A framework for self-adaptive networked appliances

Fergus, Paul

January 2005

No description available.

683.830285462

Semantic clustering mechanisms for communication in wireless sensor networks

Bouhafs, Faycal

January 2007

No description available.

681.2

A gateway solution for accessing networking appliances

Muhammad, Arshad

January 2009

No description available.

621.382

Contribution to agents-based negotiation and monitoring of cloud computing service level agreement

Alsrheed, F.

January 2014

Cloud Computing environments are dynamic and open systems, where cloud providers and consumers frequently join and leave the cloud marketplaces. Due to the increasing number of cloud consumers and providers, it is becoming almost impossible to facilitate face to face meetings to negotiate and establish a Service Level Agreement (SLA); thus automated negotiation is needed to establish SLAs between service providers and consumers with no previous knowledge of each other. In this thesis, I propose, an Automated Cloud Service Level Agreement framework (ACSLA). ACSLA is made up of five stages, and the corresponding software agent components: Gathering, Filtering, Negotiation, SLA Agreement and Monitoring. In the Gathering stage all the information about the providers and what they can offer is gathered. In the Filtering stage the customer’s agent will send the request to ACSLA, which will filter all the providers in order to recommend the best matched candidates. In Negotiation stage the customer’s agent will negotiate separately with each candidate provider using different negotiation algorithms, which will be evaluated and for which recommendations and guidelines will be provided. The output of this stage is that the best outcome from the customer’s perspective will be picked up, which will be the agreed value for each parameter in the SLA. In SLA Agreement stage the provider’s agent and the customer‘s agent will be informed about the Agreement, which will be specified in measurable terms. The output of the SLA Agreement stage will be a list of metrics that can be monitored in the Monitoring stage. Customer’s agent and provider’s agent will also negotiate and agree about the penalties and actions will be taken in case the SLA has been violated and unfulfilled. There is a variety of actions that can be taken, like informing both sides, recommending solutions, self-healing and hot-swapping. ACSLA is evaluated using case studies which show its flexibility and effectiveness. ACSAL offers a novel approach to tackle many challenging issues in the current and likely future, cloud computing market. It is the first complete automated framework for cloud SLA. There are many automated negotiation algorithms and protocols, which have been developed over the years in other research areas; establishing functional solutions applicable to the cloud-computing environment is not an easy task. Rubinstein’s Alternating Offers Protocol, also known as the Rubinstein bargaining model, has been investigated for application in automated cloud SLA, and it offers a satisfactory technical solution for this challenging problem. The purpose of this research was also to apply the state of the art in negotiation automated algorithms/agents within a described Cloud Computing SLA framework, to develop new algorithms, and to evaluate and recommend the most appropriate negotiation approach based on many criteria.

004.67

A middleware framework for wireless sensor network

Javed, Huma

January 2007

Advances in wireless and Micro-Electro-Mechanical Systems (MEMS) technology has given birth to a new technology field sensor networks. These new technologies along with pervasive computing have made the dream of a smart environment come true. Sensors being small and capable of sensing, processing and communicating data has opened a whole new era of applications from medicine to military and from indoors to outdoors. Sensor networks although exciting have very limited resources, for example, memory, processing power and bandwidth, with energy being the most precious resource as they are battery operated. However, these amazing devices can collaborate in order to perform a task. Due to these limitations and specific characteristics being application specific and heterogeneous there is a need to devise techniques and software which would utilize the meager resources efficiently keeping in view the unique characteristics of this network. This thesis presents a lightweight, flexible and energy-efficient middleware framework called MidWSeN which combines aspects of queries, events and context of WSN in a single system. It provides a combination of core and optional services which could be adjusted according to the resources available and specific requirements of the application. The availability of multiple copies of services distributed across the network helps in making the system robust. This middleware framework introduces a new Persistent Storage Service which saves data within the sensor network on the nodes for lifetime of the network to provide historical data. A Priority algorithm is being also presented in this thesis to ensure that enough memory is always available. A novel context enhanced aggregation has also been presented in this thesis which aggregates data with respect to context. Application management service (AMS) provides Service optimization within the network is another novel aspect of the proposed framework. To evaluate the functionality of the work presented, different parts of the framework have also been implemented. The tests and results are detailed to prove the ideas presented in the framework. The work has also been evaluated against a set of requirements and compared against existing works to indicate the novel aspects of framework. Finally some ideas are presented for the future works.

