Publications
189 results found
Russello G, Dulay N, 2009, xDUCON: Coordinating Usage Control Policies in Distributed Domains, 3rd International Conference on Network and System Security, Publisher: IEEE, Pages: 246-+
- Author Web Link
- Cite
- Citations: 4
Asmare E, Gopalan A, Sloman M, et al., 2009, A Mission Management Framework for Unmanned Autonomous Vehicles, 2nd International Mobilware Conference, Publisher: SPRINGER, Pages: 222-235, ISSN: 1867-8211
Unmanned Autonomous Vehicles (UAVs) are increasingly deployed for missions that are deemed dangerous or impractical to perform by humans in many military and disaster scenarios. UAVs in a team need to operate in sub-groups or independently to perform specific tasks, but still synchronise state information regularly and cope with intermittent communication failures as well as permanent UAV failures. This paper describes a failure management scheme that copes with failures, which may result in disjoint sub-networks within the team. A communication management protocol is proposed to control UAVs performing disconnected individual operations, while maintaining the team's structure by trying to ensure that all members of the mission rendezvous to communicate at intermittent intervals. The evaluation of the proposed approaches shows that the schemes are scalable and perform significantly better than similar centralised approaches.
Dulay N, Choujaa D, 2008, TRAc'ME: Temporal Activity Recognition Using Mobile Phone Data, Intl Conf on Embedded and Ubiquitous Computing
Sloman M, Asmare E, Gopalan A, et al., 2008, Adaptive self-management of teams of autonomous vehicles, 6th International Workshop on Middleware for Pervasive and Ad-Hoc Computing, Pages: 1-6
Unmanned Autonomous Vehicles (UAVs) are increasingly deployed for missions that are deemed dangerous or impractical to perform by humans in many military and disaster scenarios. Collaborating UAVs in a team form a Self-Managed Cell (SMC) with at least one commander. UAVs in an SMC may need to operate independently or in sub-groups, out of contact with the commander and the rest of the team in order to perform specific tasks, but must still be able to eventually synchronise state information. The SMC must also cope with intermittent and permanent communication failures as well permanent UAV failures. This paper describes a failure management scheme that copes with both communication link and UAV failures, which may result in temporary disjoint sub-networks within the SMC. A communication management protocol is proposed to control UAVs performing disconnected individual operations, while maintaining the SMC's structure by trying to ensure that all members of the mission regardless of destination or task, can communicate by moving UAVs to act as relays or by allowing the UAVs to rendezvous at intermittent intervals.\r\n
Zhu Y, Keoh SL, Sloman M, et al., 2008, An Efficient Policy System for Body Sensor Networks, 14th IEEE International Conference on Parallel and Distributed Systems (ICPADS'08), Publisher: IEEE, Pages: 383-390
Dulay N, Choujaa D, 2008, Towards Context-aware Face Anonymisation, 7th International ACM Conference on Mobile and Ubiquitous Multimedia
Dulay N, Choujaa D, 2008, Using Screenplays as a Source of Context Data, 2nd ACM Workshop on Story Representation, Mechanism and Context
Russello G, Dulay N, Chaudron M, et al., 2008, GSpace: An Architectural Approach for Self-Managing Extra-Functional Concerns \r\n\r\n, Workshop on Autonomous & Autonomic Software-based Systems
Herrmann K, Rothermel K, Kortuem G, et al., 2008, Adaptable Pervasive Flows û An Emerging Technology for Pervasive Adaptation, Workshop on Pervasive Adaptation (PerAda)
Dulay N, Sloman M, Lupu E, et al., 2008, Secure Distributed Self Management Framework for UXVs, Systems Engineering for Autonomous Systems Defence Technology Centre Conference, 2008
Russello G, Dong C, Dulay N, 2008, A Consent-based Workflow System for Healthcare Systems, Policies for Distributed Systems and Networks (Policy 2008)
Lupu E, Dulay N, Sloman M, et al., 2008, AMUSE: autonomic management of ubiquitous e-Health systems, CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, Vol: 20, Pages: 277-295, ISSN: 1532-0626
Future e-Health systems will consist of low-power on-body wireless sensors attached to mobile users that interact with an ubiquitous computing environment to monitor the health and well being of patients in hospitals or at home. Patients or health practitioners have very little technical computing expertise so these systems need to be self-configuring and self-managing with little or no user input. More importantly, they should adapt autonomously to changes resulting from user activity, device failure, and the addition or loss of services. We propose the Self-Managed Cell (SMC) as an architectural pattern for all such types of ubiquitous computing applications and use an e-Health application in which on-body sensors are used to monitor a patient living in their home as an exemplar. We describe the services comprising the SMC and discuss cross-SMC interactions as well as the composition of SMCs into larger structures. Copyright (c) 2007 John Wiley & Sons, Ltd.
