Matching Items (196)
Description
In this dissertation, two interrelated problems of service-based systems (SBS) are addressed: protecting users' data confidentiality from service providers, and managing performance of multiple workflows in SBS. Current SBSs pose serious limitations to protecting users' data confidentiality. Since users' sensitive data is sent in unencrypted forms to remote machines owned and operated by third-party service providers, there are risks of unauthorized use of the users' sensitive data by service providers. Although there are many techniques for protecting users' data from outside attackers, currently there is no effective way to protect users' sensitive data from service providers. In this dissertation, an approach is presented to protecting the confidentiality of users' data from service providers, and ensuring that service providers cannot collect users' confidential data while the data is processed or stored in cloud computing systems. The approach has four major features: (1) separation of software service providers and infrastructure service providers, (2) hiding the information of the owners of data, (3) data obfuscation, and (4) software module decomposition and distributed execution. Since the approach to protecting users' data confidentiality includes software module decomposition and distributed execution, it is very important to effectively allocate the resource of servers in SBS to each of the software module to manage the overall performance of workflows in SBS. An approach is presented to resource allocation for SBS to adaptively allocating the system resources of servers to their software modules in runtime in order to satisfy the performance requirements of multiple workflows in SBS. Experimental results show that the dynamic resource allocation approach can substantially increase the throughput of a SBS and the optimal resource allocation can be found in polynomial time
ContributorsAn, Ho Geun (Author) / Yau, Sik-Sang (Thesis advisor) / Huang, Dijiang (Committee member) / Ahn, Gail-Joon (Committee member) / Santanam, Raghu (Committee member) / Arizona State University (Publisher)
Created2012
Description
The overall contribution of the Minerva Initiative at ASU is to map social organizations in a multidimensional space that provides a measure of their radical or counter radical influence over the demographics of a nation. This tool serves as a simple content management system to store and track project resources like documents, images, videos and web links. It provides centralized and secure access to email conversations among project team members. Conversations are categorized into one of the seven pre-defined categories. Each category is associated with a certain set of keywords and we follow a frequency based approach for matching email conversations with the categories. The interface is hosted as a web application which can be accessed by the project team.
ContributorsNair, Apurva Aravindakshan (Author) / Davulcu, Hasan (Thesis advisor) / Sen, Arunabha (Committee member) / Dasgupta, Partha (Committee member) / Arizona State University (Publisher)
Created2012
Description
The Open Services Gateway initiative (OSGi) framework is a standard of module system and service platform that implements a complete and dynamic component model. Currently most of OSGi implementations are implemented by Java, which has similarities of Android language. With the emergence of Android operating system, due to the similarities between Java and Android, the integration of module system and service platform from OSGi to Android system attracts more and more attention. How to make OSGi run in Android is a hot topic, further, how to find a mechanism to enable communication between OSGi and Android system is a more advanced area than simply making OSGi running in Android. This paper, which aimed to fulfill SOA (Service Oriented Architecture) and CBA (Component Based Architecture), proposed a solution on integrating Felix OSGi platform with Android system in order to build up Distributed OSGi framework between mobile phones upon XMPP protocol. And in this paper, it not only successfully makes OSGi run on Android, but also invents a mechanism that makes a seamless collaboration between these two platforms.
ContributorsDong, Xinyi (Author) / Huang, Dijiang (Thesis advisor) / Dasgupta, Partha (Committee member) / Chen, Yinong (Committee member) / Arizona State University (Publisher)
Created2012
Description
In modern healthcare environments, there is a strong need to create an infrastructure that reduces time-consuming efforts and costly operations to obtain a patient's complete medical record and uniformly integrates this heterogeneous collection of medical data to deliver it to the healthcare professionals. As a result, healthcare providers are more willing to shift their electronic medical record (EMR) systems to clouds that can remove the geographical distance barriers among providers and patient. Even though cloud-based EMRs have received considerable attention since it would help achieve lower operational cost and better interoperability with other healthcare providers, the adoption of security-aware cloud systems has become an extremely important prerequisite for bringing interoperability and efficient management to the healthcare industry. Since a shared electronic health record (EHR) essentially represents a virtualized aggregation of distributed clinical records from multiple healthcare providers, sharing of such integrated EHRs may comply with various authorization policies from these data providers. In this work, we focus on the authorized and selective sharing of EHRs among several parties with different duties and objectives that satisfies access control and compliance issues in healthcare cloud computing environments. We present a secure medical data sharing framework to support selective sharing of composite EHRs aggregated from various healthcare providers and compliance of HIPAA regulations. Our approach also ensures that privacy concerns need to be accommodated for processing access requests to patients' healthcare information. To realize our proposed approach, we design and implement a cloud-based EHRs sharing system. In addition, we describe case studies and evaluation results to demonstrate the effectiveness and efficiency of our approach.