621.382

A layered security approach for cooperation enforcement in MANETs

Abbas, Sohail

January 2011

In fully self-organized MANETs, nodes are naturally reluctant to spend their precious resources forwarding other nodes' packets and are therefore liable to exhibit selfish or sometimes malicious behaviour. This selfishness could potentially lead to network partitioning and network performance degradation. Cooperation enforcement schemes, such as reputation and trust based schemes have been proposed to counteract the issue of selfishness. The sole purpose of these schemes is to ensure selfish nodes bear the consequences of their bad actions. However, malicious nodes can exploit mobility and free identities available to breach the security of these systems and escape punishment or detection. Firstly, in the case of mobility, a malicious node can gain benefit even after having been detected by a reputation-based system, by interacting directly with its source or destination nodes. Secondly, since the lack of infrastructure in MANETs does not suit centralized identity management or centralized Trusted Third Parties, nodes can create zero-cost identities without any restrictions. As a result, a selfish node can easily escape the consequences of whatever misbehaviour it has performed by simply changing identity to clear all its bad history, known as whitewashing. Hence, this makes it difficult to hold malicious nodes accountable for their actions. Finally, a malicious node can concurrently create and control more than one virtual identity to launch an attack, called a Sybil attack. In the context of reputation-based schemes, a Sybil attacker can disrupt the detection accuracy by defaming other good nodes, self-promoting itself or exchanging bogus positive recommendations about one of its quarantined identities. This thesis explores two aspects of direct interactions (DIs), i. e. Dis as a selfish nodes' strategy and Dis produced by inappropriate simulation parameters. In the latter case DIs cause confusion in the results evaluation of reputation-based schemes. We propose a method that uses the service contribution and consumption information to discourage selfish nodes that try to increase their benefit through DIs. We also propose methods that categorize nodes' benefits in order to mitigate the confusion caused in the results evaluation. A novel layered security approach is proposed using proactive and reactive paradigms to counteract whitewashing and Sybil attacks. The proactive paradigm is aimed at removing the advantages that whitewashing can provide by enforcing a non-monetary entry fee per new identity, in the form of cooperation in the network. The results show that this method deters these attackers by reducing their benefits in the network. In the reactive case, we propose a lightweight approach to detect new identities of whitewashers and Sybil attackers on the MAC layer using the 802.11 protocol without using any extra hardware. The experiments show that a signal strength based threshold exists which can help us detect Sybil and whitewashers' identities. Through the help of extensive simulations and real-world testbed experimentations, we are able to demonstrate that our proposed solution detects Sybil or whitewashers' new identities with good accuracy and reduces the benefits of malicious activity even in the presence of mobility.

621.382

An integrated framework for ensuring runtime quality in service-oriented systems

Robinson, Daniel

January 2009

As a relatively new software model, there remain many challenges in realising a true service-oriented vision. The service-oriented systems which underpin modern business processes must be able to react to constantly changing environments and business requirements. The quality of a service-oriented system depends not only on the quality of service (QoS) provided by services, but on the interdependencies between services, resource constraints imposed by the runtime environment, and events such as network outages. It is difficult to anticipate the impact that many of these emergent factors will have on the behaviour of the system. The third-party nature of software services also presents the service consumer with limited control over the quality of a system. Existing quality assurance initiatives for service-oriented systems are currently limited in the service quality control they offer the consumer, provide poor support for expressing quality characteristics, provide poor support for quality assurance at runtime, provide poor support for resource-restricted systems, and offer limited scope for integration and customisation to provide an end-to-end quality assurance solution. To address these issues, this thesis presents the development of an integrated quality assurance framework, which combines quality assurance approaches from the service description and selection, service monitoring, service negotiation, and reputation system domains. The approach is illustrated with a series of service-oriented experiments, which evaluate the role of the framework in the system quality assurance process.