Russello G, Dulay N, Dong C, 2008, A Workflow-based Access Control Framework for Healthcare Applications, 4th International Symposium on Frontiers in Networking with Applications
Dong C, Russello G, Dulay N, 2008, Flexible resolution of authorisation conflicts in distributed systems, Pages: 95-108, ISSN: 0302-9743
Managing security in distributed systems requires flexible and expressive authorisation models with support for conflict resolution. Models need to be hierarchical but also non-monotonic supporting both positive and negative authorisations. In this paper, we present an approach to resolve the authorisation conflicts that inevitably occur in such models, with administrator specified conflict resolution strategies (rules). Strategies can be global or applied to specific parts of a system and dynamically loaded for different applications. We use Courteous Logic Programs (CLP) for the specification and enforcement of strategies. Authorisation policies are translated into labelled rules in CLP and prioritised. The prioritisation is regulated by simple override rules specified or selected by administrators. We demonstrate the capabilities of the approach by expressing the conflict resolution strategy for a moderately complex authorisation model that organises subjects and objects hierarchically. © 2008 Springer-Verlag.
Yusuf S, Luk W, Sloman M, et al., 2008, Reconfigurable architecture for network flow analysis, IEEE Transactions on VLSI System, Vol: 16, Pages: 57-65, ISSN: 1063-8210
Yusuf S, Luk W, Sloman M, et al., 2008, Reconfigurable architecture for network flow analysis, International Conference on Engineering of Reconfigurable Systems and Algorithms, Pages: 57-65
This paper describes a reconfigurable architecture based on field-programmable gate-array (FPGA) technology for monitoring and analyzing network traffic at increasingly high network data rates. Our approach maps the performance-critical tasks of packet classification and flow monitoring into reconfigurable hardware, such that multiple flows can be processed in parallel. We explore the scalability of our system, showing that it can support flows at multi-gigabit rate; this is faster than most software-based solutions where acceptable data rates are typically no more than 100 million bits per second.
Mostarda L, Dong C, Dulay N, 2008, Place and time authentication of cultural assets, IFIPTM 2008/Joint iTrust and PST Conference on Privacy, Trust Management and Security, Publisher: SPRINGER, Pages: 279-294, ISSN: 1868-4238
Russello G, Dong C, Dulay N, et al., 2008, Encrypted Shared Data Spaces, 10th International Conference on Coordination Models and Languages (COORDINATION 2008), Publisher: SPRINGER-VERLAG BERLIN, Pages: 264-+, ISSN: 0302-9743
- Author Web Link
- Cite
- Citations: 1
Russello G, Dulay N, Dong C, 2008, Capturing Patient Consent in Pervasive Healthcare Applications
Dong C, Russello G, Dulay N, 2008, Shared and searchable encrypted data for untrusted servers, 22nd Annual Conference on Data and Applications Security, Publisher: SPRINGER-VERLAG BERLIN, Pages: 127-143, ISSN: 0302-9743
- Author Web Link
- Cite
- Citations: 67
Thing VLL, Sloman M, Dulay N, 2008, Network domain entrypoint/path determination for DDoS attacks, IEEE Network Operations and Management Symposium, Pages: 57-64
A method to determine entry points and paths of DDoS attack traffic flows into network domains is proposed. We determine valid source addresses seen by routers from sampled traffic under non-attack conditions. Under attack conditions, we detect route anomalies by determining which routers have been used for unknown source addresses to construct the attack paths. We show results from simulations to detect the routers carrying attack traffic in the victim's network domain. Our approach is non-intrusive, not requiring any changes to the Internet routers and data packets. Precise information regarding the attack is not required allowing a wide variety of DDoS attack detection techniques to be used. The victim is also relieved from the traceback task during an attack. Our algorithm is simple and efficient, allowing for a fast traceback and the method is scalable due to the distribution of processing workload.
