Benjamin Aziz

Federated Identity and Access Management for the Internet of Things

We examine the use of Federated Identity and Access Management (FIAM) approaches for the Internet of Things (IoT). We look at specific challenges that devices, sensors and actuators have, and look for approaches to address them. OAuth is a widely deployed protocol -- built on top of HTTP -- for applying FIAM to Web systems. We explore the use of OAuth for IoT systems that instead use the lightweight MQTT 3.1 protocol. In order to evaluate this area, we built a prototype that uses OAuth 2.0 to enable access control to information distributed via MQTT. We evaluate the results of this prototyping activity, and assess the strengths and weaknesses of this approach, and the benefits of using the FIAM approaches with IoT and Machine to Machine (M2M) scenarios. Finally we outline areas for further research.

Towards Modelling Obligations in Event-B

We propose a syntactic extension of Event-B incorporating a limited notion of obligation described by triggers. The trigger of an event is the dual of the guard: when a guard is not true, an event must not occur, whereas when a trigger is true, the event must occur. The obligation imposed by a trigger is interpreted as a constraint on when the other events are permitted. For example, the simplest trigger next, which states that the event must be the next one to be executed when the trigger becomes true, is modelled as an extra guard on each of the other events which prohibits their execution at this time. In this paper we describe the modelling of triggers in Event-B, and analyse refinement and abstract scheduling of triggered events.

Controlling Usage in Business Process Workflows through Fine-Grained Security Policies

We propose a language for expressing fine-grained security policies for controlling orchestrated business processes modelled as a BPEL workflow. Our policies are expressed as a process algebra that permits a BPEL activity, denies it or force-terminates it. The outcome is evaluates with compensation contexts. Finally, we give an example of these policies in a distributed map processing scenario such that the policies constrain service interactions in the workflow according to the security requirements of each entity participating in the workflow.

Adaptability in CORBA: the mobile proxy approach

Adaptability is one of the most important challenges in modern distributed systems. It may be defined as the ease with which a software application satisfies the different system constraints and the requirements of users and other applications. Adaptability is needed because distributed systems are inherently open, heterogeneous, and dynamic environments integrating a wide range of platforms, operating systems and applications from a number of different sources. We propose to use mobile proxies to provide adaptability in distributed applications integrated using the CORBA technology. Downloading stubs and skeletons at runtime allows the adaptation of either client or server interfaces as well as the protocol linking the two.

Detecting Man-in-the-Middle Attacks by Precise Timing

Man-in-the-middle attacks are one of the most popular and fundamental attacks on distributed systems that have evolved with advances in distributed computing technologies and have assumed several shapes ranging from simple IP spoofing to complicated attacks on wireless communications, which have safety-critical applications such as remote wireless passport verification. This paper proposes a static analysis algorithm for the detection of man-in-the-middle attacks in mobile processes using a solution based on precise timing.

A Formal Model and Analysis of an IoT Protocol

We present a formal model of the MQ Telemetry Transport version 3.1 protocol based on a timed message-passing process algebra. We explain the modelling choices that we made, including pointing out ambiguities in the original protocol specification, and we carry out a static analysis of the formal protocol model, which is based on an approximation of a name-substitution semantics for algebra. The analysis reveals that the protocol behaves correctly as specified against the first two quality of service modes of operation providing at most once and at least once delivery semantics to the subscribers. However, we find that the third and highest quality of service semantics is prone to error and at best ambiguous in certain aspects of its specification. Finally, we suggest an enhancement of this level of QoS for the protocol.

Web API Management Meets the InternetźofźThings

In this paper we outline the challenges of Web API management in Internet of Things IoT projects. Web API management is a key aspect of service-oriented systems that includes the following elements: metadata publishing, access control and key management, monitoring and monetization of interactions, as well as usage control and throttling. We look at how Web API management principles, including some of the above elements, translate into a world of connected devices IoT. In particular, we present and evaluate a prototype that addresses the issue of managing authentication with millions of insecure low-power devices communicating with non-HTTP protocols. With this first step, we are only beginning to investigate IoT API management, therefore we also discuss necessary future work.

A static analysis of cryptographic processes: the denotational approach

Abstract This paper presents a non-uniform static analysis for detecting the term-substitution property in infinite cryptographic processes specified by the language of the spi calculus. The analysis is fully compositional following the denotational approach throughout. This renders the implementation of the analysis straightforward in functional programming. The results are then used to detect certain security breaches, like information leakage and authenticity breaches. As an example of its applicability, we apply the analysis to the SPLICE/AS protocol and the FTP server.

Fine-Grained Continuous Usage Control of Service Based Grids --- The GridTrust Approach

Access control techniques designed for single domain infrastructures, where users are known by domain administrators, provide considerable liberty in the usage of resources. This paradigm is not suitable for highly scalable and decentralised systems such as Grids and service oriented architectures (SOA), where resources are shared between domains, and users come from remote domains. One approach is to provide policy-driven autonomic solutions that operate a continuous monitoring of the usage of resources by users. This paper presents the services and tools offered by the GridTrust Security Framework (GSF). GSF addresses three layers of the next generation of grid (NGG) architecture: the Grid application layer, the Grid service middleware layer, and the Grid foundation layer. The framework is composed of security and trust services and tools provided at the middleware and Grid foundation middleware layers. Various business case studies are being developed to validate the GridTrust results.

A Semiring-based Quantitative Analysis of Mobile Systems

We present in this paper, semi-@p, an extension of the @p-calculus that allows processes to query quantitative values of different actions and decide based on those values, whether an action is feasible or not. Our measure of quantity is based on the general notion of semirings. Furthermore, we develop a syntax-directed static analysis for the new language, which captures the properties of name substitution and semiring value retrieval. Such properties allow us to solve quantitative constraints controlling synchronisations in the analysed systems. We provide an example of a cost analysis of communications in a simple adaptive routing algorithm.