The document discusses policy challenges for autonomous pervasive systems and small-world networks. It describes a common pattern for self-managed cells (SMCs) that provides low-coupling and permits composition across different scales. The key aspects of the SMC pattern are that it provides self-management through a closed adaptation loop using policies, and allows for interaction and composition of SMCs.
This presentation educates you about Applications of Expert System, Expert System Technology, Development of Expert Systems: General Steps and Benefits of Expert Systems.
For more topics stay tuned with Learnbay.
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...DETER-Project
Abstract: It is widely argued that today's largely reactive, "respond and patch" approach to securing cyber systems must yield to a new, more rigorous, more proactive methodology. Achieving this transformation is a difficult challenge. Building on insights into requirements for cyber science and on experience gained through 8 years of operation, the DETER project is addressing one facet of this problem: the development of transformative advances in methodology and facilities for experimental cybersecurity research and system evaluation. These advances in experiment design and research methodology are yielding progressive improvements not only in experiment scale, complexity, diversity, and repeatability, but also in the ability of researchers to leverage prior experimental efforts of others within the community. We describe in this paper the trajectory of the DETER project towards a new experimental science and a transformed facility for cyber-security research development and evaluation.
For more information, visit: http://www.deter-project.org
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
Terry Benzel provided the keynote address at the 11th Annual Computer Security Applications Conference (ACSAC). This document is the invited paper that she addressed in her keynote.
Abstract: Since 2004, the DETER Cyber-security Project has worked to create an evolving infrastructure – facilities, tools, and processes – to provide a national resource for experimentation in cyber security. Building on our insights into requirements for cyber science and on lessons learned through 8 years of operation, we have made several transformative advances towards creating the next generation of DeterLab. These advances in experiment design and research methodology are yielding progressive improvements not only in experiment scale, complexity, diversity, and repeatability, but also in the ability of researchers to leverage prior experimental efforts of other researchers in the DeterLab user community. This paper describes the advances resulting in a new experimentation science and a transformed facility for cyber-security research development and evaluation.
Further described: http://www.deter-project.org/blog/deter_-_keynote_address_acsac_key_new_web_site
For additional information, visit:
- http://www.deter-project.org
- http://info.deterlab.net
The DETER Project: Advancing the Science of Cyber Security Experimentation an...DETER-Project
Abstract: Since 2004, the DETER Cybersecurity Testbed Project has worked to create the necessary infrastructure – facilities, tools, and processes – to provide a national resource for experimentation in cyber security. The next generation of DETER envisions several conceptual advances in testbed design and experimental research methodology, targeting improved experimental validity, enhanced usability, and increased size, complexity, and diversity of experiments. This paper outlines the DETER project's status and R&D directions.
For more information, visit: http://www.deter-project.org
Due to diversity, heterogeneity and complexity of the existing healthcare structure, providing suitable
healthcare services is a complicated process. This work describes the conceptual design of an e-healthcare
system, which implements integration strategies and suitable technologies that will handle the
interoperability problem among its essential components. The proposed solution combines intelligent agent
technology and case based reasoning for highly distributed applications in healthcare environment.
Intelligent agents play a critical role in providing correct information for diagnostic, treatment, etc. They
work on behalf of human agents taking care of routine tasks, thus increasing speed and reliability of the
information exchanges. CBR is used to generate advices to a certain e-healthcare problems by analyzing
solutions given to previously solved problems and to build intelligent systems for disease diagnostics and
prognosis. Preliminary experimental simulation based on Agent Development Framework (JADE)
demonstrated the feasibility of this model.
Introduction: What is clock synchronization?
The challenges of clock synchronization.
Basic Concepts: Software and hardware clocks. Basic clock synchronization algorithm
Algorithms: Deep dive into landmark papers
NTP: Internet scale time synchronization
This presentation educates you about Applications of Expert System, Expert System Technology, Development of Expert Systems: General Steps and Benefits of Expert Systems.
For more topics stay tuned with Learnbay.
