237 results found
Sloman M, Lupu EC, 2009, Engineering Policy-Based Ubiquitous Systems, The Computer Journal, ISSN: 1460-2067
Accepted for publication
Zhu Y, Keoh S, Sloman M, et al., 2009, A Lightweight Policy System for Body Sensor Networks, IEEE Transactions on Network and Service Management, Vol: 6, Pages: 137-148, ISSN: 1932-4537
Body sensor networks (BSNs) for healthcare have more stringent security and context adaptation requirements than required in large-scale sensor networks for environment monitoring. Policy-based management enables flexible adaptive behavior by supporting dynamic loading, enabling and disabling of policies without shutting down nodes. This overcomes many of the limitations of sensor operating systems, such as TinyOS, which do not support dynamic modification of code. Alterna- tive schemes for adaptation, such as network programming, have a high communication cost and suffer from operational interruption. In addition, a policy-driven approach enables fine- grained access control through specifying authorization policies. This paper presents the design, implementation and evaluation of an efficient policy system called Finger which enables policy interpretation and enforcement on distributed sensors to support sensor level adaptation and fine-grained access control. It features support for dynamic management of policies, minimization of resources usage, high responsiveness and node autonomy. The policy system is integrated as a TinyOS component, exposing simple, well-defined interfaces which can easily be used by application developers. The system performance in terms of processing latency and resource usage is evaluated.
Schaeffer Filho A, Lupu E, Sloman M, et al., 2009, Verification of Policy-based Self-Managed Cell Interactions Using Alloy, IEEE International Symposium on Policies for Distributed Systems and Networks (Policy), Publisher: IEEE, Pages: 37-40
Self-Managed Cells (SMCs) define an infrastructure for building ubiquitous computing applications. An SMC consists of an autonomous administrative domain based on a policy-driven feedback control-loop. SMCs are able to interact with each other and compose with other SMCs to form larger autonomous components. In this paper we present a formal specification of an SMC's behaviour for the analysis and verification of its operation in collaborations of SMCs. These collaborations typically involve SMCs originated from different administrative authorities, and the definition of a formal model has helped us to verify the correctness of their operation when SMCs are composed or federated.
Schaeffer Filho A, Lupu E, Sloman M, et al., 2009, Verification of Policy-based Self-Managed Cell Interactions Using Alloy
Self-Managed Cells (SMCs) define an infrastructure for building ubiquitous computing applications. An SMC consists of an autonomous administrative domain based on a policy-driven feedback control-loop. SMCs are able to interact with each other and compose with other SMCs to form larger autonomous components. In this paper we present a formal specification of an SMC's behaviour for the analysis and verification of its operation in collaborations of SMCs. These collaborations typically involve SMCs originated from different administrative authorities, and the definition of a formal model has helped us to verify the correctness of their operation when SMCs are composed or federated. The formal specification also enables a better characterisation of the integrity constraints that must be preserved during SMC operation.
Zhu Y, Sloman M, Lupu EC, et al., 2009, Vesta: A Secure and Autonomic System for Pervasive Healthcare, 3rd International Conference on Pervasive Computing Technologies for Healthcare (Pervasive Health 09), Publisher: ICST, Pages: 1-8
The proliferation of low-power wireless communications and handheld devices has facilitated the development of pervasive systems for healthcare applications. This paper describes a body sensor network comprising a personal controller, various biosensors and actuators for pervasive healthcare. Various physiological parameters such as heart rate or blood oxygen level can be continuously monitored. The growing complexity of such systems, however, poses challenges for system management and security. In this paper we present a secure autonomic body sensor network called Vesta which makes use of the extensible architecture pattern of a self managed cell (SMC). A policy-driven management paradigm supports adaptability to contextual changes by applying event-condition-action rules. Fine-grained access control of the system is realized through authorization policies. Experimental evaluation shows that it is viable and practical for real-world pervasive healthcare.