005.3

Intelligent student systems : an application of viewpoints to intelligent learning environments

Nichols, David

January 1993

No description available.

370

Enhancing security in public IaaS cloud systems through VM monitoring : a consumer's perspective

Al Said, Taimur

January 2016

Cloud computing is attractive for both consumers and providers to benefit from potential economies of scale in reducing cost of use (for consumers) and operation of infrastructure (for providers). In the IaaS service deployment model of the cloud, consumers can launch their own virtual machines (VMs) on an infrastructure made available by a cloud provider, enabling a number of different applications to be hosted within the VM. The cloud provider generally has full control and access to the VM, providing the potential for a provider to access both VM configuration parameters and the hosted data. Trust between the consumer and the provider is key in this context, and generally assumed to exist. However, relying on this assumption alone can be limiting. We argue that the VM owner must have greater access to operations that are being carried out on their VM by the provider and greater visibility on how this VM and its data are stored and processed in the cloud. In the case where VMs are migrated by the provider to another region, without notifying the owner, this can raise some privacy concerns. Therefore, mechanisms must be in place to ensure that violation of the confidentiality, integrity and SLA does not happen. In this thesis, we present a number of contributions in the field of cloud security which aim at supporting trustworthy cloud computing. We propose monitoring of security-related VM events as a solution to some of the cloud security challenges. Therefore, we present a system design and architecture to monitor security-related VM events in public IaaS cloud systems. To enable the system to achieve focused monitoring, we propose a taxonomy of security-related VM events. The architecture was supported by a prototype implementation of the monitoring tool called: VMInformant, which keeps the user informed and alerted about various events that have taken place on their VM. The tool was evaluated to learn about the performance and storage overheads associated with monitoring such events using CPU and I/O intensive benchmarks. Since events in multiple VMs, belonging to the same owner, may be related, we suggested an architecture of a system, called: Inspector Station, to aggregate and analyse events from multiple VMs. This system enables the consumer: (1) to learn about the overall security status of multiple VMs; (2) to find patterns in the events; and (3) to make informed decisions related to security. To ensure that VMs are not migrated to another region without notifying the owner, we proposed a hybrid approach, which combines multiple metrics to estimate the likelihood of a migration event. The technical aspects in this thesis are backed up by practical experiments to evaluate the approaches in real public IaaS cloud systems, e.g. Amazon AWS and Google Cloud Platform. We argue that having this level of transparency is essential to improve the trust between a cloud consumer and provider, especially in the context of a public cloud system.

004.67

Visual saliency in image quality assessment

Zhang, Wei

January 2017

Advances in image quality assessment have shown the benefits of modelling functional components of the human visual system in image quality metrics. Visual saliency, a crucial aspect of the human visual system, is increasingly investigated recently. Current applications of visual saliency in image quality metrics are limited by our knowledge on the relation between visual saliency and quality perception. Issues regarding how to simulate and integrate visual saliency in image quality metrics remain. This thesis presents psychophysical experiments and computational models relevant to the perceptually-optimised use of visual saliency in image quality metrics. We first systematically validated the capability of computational saliency in improving image quality metrics. Practical guidance regarding how to select suitable saliency models, which image quality metrics can benefit from saliency integration, and how the added value of saliency depends on image distortion type were provided. To better understand the relation between saliency and image quality, an eye-tracking experiment with a reliable experimental methodology was first designed to obtain ground truth fixation data. Significant findings on the interactions between saliency and visual distortion were then discussed. Based on these findings, a saliency integration approach taking into account the impact of distortion on the saliency deployment was proposed. We also devised an algorithm which adaptively incorporate saliency in image quality metrics based on saliency dispersion. Moreover, we further investigated the plausibility of measuring image quality based on the deviation of saliency induced by distortion. An image quality metric based on measuring saliency deviation was devised. This thesis demonstrates that the added value of saliency in image quality metrics can be optimised by taking into account the interactions between saliency and visual distortion. This thesis also demonstrates that the deviation of fixation deployment due to distortion can be used as a proxy for the prediction of image quality.

006.3