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...DETER-Project
Abstract: It is widely argued that today's largely reactive, "respond and patch" approach to securing cyber systems must yield to a new, more rigorous, more proactive methodology. Achieving this transformation is a difficult challenge. Building on insights into requirements for cyber science and on experience gained through 8 years of operation, the DETER project is addressing one facet of this problem: the development of transformative advances in methodology and facilities for experimental cybersecurity research and system evaluation. These advances in experiment design and research methodology are yielding progressive improvements not only in experiment scale, complexity, diversity, and repeatability, but also in the ability of researchers to leverage prior experimental efforts of others within the community. We describe in this paper the trajectory of the DETER project towards a new experimental science and a transformed facility for cyber-security research development and evaluation.
For more information, visit: http://www.deter-project.org
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
Terry Benzel provided the keynote address at the 11th Annual Computer Security Applications Conference (ACSAC). This document is the invited paper that she addressed in her keynote.
Abstract: Since 2004, the DETER Cyber-security Project has worked to create an evolving infrastructure – facilities, tools, and processes – to provide a national resource for experimentation in cyber security. Building on our insights into requirements for cyber science and on lessons learned through 8 years of operation, we have made several transformative advances towards creating the next generation of DeterLab. These advances in experiment design and research methodology are yielding progressive improvements not only in experiment scale, complexity, diversity, and repeatability, but also in the ability of researchers to leverage prior experimental efforts of other researchers in the DeterLab user community. This paper describes the advances resulting in a new experimentation science and a transformed facility for cyber-security research development and evaluation.
Further described: http://www.deter-project.org/blog/deter_-_keynote_address_acsac_key_new_web_site
For additional information, visit:
- http://www.deter-project.org
- http://info.deterlab.net
The DETER Project: Advancing the Science of Cyber Security Experimentation an...DETER-Project
Abstract: Since 2004, the DETER Cybersecurity Testbed Project has worked to create the necessary infrastructure – facilities, tools, and processes – to provide a national resource for experimentation in cyber security. The next generation of DETER envisions several conceptual advances in testbed design and experimental research methodology, targeting improved experimental validity, enhanced usability, and increased size, complexity, and diversity of experiments. This paper outlines the DETER project's status and R&D directions.
For more information, visit: http://www.deter-project.org
Due to diversity, heterogeneity and complexity of the existing healthcare structure, providing suitable
healthcare services is a complicated process. This work describes the conceptual design of an e-healthcare
system, which implements integration strategies and suitable technologies that will handle the
interoperability problem among its essential components. The proposed solution combines intelligent agent
technology and case based reasoning for highly distributed applications in healthcare environment.
Intelligent agents play a critical role in providing correct information for diagnostic, treatment, etc. They
work on behalf of human agents taking care of routine tasks, thus increasing speed and reliability of the
information exchanges. CBR is used to generate advices to a certain e-healthcare problems by analyzing
solutions given to previously solved problems and to build intelligent systems for disease diagnostics and
prognosis. Preliminary experimental simulation based on Agent Development Framework (JADE)
demonstrated the feasibility of this model.
Introduction: What is clock synchronization?
The challenges of clock synchronization.
Basic Concepts: Software and hardware clocks. Basic clock synchronization algorithm
Algorithms: Deep dive into landmark papers
NTP: Internet scale time synchronization
Personalizing medical treatments based on ambient information: towards intero...Rémi Bastide
Slides for my invited talk at UPCP'2013, the second Up Close and Personalized Congress.
Paris 25-28 July 2013, Paris, France
http://www.upcp.org/
Big Data refers to the new technical ability to digitally record, transmit and process massive amounts of digital data. Data mining technologies offer the possibility to extract meaningful knowledge from this data, through the analysis of statistical correlations.