Schaeffer Filho A, Lupu E, Sloman M, 2009, Realising Management and Composition of Self-Managed Cells in Pervasive Healthcare, 3rd International Conference on Pervasive Computing Technologies for Healthcare (PervasiveHealth), Publisher: IEEE, Pages: 1-8
Research in pervasive and autonomic computing focuses on supporting services for pervasive applications, but often ignores how such applications can be realised through the federation of autonomous entities. In this paper we propose a methodology for designing collaborations between autonomous components, using the Self-Managed Cell (SMC) framework. We focus on the structural, task-allocation and communication aspects of management interactions between SMCs. We propose a catalogue of architectural styles for SMC interactions, and a model for combining architectural styles in patterns of interactions that can be enforced by different SMCs in large collaborations. This allows us to specify the management of large-scale systems by composing management functions using architectural styles as building block abstractions. A scenario for a health monitoring application involving a number of SMCs is used throughout the paper to illustrate how complex structures can be thus built.
Twidle K, Lupu E, Sloman M, et al., 2009, Ponder2: A Policy System for Autonomous Pervasive Environments, The Fifth International Conference on Autonomic and Autonomous Systems, Publisher: IEEE
Policies form an important part of management and can be an effective means of implementing self-adaptation in pervasive systems. Most policy-based systems focus on large-scale networks and distributed systems. Consequently, they are often fragmented, dependent on infrastructure and lacking ﬂexibility and extensibility. This paper presents Pon- der2, a novel policy system that is suitable for a wide range of environments and applications. The design and implementation of Ponder2 emphasises simplicity, ﬂexibil- ity and extensibility and provides users with the ability to interact easily with the managed system. Ponder2 can interact with other software and hardware components and is being used in environments ranging from single devices, to personal area networks, ad-hoc networks and distributed systems. We also describe PonderTalk, a high-level object orientated language inspired by Smalltalk for conﬁguring and controlling Ponder2 systems.
Asmare E, Gopalan A, Sloman M, et al., 2009, A Policy Based Management Architecture for Mobile Collaborative Teams, 2009 IEEE International Conference on Pervasive Computing and Communications (PerCom), Publisher: IEEE Computer Society, Pages: 169-174
AbstractùMany missions are deemed dangerous or impractical to perform by humans, but can use collaborating, self-managing Unmanned Autonomous Vehicles (UAVs) which adapt their behaviour to current context, recover from component failure or optimise performance. This paper describes a policy-based distributed self-management framework for both individual and teams of UAVs. We use three levels of specifications ù policy, mission class and mission instance to enable reuse of both policies and mission classes. The architecture has been tested on devices ranging from small laptops to body area networks. Initial evaluation shows the distributed architecture is scalable and outperforms a centralised mission management scheme.
Charalambides M, Flegkas P, Pavlou G, et al., 2009, Policy Conflict Analysis for DiffServ Quality of Service Management, IEEE Transactions on Network and Service Management, Vol: 6, Pages: 15-30, ISSN: 1932-4537
Policy-based management provides the ability to (re-)configure differentiated services networks so that desired Quality of Service (QoS) goals are achieved. This requires implementing network provisioning decisions, performing admission control, and adapting bandwidth allocation to emerging traffic demands. A policy-based approach facilitates flexibility and adaptability as policies can be dynamically changed without modifying the underlying implementation. However, inconsistencies may arise in the policy specification. In this paper we provide a comprehensive set of QoS policies for managing Differentiated Services (DiffServ) networks, and classify the possible conflicts that can arise between them. We demonstrate the use of Event Calculus and formal reasoning for the analysis of both static and dynamic conflicts in a semi-automated fashion. In addition, we present a conflict analysis tool that provides network administrators with a user-friendly environment for determining and resolving potential inconsistencies. The tool has been extensively tested with large numbers of policies over a range of conflict types. © 2009 IEEE.
Bandara AK, Kakas AC, Lupu EC, et al., 2009, Using Argumentation Logic for Firewall Configuration Management, IFIP/IEEE International Symposium on Integrated Network Management (IM 2009), Publisher: IEEE, Pages: 180-+
Corapi D, Ray O, Russo A, et al., 2009, Learning Rules from User Behaviour, 5th IFIP Conference on Artificial Intelligence Applications and Innovations, Publisher: SPRINGER, Pages: 459-+, ISSN: 1571-5736
Ma J, Russo A, Broda K, et al., 2009, Multi-agent Planning with Confidentiality, 8th Int. Conf. on Autonomous Agents and Multi-Agent Systems
Ma J, Russo A, Broda K, et al., 2009, Multi-agent planning with confidentiality., Publisher: IFAAMAS, Pages: 1275-1276
Keoh SL, Lupu EC, Sloman M, 2009, Securing Body Sensor Networks: Sensor Association and Key Management., Publisher: IEEE Computer Society, Pages: 1-6
Keoh SL, Lupu E, Sloman M, 2009, Securing Body Sensor Networks: Sensor Association and Key Management, 7th IEEE International Conference on Pervasive Computing and Communications, Publisher: IEEE, Pages: 87-92
Body Sensor Networks can be used to continuously monitor patients' health. However, secure association of sensors with the patient and key management for providing integrity and confidentiality to the sensor readings are essential. We propose a secure discovery protocol based on the synchronised LED blinking pattern, to enable healthcare workers to authorise the sensor-to-patient association. We also propose a novel key distribution and management scheme that uses keychains to establish group keys for body sensor networks and caters for group key update and re-keying to adapt to membership changes. These protocols have been implemented to demonstrate their feasibility and an initial performance evaluation is presented.
