About
32
Publications
24,070
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
665
Citations
Introduction
Additional affiliations
July 2010 - February 2016
Publications
Publications (32)
Cloud Computing is developed as a new wave of ICT technologies, offering a common approach to on-demand provisioning of computation, storage and network resources that are generally referred to as infrastructure services. Most of currently available commercial cloud services are built and organized reflecting simple relations between single provide...
One of the primary challenges to apply the XACML access control policy language in applications is the performance problem of policy evaluation engines, particularly when they experience a great number of policies. Some existing works attempted to solve this problem, but only for some particular use-cases: either supporting simple policies with equ...
This paper presents ongoing research to define the basic models and architecture patterns for federated access control in heterogeneous (multi-provider) multi-cloud and inter-cloud environment. The proposed research contributes to the further definition of Intercloud Federation Framework (ICFF) which is a part of the general Intercloud Architecture...
This paper presents the concept of Open Cloud eXchange (OCX) that has been proposed to bridge the gap between two major components of the cloud services provisioning infrastructure: Cloud Service Provider (CSP) infrastructure; and cloud services delivery infrastructure which in many cases requires dedicated local infrastructure and quality of servi...
Big Data technologies are changing the traditional technology domains and their successful use will require new security models and new security design approaches to address emerging security challenges. This paper intends to provide initial analysis of the security issues and challenges in Big Data and map new challenges and problems to the tradit...
XACML policy evaluation efficiency is an important factor influencing the overall system performance, especially when the number of policies grows. Some existing approaches on high performance XACML policy evaluation can support simple policies with equality comparisons and handle requests with well defined conditions. Such mechanisms do not provid...
This paper presents on-going research to develop the Intercloud Architecture Framework (ICAF) that addresses problems in multi-provider multi-domain heterogeneous cloud based infrastructure services and applications integration and interoperability, to allow their on-demand provisioning. The paper refers to existing standards and ongoing standardis...
This chapter discusses conceptual issues, basic requirements and practical suggestions for designing dynamically configured security infrastructure provisioned on demand as part of the cloud-based infrastructure. This chapter describes general use cases for provisioning cloud infrastructure services and the proposed architectural framework that pro...
This paper presents on-going research to develop the Intercloud Architecture Framework (ICAF) that addresses problems in multi-provider multi-domain heterogeneous cloud based infrastructure services and applications integration and interoperability. The paper refers to existing standards in Cloud Computing, in particular, recently published NIST Cl...
In cloud computing, data are managed by different entities, not only by the actual data owner but also by many cloud providers. Sophisticated clouds collaboration scenarios may require that the data objects are distributed at cloud providers and accessed remotely, while still being under the control of the data owners. This brings security challeng...
Cloud Platform as a Service (PaaS) provides an environment for creating and deploying applications using one of popular development platforms. This paper presents a practical solution for building a service composition platform based on the GEMBus (GEANT Multi-domain Bus) that extends the industry accepted Enterprise Service Bus (ESB) platform with...
Cloud computing is developing as a new wave of ICT technologies, offering a common approach to on-demand provisioning of computation, storage and network resources which are generally referred to as infrastructure services. Most of currently available commercial Cloud services are built and organized reflecting simple relations between a single pro...
As cloud computing continues to gain traction, a great deal of effort is being expended in researching the most effective ways to build and manage secure and trustworthy clouds. Providing consistent security services in on-demand provisioned Cloud infrastructure services is of primary importance due to the multi-tenant and potentially multi-provide...
Cloud computing is developing as a new wave of ICT technologies, offering a common approach to on-demand provisioning computation, storage and network resources which are generally referred to as infrastructure services. Most of currently available commercial Cloud services are built and organized reflecting simple relations between single provider...
Providing consistent security services in on-demand provisioned Cloud infrastructure services is of primary importance due to multi-tenant and potentially multi-provider nature of Clouds Infrastructure as a Service (IaaS) environment. Cloud security infrastructure should address two aspects of the IaaS operation and dynamic security services provis...
Cloud technologies are emerging as a new way of provisioning virtualised computing and infrastructure services on-demand for collaborative projects and groups. Security in provisioning virtual infrastructure services should address two general aspects: supporting secure operation of the provisioning infrastructure, and provisioning a dynamic access...
Over the years, the Internet has become a central tool for society. The extent of its growth and usage raises critical issues associated with its design principles that need to be addressed before it reaches its limits. Many emerging applications have increasing requirements in terms of bandwidth, QoS and manageability. Moreover, applications such...
We present variations and modifications of the image-feature based human identification protocol proposed by Jameel et al
with application to user authentication on mobile devices with limited display capabilities. The protocols introduced are
essentially reduced versions of the original protocol with a minor tradeoff between security and usability...
Key establishment plays a central role in authentication and encryption in wireless sensor networks, especially when they are mainly deployed in hostile environments. Because of the strict constraints in power, processing and storage, designing an efficient key establishment protocol is not a trivial task. