Skip to content

Cloud Computing

Posts related to Cloud computing paradigm will be classified under this category.

Design Space for Cyber Security Analytical Systems

Cyber Security infrastructures are increasingly relying on big data technologies for capturing, storing, and analyzing huge amount of security events data. Designing and evolving systems that can effectively and efficiently combine big data technologies and cybersecurity are hugely challenging undertakings. Whilst the knowledge for designing cyber security analytics systems has increasing for sometime, there was no consolidated piece of work on design mechanisms, also called tactics, for architecting big data cyber security analytics systems – very proud to share that our recent effort has attempted to fill that gap by providing a consolidated piece of knowledge about the quality attributes considered important for cyber security analytics systems and architectural tactics can help achieve the desired set of quality attributes – such a consolidated knowledge about any aspect of software  design is called Design Space – ours is a design space for cyber security analytics systems. This work has recently been accepted for publication in one of the top quality journal of software systems, Journal of Systems and Software. We will be happy to provide a copy of the article on request and following is the abstract of the article. Read More »Design Space for Cyber Security Analytical Systems

Adaptive Architectures for Cyber Security Analytics Systems

It is becoming quite hard to imagine software systems that wouldn’t need adaptation as part of their runtime requirements. With the increasing demand for adaptivity by design, the knowledge and skills in this area are lagging far behind. Cyber Analytics systems are a new breed of systems that combine big data technologies and cyber security systems for capturing, manning, and analyzing cyber security events data. Such systems need to be adaptive for supporting real-time analysis of the security events data. Our research has been focused on this important area for sometime and now we have started reporting the results of our work. Recently, one of our articles on this topic has been accepted in a prestigious software architecture conference, International Conference on Software Architecture, which will be held in Hamburg. Following is the abstract of the article and if it interests to you, please feel free to ask for a copy. Read More »Adaptive Architectures for Cyber Security Analytics Systems

Our New Work on Self-Adaptive Security for large-scale Open Environments

We are continuously progressing on the plan for strengthening our capabilities in Cyber Security. To achieve this goal, we have been not only building internal capabilities but also forming and leveraging strategic collaborations. Out of one of our recent collaborations, with Giannis and Rami, in the areas of Cyber Security has resulted a high quality piece of work that has been accepted in a highly profile journal, ACM Computing Survey. The abstract of this paper is below and can provide some useful insights to the potential readers of this work. We are hoping that this piece of work will lead to systematic classification and comparison of architectural level Cyber Security Solutions and develop and evaluate new techniques, approaches, and tools for designing and evaluating security centric large scale distributed systems. Below is the abstract from the paper.Read More »Our New Work on Self-Adaptive Security for large-scale Open Environments

Data Exfiltration: External Attack Vectors and Countermeasures

With regards to our work on Cyber Security, we have recently successfully completed a collaborative piece fo work with researchers from Security Lancaster, University of Lancaster, UK. Our collaborative work was focused on identifying and understanding Data Exfiltration: External Vectors and Countermeasures and has been accepted in Journal of Network and Computer Applications with the following title and abstract. The pieces of paper provide an extensive literature review that is expected to be leveraged for understanding the key external attack vectors and the countermeasures and the areas for future research.

“Data Exfiltration: A Review of External Attack Vectors and Countermeasures”Read More »Data Exfiltration: External Attack Vectors and Countermeasures

Evaluating Docker for Secure and Scalable Private Cloud with Container Technologies

The ongoing collaboration with the Maritime Division of Defence and Science Technology Group (DST) has resulted in another very useful piece of work that we are very glad to share through this blog. We have been conducting a series of Research and Development (R&D) projects with the same group in the Maritime Division of DST for evaluating technological solutions for building secure and scalable private clouds for mission critical systems. Given the increasing adopting of containerised solutions, our collaborators were interested in evaluating Docker for secure and scale private cloud – that means both security and scalability are the key quality attributes for their domain. Ben Ramsey from my team led the efforts of carrying out this work that has resulted in a detailed technical report. We believe that this technical report will be very useful for anyone interested in knowing about the security and scalability aspects of container technologies like Docker when used for building a private cloud infrastructure. Here is the report titled, Evaluating Docker for Secure and Scalable Private Cloud with Container Technologies, and the abstract has been copied from the report below:Read More »Evaluating Docker for Secure and Scalable Private Cloud with Container Technologies

Understanding Container Isolation Mechanisms for Security-Sensitive Private Cloud