Asmare E, Gopalan A, Sloman M, et al., 2009, A Mission Management Framework for Unmanned Autonomous Vehicles, 2nd International Mobilware Conference, Publisher: SPRINGER, Pages: 222-235, ISSN: 1867-8211
Unmanned Autonomous Vehicles (UAVs) are increasingly deployed for missions that are deemed dangerous or impractical to perform by humans in many military and disaster scenarios. UAVs in a team need to operate in sub-groups or independently to perform specific tasks, but still synchronise state information regularly and cope with intermittent communication failures as well as permanent UAV failures. This paper describes a failure management scheme that copes with failures, which may result in disjoint sub-networks within the team. A communication management protocol is proposed to control UAVs performing disconnected individual operations, while maintaining the team's structure by trying to ensure that all members of the mission rendezvous to communicate at intermittent intervals. The evaluation of the proposed approaches shows that the schemes are scalable and perform significantly better than similar centralised approaches.
Craven R, Lobo J, Lupu E, et al., 2009, Security policy refinement using data integration: a position paper., Publisher: ACM, Pages: 25-28
In spite of the wide adoption of policy-based approaches for security management, and many existing treatments of pol- icy verification and analysis, relatively little attention has been paid to policy refinement: the problem of deriving lower-level, runnable policies from higher-level policies, pol- icy goals, and specifications. In this paper we present our initial ideas on this task, using and adapting concepts from data integration. We take a view of policies as governing the performance of an action on a target by a subject, possibly with certain conditions. Transformation rules are applied to these components of a policy in a structured way, in order to translate the policy into more refined terms; the transfor- mation rules we use are similar to those of ‘global-as-view’ database schema mappings, or to extensions thereof. We illustrate our ideas with an example.
Scalavino E, Gowadia V, Lupu E, 2009, PAES: Policy-Based Authority Evaluation Scheme, 23rd Annual Conference on Data and Applications Security, Publisher: SPRINGER-VERLAG BERLIN, Pages: 268-282, ISSN: 0302-9743
Enterprise Rights Management (ERM) systems aim to protect disseminated data even after it has been sent to remote locations. Existing systems are based on common components, have similar functionalities and often have two shortcomings: a centralised architecture and a lack of concern for the trust and privacy of data recipients. To access the data, recipients must present their credentials to a policy evaluation authority, which they cannot choose and may not trust. Furthermore, recipients may be unable to access the data if their connection is intermittent or if they are off-line. To address these limitations, we propose PAES: a Policy-based Authority Evaluation Scheme, which combines data protection with a distributed policy evaluation protocol. The result allows us to implement the sticky policies paradigm in combination with trust management techniques. This permits distributing policy evaluation over a flexible set of authorities, simultaneously increasing the resilience of policy enforcement.
Craven R, Lobo J, Lupu EC, et al., 2009, Expressive Policy Analysis with Enhanced System Dynamicity, ASIAN ACM Symposium on Information, Computer and Communications Security (ASIACCS 09), Publisher: ACM, Pages: 239-250
Zhu Y, Keoh SL, Sloman M, et al., 2008, An Efficient Policy System for Body Sensor Networks, 14th IEEE International Conference on Parallel and Distributed Systems (ICPADS'08), Publisher: IEEE, Pages: 383-390
Sloman M, Asmare E, Gopalan A, et al., 2008, Adaptive self-management of teams of autonomous vehicles, 6th International Workshop on Middleware for Pervasive and Ad-Hoc Computing, Pages: 1-6
Unmanned Autonomous Vehicles (UAVs) are increasingly deployed for missions that are deemed dangerous or impractical to perform by humans in many military and disaster scenarios. Collaborating UAVs in a team form a Self-Managed Cell (SMC) with at least one commander. UAVs in an SMC may need to operate independently or in sub-groups, out of contact with the commander and the rest of the team in order to perform specific tasks, but must still be able to eventually synchronise state information. The SMC must also cope with intermittent and permanent communication failures as well permanent UAV failures. This paper describes a failure management scheme that copes with both communication link and UAV failures, which may result in temporary disjoint sub-networks within the SMC. A communication management protocol is proposed to control UAVs performing disconnected individual operations, while maintaining the SMC's structure by trying to ensure that all members of the mission regardless of destination or task, can communicate by moving UAVs to act as relays or by allowing the UAVs to rendezvous at intermittent intervals.\r\n
Dulay N, Sloman M, Lupu E, et al., 2008, Secure Distributed Self Management Framework for UXVs, Systems Engineering for Autonomous Systems Defence Technology Centre Conference, 2008
Lupu E, Dulay N, Sloman M, et al., 2008, AMUSE: autonomic management of ubiquitous e-Health systems, CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, Vol: 20, Pages: 277-295, ISSN: 1532-0626
Future e-Health systems will consist of low-power on-body wireless sensors attached to mobile users that interact with an ubiquitous computing environment to monitor the health and well being of patients in hospitals or at home. Patients or health practitioners have very little technical computing expertise so these systems need to be self-configuring and self-managing with little or no user input. More importantly, they should adapt autonomously to changes resulting from user activity, device failure, and the addition or loss of services. We propose the Self-Managed Cell (SMC) as an architectural pattern for all such types of ubiquitous computing applications and use an e-Health application in which on-body sensors are used to monitor a patient living in their home as an exemplar. We describe the services comprising the SMC and discuss cross-SMC interactions as well as the composition of SMCs into larger structures. Copyright (c) 2007 John Wiley & Sons, Ltd.
Barker S, Chadwick D, Crampton J, et al., 2008, Panel session: What are the key challenges in distributed security?, 22nd Annual Conference on Data and Applications Security, Publisher: SPRINGER-VERLAG BERLIN, Pages: 219-221, ISSN: 0302-9743
Twidle K, Lupu E, Dulay N, et al., 2008, Ponder2 - A policy environment for autonomous pervasive systems, IEEE International Workshop on Policies for Distributed Systems and Networks, Publisher: IEEE COMPUTER SOC, Pages: 245-246
Yusuf S, Luk W, Sloman M, et al., 2008, Reconfigurable architecture for network flow analysis, International Conference on Engineering of Reconfigurable Systems and Algorithms, Pages: 57-65
This paper describes a reconfigurable architecture based on field-programmable gate-array (FPGA) technology for monitoring and analyzing network traffic at increasingly high network data rates. Our approach maps the performance-critical tasks of packet classification and flow monitoring into reconfigurable hardware, such that multiple flows can be processed in parallel. We explore the scalability of our system, showing that it can support flows at multi-gigabit rate; this is faster than most software-based solutions where acceptable data rates are typically no more than 100 million bits per second.
Yusuf S, Luk W, Sloman M, et al., 2008, Reconfigurable architecture for network flow analysis, IEEE Transactions on VLSI System, Vol: 16, Pages: 57-65, ISSN: 1063-8210
Schaeffer A, Lupu E, Sloman M, et al., 2008, A role-based infrastructure for the management of dynamic communities, 2nd International Conference on Autonomous Infrastructure, Management and Security, Pages: 1-14
Schaeffer-Filho A, Lupu E, Sloman M, et al., 2008, A Role-Based Infrastructure for the Management of Dynamic Communities, Lecture Notes in Computer Science, Publisher: Springer Berlin Heidelberg, Pages: 1-14, ISBN: 9783540705864
Zhu YM, Keoh SL, Sloman M, et al., 2008, A Policy System to Support Adaptability and Security on Body Sensors, 5th International Summer School and Symposium on Medical Devices and Biosensors, Pages: 97-100
This data is extracted from the Web of Science and reproduced under a licence from Thomson Reuters. You may not copy or re-distribute this data in whole or in part without the written consent of the Science business of Thomson Reuters.