through a use case.

An information system based on real-time file integrations has an important role in today's organizations' work process management. By connecting to the network, file flow and integration between corporate systems have gained a great significance. In addition, network and security issues have emerged depending on the file structure and transfer processes. Thus, there has become a need for an effective and self-learning anomaly detection module for file transfer processes in order to provide the persistence of integration channels, accountability of transfer logs and data integrity. This paper proposes a novel anomaly detection approach that focuses on file size and integration duration of file transfers between enterprise systems. For this purpose, size and time anomalies on transferring files will be detected by a machine learning-based structure. Later, an alarm system is going to be developed in order to inform the authenticated individuals about the anomalies.

Cloud Computing is the most suitable environment for the collaboration of multiple organizations via its multi-tenancy architecture. However, due to the distributed management of policies within these collaborations, they may contain several anomalies, such as conflicts and redundancies, which may lead to both safety and availability problems. On the other hand, current cloud computing solutions do not offer verification tools to manage access control policies. In this paper, we propose a cloud policy verification service (CPVS), that facilitates to users the management of there own security policies within Openstack cloud environment. Specifically, the proposed cloud service offers a policy verification approach to dynamically choose the adequate policy using Aspect-Oriented Finite State Machines (AO-FSM), where pointcuts and advices are used to adopt Domain-Specific Language (DSL) state machine artifacts. The pointcuts define states' patterns representing anomalies (e.g., conflicts) that may occur in a security policy, while the advices define the actions applied at the selected pointcuts to remove the anomalies. In order to demonstrate the efficiency of our approach, we provide time and space complexities. The approach was implemented as middleware service within Openstack cloud environment. The implementation results show that the middleware can detect and resolve different policy anomalies in an efficient manner.