Medicine has recently entered the realms of Personalization and Prediction: treatments become personalized to fit the patient's profile, and Prediction allows forecasting the likeliness of future health condition. Personalization and Prediction are based on patients and statistical medical data, coming from various sources: Electronic Health Records, Historical records of healthcare reimbursement, Genomics, Social media, Sensors and biosensors
Research and Industry are fueling a constant flow of innovation in this last field: Connected Health devices (including monitoring of Activities of Daily Life), smart clothing, implanted or ingestible sensors are increasingly being used to gather information about the patient’s health status or life habits. This innovation provides new sources of data essential to Personalized Medicine. In particular, this offers a brand new opportunity to correlate information gathered by these new sensors with the clinical information that is commonly gathered in clinical trials. For instance it is quite realistic to imagine a clinical trial performed at the patient’s home, where drug taking is precisely monitored by sensors in ingestible pills, while the drug’s clinical effects are correlated with constant monitoring of medical indicators such as blood pressure or heart rate, as well as with the performance of daily life activities such as eating, exercising, resting, sleeping, toilet use... This opens a new realm of opportunities in the design and analysis of clinical trials.
The protocols of the Internet of Things (IoT) technology stack
are essential as, without them, the hardware would be rendered
useless, and data communication would be a challenge.
Embedded systems in biomedical applicationsSeminar Links
Interface with the outside world -sensors, actuators and specialized communication links. Healthcare applications offer distinctive challenges for embedded systems over the next ten years.
Many technical communities are vigorously pursuing
research topics that contribute to the Internet of Things (IoT).
Nowadays, as sensing, actuation, communication, and control become
even more sophisticated and ubiquitous, there is a significant
overlap in these communities, sometimes from slightly different
perspectives. More cooperation between communities is encouraged.
To provide a basis for discussing open research problems in
IoT, a vision for how IoT could change the world in the
distant future is first presented. Then, eight key research topics
are enumerated and research problems within these topics are
discussed.
I presented this keynote talk at the WorldComp conference in Las Vegas, on July 13, 2009. In it, I summarize what grid is about (focusing in particular on the "integration" function, rather than the "outsourcing" function--what people call "cloud" today), using biomedical examples in particular.
Information fusion and algorithm training framework objective in ICT4Life H2020 Project. Presented in IEEEHealthcom'16 within Project Alfred workshop in Munich (14-17 September 2016).
Model-Simulation-and-Measurement-Based Systems Engineering of Power System Sy...Luigi Vanfretti
This talk starts by exploring how electrical power systems are increasingly becoming digitalized, leading to their transformation into a class of cyber-physical systems (a system of systems) where the electrical grid merges with ubiquitous information and communication technologies (ICT).
This type of complex systems present unprecedented challenges in their operation and control, and due to unknown interactions with ICT, require new concepts, methods and tools to facilitate their operational design, manufacturing (of components), and testing/verification/validation of their performance.
Inspired by the tremendous advantages of the model-based system engineering (MBSE) framework developed by the aerospace and military communities, this talk will highlight the challenges to adopt MBSE for electrical power grids. MBSE is not only a framework to deal with all the phases of putting in place complex systems-of-systems, but also provides a foundation for the democratization of technology - both software and hardware.
The talk will illustrate the foundations that have been built by the presenter's research over the last 7 years, placed within the context of MBSE, with focus on areas of power engineering. Some of these foundations and contributions include the OpenIPSL, RaPId, SD3K, BableFish and Khorjin open source software developed and distributed online by the research group, and available at: https://github.com/ALSETLab
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Epistemic Interaction - tuning interfaces to provide information for AI support
Autonomous Pervasive Systems and the Policy Challenges of a Small World!
1. Keynote IEEE Symp on Policies for Distributed Systems
and Networks 2007
Autonomous Pervasive Systems and the Policy
Challenges of a Small World!
Emil Lupu
Imperial College London
2. University of Bologna
• Oldest University in Europe
(certainly the oldest medieval).
• Born out of conflict: the papalimperial rivalry, restrictions put
by the church on learning and
in particular on common law.
• Lack of protection of non
“citizens” leads to the
formation of guilds
(“universitas”).
3. Policy at Bologna
• In essence a school of law.
• A university ran by the students.
Policy (Bologna University style):
• Doctors elected by students.
• Curriculum must be agreed by
the students.
• Curriculum must be divided into
two-weekly puncta.
• Doctors who start lectures late or
finish late must pay a fine.
• Doctors who fail to attract at
least 5 students are deemed
absent and fined.
• Doctors must pay a deposit
before being allowed to leave the
city to ensure their return.
Peter Watson
Ideas: A history from Fire to Freud
Phoenix Publ. 2005
5. Policies
• Originally introduced to separate the strategy for resource allocation in OSs
from the mechanisms controlling the resources.
R Levin et al. Policy/Mechanism Separation in Hydra. 5th Symp. on Operating
Systems Principles (SOSP), November 1975.
• Became popular in large centralised access control systems and
subsequently, in the early 90’s, for managing large networks and distributed
systems.
• Policies apply to large sets of objects providing uniform configuration.
• Provide the means to automate adaptation across large systems
6. Policy Areas
Business Rules
Network and
Systems Management
Semantic Web
Trust
Privacy
SLAs Access Control and
Security
Management
Policy Workshop
Web-Services Data Centric Security
1999
Enterprise
Distributed Multi-Agent Systems
Object
Computing
Negotiation
7. Policies for Large Systems
require Complex Policy Systems
• Build on complex software infrastructure: CIM, LDAP, Storage, Databases,
Web-Services (WS-*), Grid-Environments, ...
• Systems are functionally separated. A function realised for the entire system
e.g., Authentication, Fault-Diagnostics, Accounting, ...
• Architectures are tightly coupled, making in difficult and laborious to add new
elements.
• Computational power is infinite (or almost). Components are always available
• Policies are replacing human actions.
9. Lessons
• Development intensive requiring numerous services that depend on many
underlying systems and packages. Must be able to rely on commercial policy
products ... which aren’t there.
• Difficult to maintain, distribute and demonstrate. Numerous queries received
about the Ponder toolkit were about LDAP installation and configuration.
• Difficult to integrate with new techniques: planning, context, analysis, security
and management ...
• Policies replace human (administrator) led activity. Typically compared with
scripting and ad-hoc human-driven solutions. Poor short term ROI.
Need to provide “advantage”: analysis, refinement and validation.
Need to provide benchmarking and proof of scale up.
10. Policy Outset
• Policy motivated by arguments of
scale
• Industry cannot deliver the
products and benchmarks
• Academics cannot deliver
convincing demonstrations
• Restrict to theoretical work.
• Small proof of concept for
individual techniques.
12. Cardiac Monitoring
UbiMon Body Sensor Node
Primary unit
Secondary unit
Sensors
RF
Control
Control
RF
Battery
Power
Signal conditioning
Antenna
Antenna
Tertiary unit/Central Server
13. The BSN platform
- TinyOS
- Ultra low power 16 bit processor
- 64KB + 256KB Flash memory
- 6 analog channels
- IEEE 802.15.4 (Zigbee) wireless link
14. Body Area Networks for eHealth
• Implanted and wearable sensors:
Heart monitoring, blood-pressure,
oxygen saturation, etc.
• Continuous monitoring of
physiological condition e.g.,
cardiac arrhythmia.
• Maintenance of chronic
conditions: heart deficiencies,
diabetes mellitus, chronic
anaesthesia
• Incremental drug delivery. Context
dependent drug delivery.
Body Area Networks
• Remote interrogation
• Alert for emergency interventions.
15. Requirements
• Continuous adaptation:
• sensor failures, new sensors and
diagnostic units
• changes in user activity and
context
• changes in the patient’s medical
condition
• interactions with other devices
in different environments: home,
hospital, GP clinic
• Minimal resource (power)
consumption
• No administrator interactions
• Low-coupling
• Support for Interactions
• peer-to-peer interactions
between devices
• composition between
subsystems
• federation between collections
of devices
• Decision making: goal-driven,
heuristics, utility
• Learning: classification, statistical,
declarative
17. Policies in Healthcare Environments
• Obligations define which operations need to be performed when certain
events occur. Event-Condition-Action Rules
• Authorisations define which operations are permitted and under which
circumstances.
• Other policy types: Membership management, Information Filtering, Trust
Management, Delegation, Negotiation, etc.
• Policies applied to different functional areas: device and service discovery,
device configuration, authentication and authorisation, privacy,
collaborations, ...
18. The Controller: Gumstix
• 200-400MHz (Intel XScale
PXA255)16 MBFlash
Bluetooth
• Expansion boards: Wifi, Eth, Cf or
MMC, audio, GPS
• Linux 2.6
• GCC, JamVM and other
development tools
• 802.15.4 through connected BSN
19. Autonomous Unmanned Vehicles
• Each vehicle is
an autonomous
collection of
managed
devices with
different
functional
capabilities
• Must be
extensible to
different sensors
and modules
• Can aggregate
and collaborate
in fleets of
autonomous
vehicles
• Must interact
with external
environment
20. Building Integration
• Instrumentation
of in-door
environments:
multimedia,
assisted living for
the elderly
• Discovery and
autonomy across
nested
collections of
devices
• Interactions with
persons (and
their personal
area networks)
• Composition and
federation that
follows: physical
space, functional
space
21. Citywide environments
• How do we build next generation
pervasive city infrastructures?
• Composition federation and
interaction of pervasive spaces.
• Interactions with mobile users
and groups of users.
• Space as catalyst for social
interaction
23. A common pattern
• That can be used at different levels of scale: body area networks, unmanned
vehicles, intelligent homes, and large distributed systems and networks.
• That can provide self-management and closed-loop adaptation at the local
level.
• That can provide different levels of functionality.
• That is architectural as well as functional.
• Provides low-coupling between the different services.
25. What is a Self-Managed Cell?
• A set of hardware and software components forming an administrative
domain that is able to function autonomously and thus capable of selfmanagement.
• Management services interact with each other through asynchronous events
propagated through a content-based event bus.
• Policies provide local closed-loop adaptation.
• Able to interact with other SMCs and able to compose in larger scales
SMCs.
27. SMC Pattern
• Provides low-coupling between the different services.
• Permits the use of different service implementations when used at different
levels of scale.
• Permits to add services to SMCs in order to add functionality:
• Context service(s) for mobile users and gathering information from the
environment.
• Authentication, Access Control and other security services.
• Provisioning and Optimisation services for control of resources
28. SMC Core Services
• Discovery Service
(including membership management)
• Event Service
Events
• Policy Service
Monitor
Events
Manager
Agent
Managed
Objects
Control
actions
Decisions
Policies
(auth)
New functionality
Policies
(oblig/ECAs)
29. Cell Discovery Service
• Discovers new devices and maintains membership to detect failures and
departures from cell.
• Queries device for its profile and services;
• Performs vetting functions e.g. authentication, admission control.
• Listens for new service offers and service removals from the devices
• Generates events to signal new/disconnected devices or software
components. Interested services can subscribe, receive and react to these
events.
• Own implementation developed to cater for BSN nodes and policy
configurable parameters but other protocols e.g., SDP, SLP, ... could be used
in other environments.
30. Cell Event Service
• Publish/Subscribe with content based router.
• At-most-once, reliable event delivery.
• To an individual recipient events are delivered in the same order as received
by the router.
• Quenchable publishers to minimise number of messages and power
consumption.
• Supports heterogeneous communication.
33. Policies for Different Functional Areas
• Device and Service Discovery. How to react to new devices and services and
their disappearance.
• Membership Management.
• Context Management. How to react to changes in location, activities of the
user, surrounding environment.
• Clinical Management. How to react to changes in the clinical condition.
• Security Management.
• Policy Management. Enable, disable, unload policies.
34. Ponder2 Design Goals
• Permit interaction with a running SMC
Ponder2 Design Process
• invoking operations on objects
• policy creation, activation, etc.
Design
• Only loads what is needed
• Can be extended (dynamically)
• Must run on a Gumstix (and possibly on
BSN nodes)
Remove
35. Ponder2
• Supports both obligation policies in the form of Event-Condition-Action rules
and authorisation policies. Therefore it requires:
• Managed Objects to represent resources and invoke operations on
external services
• Domains to group objects and specify policies in terms of domains of
objects.