ContributorsWu, Ruoyu (Author) / Ahn, Gail-Joon (Thesis advisor) / Yau, Stephen S. (Committee member) / Huang, Dijiang (Committee member) / Arizona State University (Publisher)
Created2012
Description
Access control is one of the most fundamental security mechanisms used in the design and management of modern information systems. However, there still exists an open question on how formal access control models can be automatically analyzed and fully realized in secure system development. Furthermore, specifying and managing access control policies are often error-prone due to the lack of effective analysis mechanisms and tools. In this dissertation, I present an Assurance Management Framework (AMF) that is designed to cope with various assurance management requirements from both access control system development and policy-based computing. On one hand, the AMF framework facilitates comprehensive analysis and thorough realization of formal access control models in secure system development. I demonstrate how this method can be applied to build role-based access control systems by adopting the NIST/ANSI RBAC standard as an underlying security model. On the other hand, the AMF framework ensures the correctness of access control policies in policy-based computing through automated reasoning techniques and anomaly management mechanisms. A systematic method is presented to formulate XACML in Answer Set Programming (ASP) that allows users to leverage off-the-shelf ASP solvers for a variety of analysis services. In addition, I introduce a novel anomaly management mechanism, along with a grid-based visualization approach, which enables systematic and effective detection and resolution of policy anomalies. I further evaluate the AMF framework through modeling and analyzing multiparty access control in Online Social Networks (OSNs). A MultiParty Access Control (MPAC) model is formulated to capture the essence of multiparty authorization requirements in OSNs. In particular, I show how AMF can be applied to OSNs for identifying and resolving privacy conflicts, and representing and reasoning about MPAC model and policy. To demonstrate the feasibility of the proposed methodology, a suite of proof-of-concept prototype systems is implemented as well.
ContributorsHu, Hongxin (Author) / Ahn, Gail-Joon (Thesis advisor) / Yau, Stephen S. (Committee member) / Dasgupta, Partha (Committee member) / Ye, Nong (Committee member) / Arizona State University (Publisher)
Created2012
Description
This study performs numerical modeling for the climate of semi-arid regions by running a high-resolution atmospheric model constrained by large-scale climatic boundary conditions, a practice commonly called climate downscaling. These investigations focus especially on precipitation and temperature, quantities that are critical to life in semi-arid regions. Using the Weather Research and Forecast (WRF) model, a non-hydrostatic geophysical fluid dynamical model with a full suite of physical parameterization, a series of numerical sensitivity experiments are conducted to test how the intensity and spatial/temporal distribution of precipitation change with grid resolution, time step size, the resolution of lower boundary topography and surface characteristics. Two regions, Arizona in U.S. and Aral Sea region in Central Asia, are chosen as the test-beds for the numerical experiments: The former for its complex terrain and the latter for the dramatic man-made changes in its lower boundary conditions (the shrinkage of Aral Sea). Sensitivity tests show that the parameterization schemes for rainfall are not resolution-independent, thus a refinement of resolution is no guarantee of a better result. But, simulations (at all resolutions) do capture the inter-annual variability of rainfall over Arizona. Nevertheless, temperature is simulated more accurately with refinement in resolution. Results show that both seasonal mean rainfall and frequency of extreme rainfall events increase with resolution. For Aral Sea, sensitivity tests indicate that while the shrinkage of Aral Sea has a dramatic impact on the precipitation over the confine of (former) Aral Sea itself, its effect on the precipitation over greater Central Asia is not necessarily greater than the inter-annual variability induced by the lateral boundary conditions in the model and large scale warming in the region. The numerical simulations in the study are cross validated with observations to address the realism of the regional climate model. The findings of this sensitivity study are useful for water resource management in semi-arid regions. Such high spatio-temporal resolution gridded-data can be used as an input for hydrological models for regions such as Arizona with complex terrain and sparse observations. Results from simulations of Aral Sea region are expected to contribute to ecosystems management for Central Asia.