With the increasing trend of adopting containerised solution for cloud-based infrastructures, it is becoming increasingly important to pay appropriate attention to the security risks that usually characterise virtualised solutions using container technologies such as Docker. We have recently finished another successful project with our collaborators from Defence Science and Technology Group (DST). This project was focused on identifing and understanding the isolation mechanisms used for containerised technologies. We are glad to share the technical report on this topic with those who are interested in building and operating containerised security-sensitive private cloud. The title of the report is, Understanding Container Isolation Mechanisms for Building Security-Sensitive Private Cloud, and abstract of the report has been copied from the report below for ease of access. This project has been carried out with Ben Ramsey. Read More »Understanding Container Isolation Mechanisms for Security-Sensitive Private Cloud

An Approach to Designing and Evaluating Web of Things (WoT) Systems

Internet of Things (IoT) have emerged a popular technology that underpinning several innovative products and services. Internet of Everything (IoE) or Web of Things (WoT) are real or virtual networks of things (or services) that can be meaningfully quarried or combined in order to build and provide different types of services. Recently, we have a book chapter, Using Reference Architecture for Design and Evaluation of Web of Things Systems, has been included a newly published book, Managing the Web of Things: Linking the Real World to the Web, edited by Michael Sheng, Yongrui Qin, Lina Yao, and Boualem Benatallah. The abstract of our book chapter is below as it may interest to some of the readers. The book chapter provides a methodological approach and technical details about applying a reference architectures to support the design and evaluation of Web of Things Systems. The research involved students from a software architecture course offered at the IT University of Copenhagen, Denmark. The abstract of the chapter is below:

Read More »An Approach to Designing and Evaluating Web of Things (WoT) Systems

A Reference Architecture for provisioning of Tools as a Service

We have been developing and maturing a state of the art infrastructure for providing tools as a service. Our work has resulted in a reference architecture provides meta-models, Ontologies, quality attributes, and implementation of an instantiated cloud-based infrastructure for providing tools as a service. Recently, we have published a compressive piece of work in a journal article, titled, A Reference Architecture for provisioning of Tools as a Service: Meta-model, Ontologies and Design Elements, in the journal of Future Generation of Computer Systems. We believe that this piece of work has a great potential for further extension and development for providing tools as a service in multiple engineering domains. The theoretical foundations and practical design techniques developed for this particular piece of work have significant contribution to the body of knowledge on reference architectures for tools as a service. The following abstract of the paper can provide some details about the paper for stimulating the interests of the relevant readers. We are quite keen to receive enquiries for the infrastructure use and collaboration on extending and modifying the infrastructure.Read More »A Reference Architecture for provisioning of Tools as a Service

Learning from a Detailed Security Analysis of Containerised Technologies

Container technologies, particularly Docker Engine, have been gaining significant popularity and adoption for building development and operational virtualised infrastructures. An increasing number of cloud technologies have started integrating container technologies into their platforms. While the performance and scalability advantages of containers are well known, there have been a number of concerns about the security of container-based solutions.

Through our ongoing collaboration with Defence Science and Technology Group we have just completed a project focused on extensively studying and analysing security of container technology, Docker. This project involved several other strategically important evaluative milestones about which I’ll write separately. Here is the report on security analysis of Docker for building private cloud. A few key points of this report are: Read More »Learning from a Detailed Security Analysis of Containerised Technologies

Talk at NEC & IDC Event on Smarter and Safer Societies

Smart Cities initiatives can mean different things to different people and solutions providers. However, there is no doubt that a smart city solution should not only focus on providing the core service but should also contribute to the safety of the users of a service. That is why quite a lot of smart cities solutions are being presented from safety perspective as well – smart cities ought to be safer cities. I was honoured to be invited to present our initiative on Smart Cities R&D and innovation at an event co-organised by NEC and IDC – the event was titled, “Smarter and Safer Society – How ICT makes Government and Enterprise work smarter ”. It was a great get together where different speakers and panelists were enthusiastically presenting their visions, understanding, and observations about smart cities initiatives and solutions. I really enjoyed the talks, dialogues between panelist and audience. I spoke about our initiative on setting up an interdisciplinary centre for research, development, and innovation that can lead to citizen-inspired socio-technical solutions for making a city smarter. Here are the presentation that I used for supporting the talk and following is the abstract of my talk.
Read More »Talk at NEC & IDC Event on Smarter and Safer Societies