• Events to trigger policies and interactions with the event bus.
• Policies of multiple kinds.
• Object invocations to implement policy actions
37. Ponder2, try again
• The Policy Service requires:
• Convention for loading and creating Managed Objects
• Invoking operations on Managed Objects
• Root domain (that does not know it is a domain)
• That’s it!
• Domains, policies, events, ... are themselves managed objects that follow the
same conventions.
38. Bootstrapping Ponder2 in PonderTalk
• SMC is just an empty
domain - root
• Import domain factory
• Create domains
• Import basic factories
// Bootstrap code for Ponder2
!
// Import the Domain code
// and create the default domains
domainFactory := root load: "Domain".
root
at: "factory" put: domainFactory create;
at: "policy" put: domainFactory create;
at: "event" put: domainFactory create.
// Put the domain factory into the factory directory
root/factory at: "domain" put: domainFactory.
!
• Read more PonderTalk
// Import event and policy factories
root/factory
at: "event" put: ( root load: "EventTemplate" );
at: "oblig" put: ( root load: "ObligationPolicy" ).
39. Managed Objects
• A managed object
• Conforms to a set of interface rules.
• Created through a factory
External
import
Policy
service
import
RMI
import
• Accepts commands
Internal
Factory
.jar file
• Several pre-defined types of managed
objects: domains, policies, factories,
external, events
/
/svc
/fact
factory
object
remote
invocation
RMI
<<create>>
40. Writing a new Managed Object
• A Managed Object is a Java class
• PonderTalk messages converted to method calls
• Constructors called by factory messages
• Instance methods called by operational messages
• Mapping done by @Ponder2op Java annotation
• uses apt Annotation Processing Tool instead of javac
41. Example: a HashTable Managed Object
public class MyManagedObject
implements P2ManagedObject {
!
!
!
!
!
private Map<String, OID> data;
@Ponder2op("create")
MyManagedObject() {
data = new HashMap<String, OID>();
}
!
!
return data.get(name);
}
@Ponder2op("remove:")
OID remove(String name) {
return data.remove(name);
}
}
@Ponder2op("size:")
MyManagedObject(int size) {
data =
new HashMap<String, OID>(size);
}
apt
ManagedObject
@Ponder2op("at:put:")
OID store(String name, OID oid) {
data.put(name, oid);
return oid;
}
@Ponder2op("at:")
OID get(String name) {
P2MyManagedObject
create
size: int
at: name put: OID
at: name
remove: name
<<interface>>
ManagedObject
MyManagedObject
MyManagedObject()
MyManagedObect(int size)
store(String name, OID oid)
get(String name)
remove(String name)
41
42. Events in Ponder2
• Event = notification with named
attributes.
/
• Trigger policies.
• An event factory interfaces with an
external event bus.
event
event
types
fact
• Multiple factories can be used.
inst
• Event types (templates) are created
by factories.
XML
intrusion compromise
Blaster WS-Notif
<<create>>
43. Example: Discovery of new BSN sensor
• Discovery service issues events when BSN is detected or lost
!
newevent := root/factory/SMCeventbus.
!
// newBSN event type
!
root/event
at: "newBSN"
put: (newevent create: #("name" "type") ).
!
// example of raising an event
root/event/newBSN
create: #("Temp1" "TempMon").
44. Policies
• Created with policy factory
Blocks
• Dynamically associate events,
actions and conditions with a
policy
• Blocks are objets that group
statements.
• Can be activated and deactivated
• Are managed objects. Can be
moved, deleted, created,
activated, deactivated by other
policies
• Actions and conditions are blocks
• Block execution is delayed
• Blocks can take arguments
• Blocks are closures
• Blocks return the result of their last
statement
45. Discovery Policies
• When a new BSN sensor is
discovered a policy is used to
create the appropriate adaptor
managed object
• Adaptor object acts as proxy for
the BSN and can receive
commands for them e.g. setrate
// Create discovery policy
newpolicy := root/factory/oblig.
!
discBSN := newpolicy create.
discBSN
event: root/event/newBSN;
action: [ :name :type |
root/template/bsnAdaptor
create: name
setActive: type
];
setActive: true.
