The ongoing collaboration with the Maritime Division of Defence and Science Technology Group (DST) has resulted in another very useful piece of work that we are very glad to share through this blog. We have been conducting a series of Research and Development (R&D) projects with the same group in the Maritime Division of DST for evaluating technological solutions for building secure and scalable private clouds for mission critical systems. Given the increasing adopting of containerised solutions, our collaborators were interested in evaluating Docker for secure and scale private cloud – that means both security and scalability are the key quality attributes for their domain. Ben Ramsey from my team led the efforts of carrying out this work that has resulted in a detailed technical report. We believe that this technical report will be very useful for anyone interested in knowing about the security and scalability aspects of container technologies like Docker when used for building a private cloud infrastructure. Here is the report titled, Evaluating Docker for Secure and Scalable Private Cloud with Container Technologies, and the abstract has been copied from the report below:Read More »Evaluating Docker for Secure and Scalable Private Cloud with Container Technologies
With the increasing trend of adopting containerised solution for cloud-based infrastructures, it is becoming increasingly important to pay appropriate attention to the security risks that usually characterise virtualised solutions using container technologies such as Docker. We have recently finished another successful project with our collaborators from Defence Science and Technology Group (DST). This project was focused on identifing and understanding the isolation mechanisms used for containerised technologies. We are glad to share the technical report on this topic with those who are interested in building and operating containerised security-sensitive private cloud. The title of the report is, Understanding Container Isolation Mechanisms for Building Security-Sensitive Private Cloud, and abstract of the report has been copied from the report below for ease of access. This project has been carried out with Ben Ramsey. Read More »Understanding Container Isolation Mechanisms for Security-Sensitive Private Cloud
Internet of Things (IoT) have emerged a popular technology that underpinning several innovative products and services. Internet of Everything (IoE) or Web of Things (WoT) are real or virtual networks of things (or services) that can be meaningfully quarried or combined in order to build and provide different types of services. Recently, we have a book chapter, Using Reference Architecture for Design and Evaluation of Web of Things Systems, has been included a newly published book, Managing the Web of Things: Linking the Real World to the Web, edited by Michael Sheng, Yongrui Qin, Lina Yao, and Boualem Benatallah. The abstract of our book chapter is below as it may interest to some of the readers. The book chapter provides a methodological approach and technical details about applying a reference architectures to support the design and evaluation of Web of Things Systems. The research involved students from a software architecture course offered at the IT University of Copenhagen, Denmark. The abstract of the chapter is below:
We have been developing and maturing a state of the art infrastructure for providing tools as a service. Our work has resulted in a reference architecture provides meta-models, Ontologies, quality attributes, and implementation of an instantiated cloud-based infrastructure for providing tools as a service. Recently, we have published a compressive piece of work in a journal article, titled, A Reference Architecture for provisioning of Tools as a Service: Meta-model, Ontologies and Design Elements, in the journal of Future Generation of Computer Systems. We believe that this piece of work has a great potential for further extension and development for providing tools as a service in multiple engineering domains. The theoretical foundations and practical design techniques developed for this particular piece of work have significant contribution to the body of knowledge on reference architectures for tools as a service. The following abstract of the paper can provide some details about the paper for stimulating the interests of the relevant readers. We are quite keen to receive enquiries for the infrastructure use and collaboration on extending and modifying the infrastructure.Read More »A Reference Architecture for provisioning of Tools as a Service
Container technologies, particularly Docker Engine, have been gaining significant popularity and adoption for building development and operational virtualised infrastructures. An increasing number of cloud technologies have started integrating container technologies into their platforms. While the performance and scalability advantages of containers are well known, there have been a number of concerns about the security of container-based solutions.
Through our ongoing collaboration with Defence Science and Technology Group we have just completed a project focused on extensively studying and analysing security of container technology, Docker. This project involved several other strategically important evaluative milestones about which I’ll write separately. Here is the report on security analysis of Docker for building private cloud. A few key points of this report are: Read More »Learning from a Detailed Security Analysis of Containerised Technologies
Smart Cities initiatives can mean different things to different people and solutions providers. However, there is no doubt that a smart city solution should not only focus on providing the core service but should also contribute to the safety of the users of a service. That is why quite a lot of smart cities solutions are being presented from safety perspective as well – smart cities ought to be safer cities. I was honoured to be invited to present our initiative on Smart Cities R&D and innovation at an event co-organised by NEC and IDC – the event was titled, “Smarter and Safer Society – How ICT makes Government and Enterprise work smarter ”. It was a great get together where different speakers and panelists were enthusiastically presenting their visions, understanding, and observations about smart cities initiatives and solutions. I really enjoyed the talks, dialogues between panelist and audience. I spoke about our initiative on setting up an interdisciplinary centre for research, development, and innovation that can lead to citizen-inspired socio-technical solutions for making a city smarter. Here are the presentation that I used for supporting the talk and following is the abstract of my talk.
Read More »Talk at NEC & IDC Event on Smarter and Safer Societies
We have been expanding our research on engineering systems with/for Cloud based infrastructures. One of the key challenges of engineering cloud-based systems is designing and evaluating appropriate architectures. Being a relatively new area, knowledge about designing and evaluating cloud-based systems is scarce and but growing. We observed the need of systematically identifying and synthesizing the knowledge about the architectural challenges and solutions for cloud-based systems. For this goal, we used systematic literature review, a well known method of Evidence Based Software Engineering.
I am very glad to share that after several months rigours and tireless efforts, we have published our work in a premier Software Engineering journal, Software: Practice and Experience. The paper can be found on this link and the abstract of the paper is below:Read More »Systemization of Knowledge about Architecting Cloud-Based Systems
Socio-technical systems underpinning smart and connected cities are good examples of systems of systems – where each constituent system act and behave independents but these systems are connected with each other and provide each other different services. Security is one of the key aspects of systems of systems, e.g., smart city systems or smart campus systems. It is extremely complex and challenging undertaking to model and analyse a secure systems of systems. Model Driven Engineering (MDE) is expected to bring much needed support to bring effectiveness and efficiency in terms of automating some of the tedious and error-prone tasks. To support a MDE approach to secure smart cities systems, we need appropriate meta-models and suitable tools that can convert the meta-models in graphical editors that can support the modelling and analysis of secure smart cities applications. In collaboration with researchers from France, we have been working on a project aimed at developing graphical editors and model cases of secure systems in a smart cities, or smart campus. Apart from senior researchers from Adelaide and France, Zi Yang Pang has been working on summer scholarship on this project. The project has the following goals and scope and we are hoping to apply the meta-model language for secure smart cities systems very soon and afterwards we plan to extend the tools to provide end-to-end support. Read More »Smart Campus: Model Driven Security for Systems of Systems
Following on the successful completion of our collaborative project on building and evaluating private cloud for defence systems, our second project is on building and evaluating secure and scalable private cloud using container technologies. For our projects, we use Openstack software for private cloud and its related technologies. For evaluating the security and scalability of private cloud infrastructure built using container technologies such as Docker.
This project has been partly motivated by the increasing popularity of contain technologies for virtualization and building private cloud as the container technologies, for example Docker, offer lightweight solutions that can be easily ported to other infrastructures if required, require minimal resources, and instantly spawn a new instance whoever required.Read More »Secure and Scalable Private Cloud for Defence Systems
While the perceived and real technical and soio-technical concerns about public cloud solutions may be discouraging many organizations from migrating and/or using public clouds, many organizations are resorting to solutions involving private and community clouds. The increasing trend of private clouds is also making inroads into academic circles where a large amount of data may have very specific privacy and security constraints. However, a large number of academic environments, especially individuals and small teams of researchers, are unlikely to have the required knowledge, skills, and time to fully understand and appropriately address the selection of appropriate hardware and software, and configuration and deployment challenges. In order to provide such a guideline, we decided to carry out a project aimed at building a private cloud using open source solutions like Eucalyptus and OpenNebula. The key objective of this project was to develop a reference guide for designing and implementing a private cloud using open source software, and the focus was primarily on practical aspects concerning design, installation and implementation. The project was carried out by Zoran Pantic under my supervision. Zoran, being an IT professional, leveraged his huge amount of IT infrastructure knowledge and skills to build a private cloud that we plan to use and extend for our research and education on cloud computing. Zoran and I plan to further refine and publish the guidelines from the project report he has written. If you are interested in getting the report in its current form, please write to us.Read More »Building a private cloud for an academic environment