Conclusion and Future Work. We revisited Attack-Defence Trees under a unified syntax, extending the usual constructs with a new sequential counter-operator (SCAND). More importantly we introduced XXXXX, an agent-aware formalism to model ADTrees, and trans- formation patters from the latter to the former that are sound, complete, and preserve the compositionality of ADTrees, naturally covering cases with shared subtrees. The impact of different agent coalitions on attack time and cost was evaluated using Uppaal and IMITATOR. Finally, the feasibility of an attack was evaluated through parameter synthesis with IMITATOR, to obtain the attribute values of ADTree nodes that make an attack succeed. Our experiments show that (and how) different agent distributions affect the time of attacks/defence xxxxxx- xxxx, possibly rendering some infeasible. We expect this will open the gate to richer studies of security scenarios, with multiple agents that can collaborate. Our next goals include logics to express properties in EAMAS, and adapting the partial order reduction from [17] as well as the state space reduction for tree topologies of [21] to agent strategies in EAMAS, including extensions to parametric timing information. This will allow for studying the strategic abilities of agents, ultimately in a parametric setting. Finally, we will add support for agents assignment to our tool adt2amas that transforms ADTrees into EAMAS. References
Conclusion and Future Work. As noted above, we see a clear methodology to handle SLA of cloud computing. WSLA suggests a flexible architecture for managing SLA between providers and consumers. As the needs of support services arise, some support services need to be provided but WSLA does not mandate such provisions and hence cloud bank can be introduced to provide the support services. This paper allows signatory parties to include Cloud Bank into the supervision of the SLA. It has introduced the CBSLA framework for specifying SLAs for Cloud Bank model. The Cloud Bank helps provider and consumer to define the quality of service aspects of a service by CBSLA. This paper focuses on the main frame and the signature process of the CBSLA. The clear representation of CBSLA provides a flexible mechanism to define the obligation. However, there are still some details to finalize, such as the process of measuring and the CBSLA parameters and how to monitoring these parameters. These issues will be discussed in future research. The current WSLA framework is based on XML and therefore limits the ability of matching in composition metrics to syntactical.
Conclusion and Future Work. This paper presented a novel approach to address parts of the SLA management process, such as the establishment of the SLA, monitoring, and the enforcement of penalties for violations. More specifically, it focuses on enabling the dynamic SLA compensation in the case of violations during the service duration, i.e., the SLA validity. The presented approach relies on blockchain-based SCs to hold agreed QoS SLA terms by the SP and the customer in tamper-proof storage. Also, the approach automatically manages the SLA billing process, which comprises the payment for the service by the customer and the compensation reimbursement by the SP. The basis for the design decisions of the approach took into consideration the current state-of-the-art in the SLA management lifecycle. Moreover, it was described the implementation of the ap- proach using Solidity, which is an SC programming language (Turing-complete) provided by the Ethereum blockchain. List- ings of the implementation source-code were presented to prove, in a first moment, that is possible to implement the proposed approach. Further, the implemented SC was de- ployed in a permissioned test Ethereum blockchain to manage an example of a real-life QoS-related SLA (response time). Therefore, based on the performed evaluation, parts of the SLA management process were successfully automated using a decentralized solution and removing the dependency of a TTP to handle the billing process. There is still a considerable amount of work to provide a production-ready SLA management approach based on blockchain and smart contracts. Future work includes, but are not limited to, (i) privacy analysis, (ii) cost analysis, (iii) scalability analysis, (iv) more in-depth research on trusted monitoring solution, and (v) integration with existing BSS and OSS. However, it is expected that this work shed light on the current research on the topic. 60 2019 IFIP/IEEE International Symposium on Integrated Network Management (IM2019) REFERENCES [1] D. C. Verma, “Service Level Agreements on IP Networks,” vol. 92, no. 9, Sept 2004, pp. 1382–1388. [2] O. F. Xxxx, X. Warnier, X. X. Xxxxxxxxx, X. Xxxxxxx, and X. Xxxxxxxxxx, Managing Violations in Service Level Agreements. Boston, MA: Springer US, 2008, pp. 349–358. [3] X. Xxxxxxx, X. Xxxxxxx, and X. Xxxxx, “Practical Modeling of the SLA Life Cycle in Cloud Computing,” in 2015 15th International Conference on Intelligent Systems Design and Applications (ISDA), Dec 2015, pp. 52–58. [4] Amaz...
Conclusion and Future Work. Similar to ZRTP, our protocol utilises recorded voice for authentication and verification. However, the combination of the cryptographic primitives is significantly different and the utilisation of audio fingerprinting leads to a more conve- nient, less manual and simple protocol. We investigated the feasibility of using audio fingerprints via a remote connec- tion in a case study. This work is a first sketch of a new way to protect against MitM attackers using audio fingerprint- ing and fuzzy cryptography. We are currently evaluating the cryptographic correctness and building a prototype to conduct a usability analysis.