48. Not yet quite a policy language
on new_component(id, profile, addr) do
if profile == “heart rate” then
r = /fact/hr.create(profile, addr); /sensors.add(r)
!
on hr(level) do
if level > 100 then /sensors/os.setfreq(10min);
/sensors/os.setMinVal(80)
!
on context(activity) do
if activity == “running” then
/policies/normal.disable(); /policies/active.enable()
!
auth+ /patient → /os.{setfreq, setMinVal, stop, start}
auth+ /patient → /policies.{load, delete, enable, disable}
49. Heart Monitoring Demo
BSN Node
Accelerometer
BSN Node
ECG sensor
BT link
Gumstix (Linux, BT, WiFi)
!
Discovery Service
Policy service
Event service
HR visualisation
and communication
(SMS, Call, GPRS)
50. How small should an SMC be?
• Is a BSN node an SMC?
• 6 analog sensor channels
• Event based interactions
• Need for policy-based adaptation
52. Inter-SMC Interactions
Measure ment
& Mon itorin g
Interaction
Adaptation
Serv ice
Discov ery
Ev ent Bus
Policy
Management
M e a sur e m e n t &
Mo n it o r in g
Se r v ice
D is co ver y
Measurement an d
Control Adapters
In te r a ct io n
Ad a p t a t io n
In te r a ct io n
Ad a p t a t io n
M e a sur e m e n t a n d
C o n tr o l Ad a p te r s
Ma n a g e d R e so ur ce s
Ser v ic e
D isco ver y
Me a su r e me n t &
M o n it o r in g
Eve n t Bu s
Eve n t Bu s
Po lic y
Ma n a g e me n t
Other
Context
C o n t e xt
Po lic y
M a n a g e me n t
M e a su r e m e n t a n d
C o n tr o l Ad a p t er s
M a n a g e d R e so u r ce s
C o n te xt
57. SMC Interactions: Requirements
• Despite apparent differences both peer-to-peer and composition interactions
require similar support:
• actions: SMCs need to invoke actions on other SMCs e.g. to access
device readings, actions specified as part of policies.
• events: SMCs need to exchange events i.e. both publish and subscribe to
events in a remote SMC
• policies: SMCs need to exchange policies e.g. ask a remote SMC to react
to events in a particular way
58. Interactions and Autonomy
• Each SMC must retain autonomy over its resources:
• It must decide which functions (services) to export
• It must retain decision on whether to export (bind) any of its internal resources
externally
• It may mediate external interactions to internal managed objects e.g., for
filtering and parameter adaptation.
• It decides which policies to accept (allowing “full access” may jeopardise
integrity).
• Applicable in both p2p and composition
59. Differences: p2p - composition
• Once bound as a resource in a composition relationship:
• The SMC ceases to advertise itself
• The SMC does not establish other p2p or composition relationships unless
directed by the outer SMC
• “administrative” interfaces are guaranteed to be bound to a single outer SMC.
• Events and services exposed to other SMCs will be different in composition and
p2p relationships.
• Policies (i.e., missions) accepted will be different
60. SMCs discovery
• On SMC discovery, each SMC assigns discovered SMC to pre-defined
domains.
• Policies for domain apply to assigned SMC.
• SMC Discovery can also result in policy-exchange and sharing of events and
services.
61. SMC Missions: Policy Exchange
• SMC Interfaces define:
• events: that can be raised by an SMC
• notifications: that an SMC can receive
• actions: that can be invoked on the SMC
62. Policy Exchange II
mission patientT(nurse, patient, ECGlevel, ECGTime) do
on patient.mloaded() do
nurse.store(patient.readlog())
on patient.hr(level) do
if level > ECGlevel then
patient.startECG()
patient.timer(ECGTime, endECG())
nurse.ecgOn()
on patient.endECG() do
nurse.display(patient.readECG())
63. SMC Missions: Policy Exchange
auth+ /nurse → /patient.loadMission // at the Patient
auth+ /patient → /nurse.store
// at the Nurse
auth+ /patient → /nurse.displayECG
on newPatient(p) do
ref = p.loadMission(/patients.interface, p.interface, 82, 40); /
roles[p].add(ref)
64. Interaction Procedure
• Discover SMCs
• Decide what kind of interaction to create (for both SMCs)
• Decide on role assignment
• Exchange Interfaces
• Perform role assignment and creation of managed object
• Decide which missions to instantiate and instantiate them.