Dong C, Russello G, Dulay N, 2008, Flexible Resolution of Authorisation Conflicts in Distributed Systems, 19th IFIP/IEEE International Workshop on Distributed Systems - Operations and Management, Publisher: SPRINGER-VERLAG BERLIN, Pages: 95-108, ISSN: 0302-9743
- Author Web Link
- Cite
- Citations: 2
Russello G, Mostarda L, Dulay N, 2008, ESCAPE: A Component-Based Policy Framework for Sense and React Applications, 11th International Symposium on Component-Based Software Engineering, Publisher: SPRINGER-VERLAG BERLIN, Pages: 212-229, ISSN: 0302-9743
- Author Web Link
- Cite
- Citations: 9
Russello G, Dong C, Dulay N, 2008, Consent-based workflows for healthcare management, IEEE International Workshop on Policies for Distributed Systems and Networks, Publisher: IEEE COMPUTER SOC, Pages: 153-161
- Author Web Link
- Cite
- Citations: 8
Twidle K, Lupu E, Dulay N, et al., 2008, Ponder2 - A policy environment for autonomous pervasive systems, IEEE International Workshop on Policies for Distributed Systems and Networks, Publisher: IEEE COMPUTER SOC, Pages: 245-246
- Author Web Link
- Open Access Link
- Cite
- Citations: 33
Zhu YM, Keoh SL, Sloman M, et al., 2008, Finger: An Efficient Policy System for Body Sensor Networks, 5th IEEE International Conference on Mobile Ad-Hoc and Sensor Systems, Publisher: IEEE, Pages: 428-433
Body sensor networks (BSNs) for healthcare put more emphasis on security and adaptation to changes in context and application requirement. Policy-based management enables flexible adaptive behaviour by supporting dynamic loading, enabling and disabling of policies without shutting down nodes. This overcomes many of the limitations of sensor operating systems, such as TinyOS, which do not support dynamic modification of code. Alternative schemes for network adaptation, such as networking programming, suffer from high communication cost and operational interruption. In addition, the policy-driven approach enables fine-grained access control through specifying authorization policies. This paper presents an efficient policy system called Finger which enables policy interpretation and enforcement on distributed sensors to support sensor level adaptation and fine-grained access control. It features support for dynamic management of policies, minimization of resources usage, high responsiveness and node autonomy. The policy system is integrated as a TinyOS component, exposing simple, well-defined interfaces which can easily be used by application developers. The system performance in terms of processing latency and resource usage is evaluated.
Zhu YM, Keoh SL, Sloman M, et al., 2008, A Policy System to Support Adaptability and Security on Body Sensors, 5th International Summer School and Symposium on Medical Devices and Biosensors, Pages: 97-100
Russello G, Dulay N, Dong C, 2008, Personalizing Situated Workflows for Pervasive Healthcare Applications, 2nd International Conference on Pervasive Computing Technologies for Healthcare (PervasiveHealth 2008)
Thing V, Sloman M, Dulay N, 2007, Enhanced TCP SYN Attack Detection, IEEE Workshop on Monitoring Attack Detection and Mitigation (MonAM 2007)
Bandara A, Damianou N, Lupu EC, et al., 2007, Policy Based Management, Handbook of Network and System Administration, Editors: Burgess, Bergstra, Publisher: Elsevier, ISBN: 978-0-444-52198-9
This chapter surveys the available specification approaches for security, management, and enterprise collaboration policies. Policies are rules governing the choices in behavior of a system. They are often used as a means of implementing flexible and adaptive systems for management of Internet services, distributed systems, and security systems. There is also a need for a common specification of security policy for large-scale, multi-organizational systems, where access control is implemented in a variety of heterogeneous components. Policy-based approaches to systems management are gaining widespread interest because they allow the separation of the rules that govern the behavioral choices of a system from the functionality provided by that system. This means that it is possible to adapt the behavior of a system without the need to recode any of the underlying functionality; and changes can be applied without the need to stop and restart the system. Such features provide system administrators with the capability to manage systems in a very flexible manner. A common theme across the policy specification notations presented here is that they are focused in a single functional area-routing, access control, or management, not a combination of them. At present, authorizations and event-condition-action rules are the predominant paradigms used in policy-based management, although the latter come in slightly different flavors. Implementation platforms have slowly matured in recent years and increasing work focuses on formal analysis and refinement of policies.
This data is extracted from the Web of Science and reproduced under a licence from Thomson Reuters. You may not copy or re-distribute this data in whole or in part without the written consent of the Science business of Thomson Reuters.