Conclusion and Future Work. SLA trading provides a framework for bilateral agree- ment negotiation. It supports local optimization, incremen- tal deployment, and evolving definitions of services and PHBs. This is good news for providers since they can pick the mechanisms and policies they like best. Therefore, it is a good alternative to homogeneous QoS routing systems. But it is also good news for customers. The competition among providers will be perceptible even at the edge of the network where a single user is not able to choose which path her packets will take. The downside of the scheme is that the gained local freedom complicates the evaluation of the employed al- gorithms. We can simulate or test the system, even with different strategies running at different DS domains, but the system as a global network will remain very dynamic. The main contributions introduced by the SLA trading concept are summarized below: Automatic dealing of SLAs provides the basis for a mar- ket of network resources. The combination of service provisioning and inter- domain path selection improves network utilization and it can exploit alternative paths within shorter time. Having local pricing and provisioning methods is an ap- proach favored by many ISPs. Bilateral SLAs serve as a common interface between peers but they do not restrict local behavior and implementation. This scheme also pro- xxxxx rapid deployment. We experimented with dynamic and adaptive PHB def- initions (XF PHB) that are valid for just the lifetime of an SLA. This new method introduces flexibility to DS and saves code point space. We will address two major topics in future work. First, an interesting field of research will be the application of the SLAT approach to other service types than XF. Especially AF will be a challenge due to its more relaxed definition. Second, more simulations with larger AS topologies and more realistic traffic models or traces will be performed. References [1] X. Xxxxxx, X. X. Xxxxx, and X. Xxxxxxx, “Integrated Services in the Internet Architecture: An Overview,” RFC 1633, June 1994. [2] X. Xxxxxx, X. Xxxxx, X. Xxxxxx, X. Xxxxxx, and X. Xxxxx, “Re- source Reservation Protocol (RSVP) - Version 1 Functional Spec- ification,” RFC 2205, September 1997. [3] X. Xxxxx, X. Xxxxx, X. Xxxxxxx, X. Xxxxxx, X. Xxxx, and X. Xxxxx, “An Architecture for Differentiated Services,” RFC 2475, December 1998. [4] X. Xxxxxxxx, X. Xxxxxxx, and X. Xxxxxx, “An Expedited Forward- ing PHB,” RFC 2598, June 1999. [5] X. Xxxxxxxx...
Conclusion and Future Work. This work presents a novel contribution to the area of WS- Agreement and agreement matching. With the framework and implementation described throughout this paper, service providers and consumers may automatically make the most accurate and effective partnerships which are tailored to user preferences. While this objective has been considered in the prior works, we extend this by defining reasoning methods for the Scopes, Obligations, SLOs, Qualifying Conditions, and Business Values of the Guarantee Terms. We consider the subjectivity of the latter two and implement a feature which allows for the specification of what the user prefers and what the user considers unsuitable. We effectively match complex agreements containing multiple alternatives and symmetry such that both consumer and provider have capabilities and requirements. This work utilizes an effective combination of ARL rules with multiple Ontologies in order to achieve flexibility and accuracy. In the process it demonstrates the need and value of annotating multiple activities (e-commerce in our exanple) with non-functional and domain- independent ontologies. Use of WSDL-S for semantic Web Services is also demonstrated in this context. We define several categories of rules to enhance domain specific knowledge, efficiently handle heterogeneous SLOs, allow the definition of user preferences, and flexibly allow domain specific predicates while greatly simplifying the matching process. These rules are a powerful addition because they allow the matching process to be changed and customized at any time without any modifications to the code or programming knowledge. Since a key feature of our work is to customize the matching process with user defined rules, this work will benefit from a module which converts rules defined with SWRL to ARL rules to facilitate the definition of rules by user. This tool can be extended to incorporate negotiations as defined by the protocol in [2]. Suitable agreements can be identified by the current tool and negotiations between parties could ensue. This tool can also be augmented to support other standards for policy specification such as WS-Policy. This would allow consumer to provider matches regardless of the specification used. This kind of matchmaking can be integrated with the METEOR-S configuration and runtime binding middleware [22].