67. IEEE 802.15.4
• Claims maximum bandwidth of 250Kbps
1 hop away
1 packet = 76B
Rate varies:
1-40 packets/s
• Observed max. throughput 50Kbps. At this rate the
receiver’s packet queue fills up and packets are dropped
69. End-to-end Delay
Gumstix
Bluetooth, WiFi
Linux
Discovery Service
Discovery Service
Policy service
Event service
BSN Node
802.15.4 gateway
Serial Comms
25 ms
IEEE 802.15.4
20 ms
70. Discovery
• expected 110ms (2 serial + 3 * 802.15.4 packets)
• observed 129ms
• End-to-end: 144ms; includes
• discovery handshake
• generation of new_component event
• event proxy and managed object creation
72. Policy Service
• Policy Object: 3.214 kB includes policy type, triggers, actions and constraints
• Simple policy execution (null action): 13.57ms
• Simple policy execution action issued to BSN: 23.88ms
• Simple policy execution + simple condition: 30.05ms
• End-to-end: event published to proxy to policy execution: 46.05 ms
73. Observations
• Use of XML generates significant overhead in terms of both memory
consumption and run-time processing.
• This despite using a small footprint and efficient parser.
• Performance suitable for body-area network for self-management purposes.
• Not always suitable for application data e.g., ECG 200Hz
• Processing and adaptation capability on sensor
75. Reasoning and Planning
• Analysis and Refinement work to date relies on abductive reasoning.
• Can we do abductive reasoning on a Gumstix?
• Yes with a bit more memory!
• Planning and Distributed Planning
?
?
?
?
76. Making Sense of the Surrounding World
• Much work is directed
towards abstracting sensor
input in higher level “state”
information. Accelerometers,
Temperature, Sound, ...
• Buy why should be always
starting from scratch...
Can we use
acquired information
to refine Context
Models?
77. Making Sense of Behaviour
Policies are rules governing choices in the
behaviour of systems
Policies are rules learnt from the behaviour of ...
80. • SMC defines a common architectural pattern that can be applied at different
levels of scale.
• Content-based filtering event bus provides flexibility and de-coupling
between services.
• Ponder2 provides support for general object management and policies
• In contrast to policies in large systems, designs in autonomous pervasive
computing strive to be simple. Scale is achieved through extensibility,
modularity and composition of autonomous components.
• Realising autonomous pervasive systems requires the integration of multiple
techniques from different areas of computing: operating systems, distributed
systems, statistical decision methods, AI, DAI, multi-agent systems,
knowledge engineering, ...
• ... on a small scale!
82. References
• Ponder2 Policy Service: http://www.ponder2.net
• E. Lupu, N. Dulay, M. Sloman, J.Sventek, S. Heeps, S. Strowes, K. Twidle, S.-L. Keoh, A.
Schaeffer-Filho. AMUSE: Autonomic Management of Ubiquitous e-Health Systems.
Concurrency and Computation: Practice and Experience, John Wiley and Sons, Inc., 2007
(To Appear).
• Keoh, S.L., Twidle K., Pryce, N., Schaeffer-Filho, A E., Lupu, E., Dulay, N., Sloman, M.,
Heeps, S., Strowes, S., Sventek, J., and Katsiri, E. Policy-based Management for BodySensor Networks. 4th International Workshop on Wearable and Implantable Body Sensor
Networks (BSN 2007), AAchen, Germany, March 2007.
• Russello, C. Dong, and N. Dulay. Authorisation and Conflict Resolution for Hierarchical
Domains. IEEE Workshop on Policies for Distributed Systems and Networks (Policy),
Bologna, Italy, June 2007.