ContributorsSharma, Ashish (Author) / Huang, Huei-Ping (Thesis advisor) / Adrian, Ronald (Committee member) / Herrmann, Marcus (Committee member) / Phelan, Patrick E. (Committee member) / Vivoni, Enrique (Committee member) / Arizona State University (Publisher)
Created2012
Description
Structural features of canonical wall-bounded turbulent flows are described using several techniques, including proper orthogonal decomposition (POD). The canonical wall-bounded turbulent flows of channels, pipes, and flat-plate boundary layers include physics important to a wide variety of practical fluid flows with a minimum of geometric complications. Yet, significant questions remain for their turbulent motions' form, organization to compose very long motions, and relationship to vortical structures. POD extracts highly energetic structures from flow fields and is one tool to further understand the turbulence physics. A variety of direct numerical simulations provide velocity fields suitable for detailed analysis. Since POD modes require significant interpretation, this study begins with wall-normal, one-dimensional POD for a set of turbulent channel flows. Important features of the modes and their scaling are interpreted in light of flow physics, also leading to a method of synthesizing one-dimensional POD modes. Properties of a pipe flow simulation are then studied via several methods. The presence of very long streamwise motions is assessed using a number of statistical quantities, including energy spectra, which are compared to experiments. Further properties of energy spectra, including their relation to fictitious forces associated with mean Reynolds stress, are considered in depth. After reviewing salient features of turbulent structures previously observed in relevant experiments, structures in the pipe flow are examined in greater detail. A variety of methods reveal organization patterns of structures in instantaneous fields and their associated vortical structures. Properties of POD modes for a boundary layer flow are considered. Finally, very wide modes that occur when computing POD modes in all three canonical flows are compared. The results demonstrate that POD extracts structures relevant to characterizing wall-bounded turbulent flows. However, significant care is necessary in interpreting POD results, for which modes can be categorized according to their self-similarity. Additional analysis techniques reveal the organization of smaller motions in characteristic patterns to compose very long motions in pipe flows. The very large scale motions are observed to contribute large fractions of turbulent kinetic energy and Reynolds stress. The associated vortical structures possess characteristics of hairpins, but are commonly distorted from pristine hairpin geometries.
ContributorsBaltzer, Jon Ronald (Author) / Adrian, Ronald J (Thesis advisor) / Calhoun, Ronald (Committee member) / Gelb, Anne (Committee member) / Herrmann, Marcus (Committee member) / Squires, Kyle D (Committee member) / Arizona State University (Publisher)
Created2012
Description
Defending against spoofing is an important part of security throughout the internet. With- out the ability to authenticate, within a certain confidence, that a person is in fact who they say are, can allow attackers to go unrecognized after performing an attack. It is much too easy for attackers today to hide their identity or pretend to be someone else through the means of spoof- ing. Researchers must focus their efforts on defenses that are scalable and effective in counter- ing spoofing. This thesis focuses on surveying different types of spoofing as well as attacks that lever- age spoofing with the hopes to hide the attacker's identity or leverage identity theft to perform an attack. It also looks at current defenses that hope to counter attacks that leverage spoofing and evaluates how realistic is to implement the defenses in terms of scalability and effective- ness. By surveying different attacks and defenses, researchers will be able to better focus their efforts on more effective and scalable defenses to spoofing and attacks that leverage spoofing.
ContributorsTorrence, Ryan Michael (Author) / Dasgupta, Partha (Thesis director) / Doupe, Adam (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2015-05
Description
3D printing has recently become a popular manufacturing process and the goal of the project was to take that process to the kitchen. This was done by utilizing existing knowledge of the culinary process of "spherification", by which a liquid is encapsulated in an edible shell, and combining it with the hydrogel research advancements in tissue engineering to make robust fibers. A co-flow nozzle was constructed and the two fluids needed for spherification were flowed in various configurations to create different fibers. By outlining a stability regime and measuring the outer diameters for both regular and reverse spherification, the optimal method of production and fibers that would be suitable for 3D printing were discovered. The results of the experiments can be used to begin 3D printing edible 2D patterns and eventually 3D structures.
ContributorsSchott, Christopher David (Author) / Rykaczewski, Konrad (Thesis director) / Herrmann, Marcus (Committee member) / Barrett, The Honors College (Contributor) / Mechanical and Aerospace Engineering Program (Contributor)
Created2015-05
Description
Cyber threats are growing in number and sophistication making it important to continually study and improve all dimensions of digital forensics. Teamwork in forensic analysis has been overlooked in systems even though forensics relies on collaboration. Forensic analysis lacks a system that is flexible and available on different electronic devices which are being used and incorporated into everyday life. For instance, cellphones or tablets that are easy to bring on-the-go to sites where the first steps of forensic analysis is done. Due to the present day conversion to online accessibility, most electronic devices connect to the internet. Squeegee is a proof of concept that forensic analysis can be done on the web. The forensic analysis expansion to the web opens many doors to collaboration and accessibility.
ContributorsJuntiff, Samantha Maria (Author) / Ahn, Gail-Joon (Thesis director) / Kashiwagi, Jacob (Committee member) / Barrett, The Honors College (Contributor) / Computer Science and Engineering Program (Contributor)
Created2015-05