Conclusion and Future Work. Diffserv is simple yet powerful network resource provision- ing framework but without efficient and effective signaling through bandwidth brokers ISPs cannot exploit its full ad- vantages. SLA trading provides such an innovative signal- ing framework for bilateral agreement negotiation between bandwidth brokers. It supports local optimization, incremen- tal deployment, and evolving definitions of services and PHBs. This is good news for providers since they can pick the mechanisms and policies they like best. And it is also good news for customers. The competition among providers will be perceptible at the edge of the network in form of lower prices and better service. We have shown that a market-managed Internet is technically feasible, if applied to the network’s core. At the edge, access providers still need to collect money from end users but they are free to choose their favorite method, including the popu- lar flat-rate. The main technical contributions of this paper are: An innovative SLA trading system that fits very well into the DS framework. While it emphasizes inter- domain QoS routing it is complementary to BGP and does not replace routing of best-effort traffic. As a proof of concept, we demonstrated the system’s feasibility in a prototype implementation on top of a flow-based sim- ulation core. A working trading system based on market principles and purely local decisions. It encourages competition among large, well-connected ISPs. In addition, it sup- ports local and partial deployment (as it is a compati- ble add-on) in the current network or in test beds. Each provider is free to choose its own strategies to pursue its local objective. A new, dynamic approach to DSCP allocation pro- posed to simplify and enhance DS PHBs (“inter-AS la- bel switching”). Combined with an intra-domain label- switching method, e.g. MPLS, a hierarchical solution for label-switching is achieved. An evaluation of SLA trading using recent, Internet- typical traffic and topology models. Its main result are: – Statistical information of inter-domain network topology suggested to apply SLA trading to the core of the network. Simulation results with up to 36 ASes support this claim. – Non-uniform jumbo flow distributions (hot spots) are leveled out by SLA trading. For the Internet- typical range of ν-values we show a significant po- tential for load balancing (20% to 50% higher uti- lization than a statically configured network). – Bursty traffic at different time sca...
Conclusion and Future Work. In this chapter we did a preliminary study of linear public good games under in- complete game theory framework, where each players are not aware of the true preference parameters and can only infer other players actions based on a prior distribution of player’s type. Unlike Xxxx and Xxxxxxx [1999]’s model, when play- ers’ preferences over inequality are privately known, the set of players that can be incentivized through aversion towards inequality will be further restricted. We showed that in in public good game without punishment, we are able to char- acterize a group of cooperators who are willing to contribute among themselves. The contributors shares similar properties with Xxxx and Xxxxxxx [1999]’s model with complete information. However, there exist more than one way to define the contributors while Xxxx and Xxxxxxx [1999]’s theory only provides one typical case. Even if the condition in Xxxx and Xxxxxxx [1999]’s model doesn’t hold, there might exist other possible equilibrium with positive contributions. We also point out that Xxxx and Xxxxxxx [1999]’s comparison across the games are not very accurate. As in their public good game setting, the contribution vector is not revealed when there is no punishment. We showed theoretically how the equilibriums would differ when players compare the inequality on average base. Thus there is need to test whether revealing the contribution vector would yield different result in the public good game without punishment. Throughout the theory we cannot rule out the existence of multi-equilibrium. Theory simply suggests players xxxx xxxxxxxxx, but why players are cooperating in a some typical way remain unanswered. In this sense inequality aversion can help us when players have good faith upon others and it might not help at all under extreme circumstances. Apparently we would like to see what could be done in the later case to improve the efficiency. We can conduct possible linear public good experiments where players share are not equal, with one player’s share greater than 1 . It would be interesting to see how other agents will react under these circumstances. On one hand, when one player’s action can be perfectly predicted, other players would have information to predict other players contribution condi- tional on their types. On the other hand, introducing inequality in the sharing itself might bring disutility directly to the players. Thus it’s important to check how players would react when different in...
Conclusion and Future Work. As a conclusion of this paper can be stated that contracting of outsourcing must be done in care. All the contracting matters are equally important, especially savings, costs and information security. The outsourcing contract can be made in stages and this is suitable for information security. There must be different mechanisms to prove the effective of security mechanisms, for example as in ITSEC. It is very important to make sure that the client can provide the needed service and maintain required level of information security. The costs and risks of outsourcing must be evaluated before outsourcing and different plans and policies are formulated. It is very important to make sure that security requirements are as clear as possible and the both sides of outsourcing can understand and agreed them. In the outsourcing agreement there must be written the minimum requirements for the information security and suitable security methods. The responsibilities and rights of the outsourcing parties should be clearly agreed upon in the outsourcing agreement. It is imperative that accepted information security policies in outsourcing and recovery and strategic plans have been established. The actions of insourcing and changing of the outsourcing partner must be planned too. The education and inform of personnel in information security matters is important and must be regular. All the information security matters must be defined clearly in contract and understood. It is important to make sure that you are dealing with trustworthy and best possible service provider that you can have afford, the money is the keyword in outsourcing and information security. The more money you spent on security the less money you spent in business, but the security is not bad investment on the long run. One fundamental security threat in outsourcing is the potential conflict of interest of outsourcing parties. Threats in outsourcing are basically same as in internal information system and all new threats are introduced by different interpretation of requirements in the outsourcing agreement. A one threat in outsourcing is the leak of information from outsourced system. In outsourcing the important security method is controlling and monitoring of service provider. It is important to plan, control and agree the actions of client and service provider. For the controlling and agreeing of information security in outsourcing there can use ITSEC or CC-model. It can be stated that there is three d...
Conclusion and Future Work. In this paper, we construct a Byzantine Agreement protocol that tolerates t < ( 1 − s)n faults, and runs for O(log n) rounds. Many interesting questions remain.
