Robson de Oliveira Albuquerque

File Exchange in a Private Cloud Supported by a Trust Model

Cloud computing is being progressively adopted in different business scenarios in order to obtain flexible and reliable computing environments, with several supporting solutions available in the market. Computing systems trust representation have been widely discussed and applied in a lot of information technology scenarios, becoming subject of scientific researches. This paper proposes the development of a trust model to ensure a reliable files exchange among nodes in a private cloud, as well as the calculation process of trust among them, according to the established metrics. The simulation result using CloudSim framework shows the effectiveness of the model in selecting more reliable node in private cloud.

A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things

Concerns about security on Internet of Things (IoT) cover data privacy and integrity, access control, and availability. IoT abuse in distributed denial of service attacks is a major issue, as typical IoT devices’ limited computing, communications, and power resources are prioritized in implementing functionality rather than security features. Incidents involving attacks have been reported, but without clear characterization and evaluation of threats and impacts. The main purpose of this work is to methodically assess the possible impacts of a specific class–amplified reflection distributed denial of service attacks (AR-DDoS)–against IoT. The novel approach used to empirically examine the threat represented by running the attack over a controlled environment, with IoT devices, considered the perspective of an attacker. The methodology used in tests includes that perspective, and actively prospects vulnerabilities in computer systems. This methodology defines standardized procedures for tool-independent vulnerability assessment based on strategy, and the decision flows during execution of penetration tests (pentests). After validation in different scenarios, the methodology was applied in amplified reflection distributed denial of service (AR-DDoS) attack threat assessment. Results show that, according to attack intensity, AR-DDoS saturates reflector infrastructure. Therefore, concerns about AR-DDoS are founded, but expected impact on abused IoT infrastructure and devices will be possibly as hard as on final victims.

Leveraging information security and computational trust for cybersecurity

Cybersecurity has an enormous impact in modern society, since almost everything in our day-to-day activities depends on some information and communication technology that is prone to some form of threat. This paper argues that cybersecurity depends on the combined effect of information security measures together with explicit trust verification that these measures are operational and effective. In this sense, this paper provides a view of information treatments related to trust and information security and discusses how together they can counter advanced persistent threats and exploits that now plague the cyberspace.

GTrust: Group Extension for Trust Models in Distributed Systems

This paper proposes and describes a trust model for distributed systems based on groups of peers. A group is defined as a collection of entities with particular affinities and capabilities. All entities may have a trust and a reputation value of each other in the system. In many cases it may be necessary to trust the whole system instead of one particular entity. In such cases group trust represents the trust of their particular members. To achieve this, this paper presents a group trust calculation model. We implemented the proposed model in a P2P simulation tool and presented main results for group trust calculation.

Virtualization with automated services catalog for providing integrated information technology infrastructure

This paper proposes a service catalog service integrated with virtualized systems aiming at the possibility of raising and automating the availability in an IT (Information Technology) infrastructure. This paper demonstrates that aligning the server virtualization concepts and infrastructure management tools is possible to have gains in time and costs when compared to systems without automated service catalog. The main results presented illustrates that the use of a virtualized environment, with a standard services catalog and specific tools for infrastructure management, provides a time saving, reducing the request interval to a new server from several days to a few hours.

A layered trust information security architecture

Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed.

Towards establishing trust in manet:An integrated approach for auto-configuration,Authentication and certification

In this paper, we discuss open issues regarding certification, auto-configuration and authentication of routing messages for mobile ad-hoc networks (MANET). We describe and discuss existing models for these operations and highlight their specific problems. Considering routing protocols usage, we propose new solutions based on protocol modifications and distributed certifications that can be integrated to establish trust relationships for MANET operation and utilization.

Security Architecture and Protocol for Trust Verifications Regarding the Integrity of Files Stored in Cloud Services

Cloud computing is considered an interesting paradigm due to its scalability, availability and virtually unlimited storage capacity. However, it is challenging to organize a cloud storage service (CSS) that is safe from the client point-of-view and to implement this CSS in public clouds since it is not advisable to blindly consider this configuration as fully trustworthy. Ideally, owners of large amounts of data should trust their data to be in the cloud for a long period of time, without the burden of keeping copies of the original data, nor of accessing the whole content for verifications regarding data preservation. Due to these requirements, integrity, availability, privacy and trust are still challenging issues for the adoption of cloud storage services, especially when losing or leaking information can bring significant damage, be it legal or business-related. With such concerns in mind, this paper proposes an architecture for periodically monitoring both the information stored in the cloud and the service provider behavior. The architecture operates with a proposed protocol based on trust and encryption concepts to ensure cloud data integrity without compromising confidentiality and without overloading storage services. Extensive tests and simulations of the proposed architecture and protocol validate their functional behavior and performance.

Distributed Data Service for Data Management in Internet of Things Middleware

The development of the Internet of Things (IoT) is closely related to a considerable increase in the number and variety of devices connected to the Internet. Sensors have become a regular component of our environment, as well as smart phones and other devices that continuously collect data about our lives even without our intervention. With such connected devices, a broad range of applications has been developed and deployed, including those dealing with massive volumes of data. In this paper, we introduce a Distributed Data Service (DDS) to collect and process data for IoT environments. One central goal of this DDS is to enable multiple and distinct IoT middleware systems to share common data services from a loosely-coupled provider. In this context, we propose a new specification of functionalities for a DDS and the conception of the corresponding techniques for collecting, filtering and storing data conveniently and efficiently in this environment. Another contribution is a data aggregation component that is proposed to support efficient real-time data querying. To validate its data collecting and querying functionalities and performance, the proposed DDS is evaluated in two case studies regarding a simulated smart home system, the first case devoted to evaluating data collection and aggregation when the DDS is interacting with the UIoT middleware, and the second aimed at comparing the DDS data collection with this same functionality implemented within the Kaa middleware.

A Proposed Protocol for Periodic Monitoring of Cloud Storage Services Using Trust and Encryption

The advantages of using cloud computing include scalability, availability and a virtually ‘unlimited’ storage capacity. However, it is challenging to build storage services that are at the same time safe from the customer point-of-view and that run in public cloud infrastructures managed by service providers that can not be fully considered trustworthy. Owners of large amounts of data have to keep their data in the cloud for a long period of time without the need to keep copies of the original data or to access it. In such cases, questions of Integrity, availability, privacy and trust are still challenges in the adoption of Cloud Storage Services to ensure security, especially when losing or leaking information can bring significant damage, be it legal or business-related. With such concerns in mind, this paper proposes a protocol to monitor the information stored in the cloud and the behaviour of contracted storage services periodically. The proposed protocol, which is based on trust and encryption, is validated by analysis and simulation that demonstrate its utilization of computing resources compared to its results regarding cloud storage protection that are achieved over time.