Privacy-preserving data sharing and adaptable service compositions in mission-critical clouds

Bhargava, Bharat
Angın, Pelin
Ranchal, Rohit
Existing cloud systems lack robust mechanisms to monitor compliance of services with security and performance policies under changing contexts, and to ensure uninterrupted operation in case of failures. On the other hand, microservices-based cloud system architectures that have become indispensable for defense applications require systematic monitoring of service operations to satisfy their resiliency and antifragility goals. In this work we propose a unified model for enforcing security and performance requirements of mission-critical cloud systems even in the presence of anomalous behavior/attacks and failure of services. The model allows for proactive mitigation of threats and failures in cloud-based systems through active monitoring of the performance and behavior of services, promising achievement of resiliency and antifragility under various failures and attacks. It also provides secure dissemination of data between services to ensure end-to-end secure operation of critical missions.
2021 International Semantic Intelligence Conference, ISIC 2021


EPICS: A Framework for Enforcing Security Policies in Composite Web Services
Ranchal, Rohit; Bhargava, Bharat; Angın, Pelin; ben Othmane, Lotfi (Institute of Electrical and Electronics Engineers (IEEE), 2019-05-01)
With advances in cloud computing and the emergence of service marketplaces, the popularity of composite services marks a paradigm shift from single-domain monolithic systems to cross-domain distributed services, which raises important privacy and security concerns. Access control becomes a challenge in such systems because authentication, authorization and data disclosure may take place across endpoints that are not known to clients. The clients lack options for specifying policies to control the sharing of...
Simulation and performance evaluation of a distributed real-time communication protocol for industrial embedded systems
Aybar, Güray; Schmidt, Şenan Ece; Department of Electrical and Electronics Engineering (2011)
The Dynamic Distributed Dependable Real-Time Industrial communication Protocol (D3RIP) provides service guarantees for Real-Time traffic and integrates the dynamically changing requirements of automation applications in their operation to efficiently utilize the resources. The protocol dynamically allocates the network resources according to the respective system state. To this end, the protocol architecture consists of an Interface Layer that provides time-slotted operation and a Coordination Layer that as...
Pooling through lateral transshipments in service parts systems
Satir, Benhur; Savaşaneril Tüfekci, Seçil; Serin, Yaşar Yasemin (2012-07-16)
We study the inventory management problem of a service center operating in a decentralized service parts network. The service centers collaborate through inventory and service pooling, and through sharing information on the inventory status. Upon demand arrival, a service center may request a part from the other center, in which case a payment is made. Under this competitive and collaborative environment, we first characterize the optimal operating policy of an individual service center. Through computation...
CLOUDGEN: Workload generation for the evaluation of cloud computing systems CLOUDGEN: Bulut Bilişim Sistemlerinin Başarim Deǧerlendirmesi icin Iş Yuku Uretimi
Koltuk, Furkan; Yazar, Alper; Schmidt, Şenan Ece (2019-04-01)
In this paper, we propose CLOUDGEN workflow that produces synthetic workloads for Infrastructure and Platform as a Service for the evaluation of resource management approaches in cloud computing systems. To this end, CLOUDGEN systematically processes and clusters records in a given workload trace and fits distributions for different workload parameters within the clusters. Different than the previous work, clustering is carried out to produce different virtual machine types for achieving models that are sui...
Automated integration of real-time and non-real-time defense systems
Dalkiran, Emre; Onel, Tolga; Oğuztüzün, Mehmet Halit S.; Demir, Kadir Alpaslan (2021-04-01)
Various application domains require the integration of distributed real-time or near-real-time systems with non-real-time systems. Smart cities, smart homes, ambient intelligent systems, or network-centric defense systems are among these application domains. Data Distribution Service (DDS) is a communi-cation mechanism based on Data-Centric Publish-Subscribe (DCPS) model. It is used for distributed systems with real-time operational constraints. Java Message Service (JMS) is a messaging standard for enterpr...
Citation Formats
B. Bhargava, P. Angın, and R. Ranchal, “Privacy-preserving data sharing and adaptable service compositions in mission-critical clouds,” New Delhi, Hindistan, 2021, vol. 2786, Accessed: 00, 2021. [Online]. Available: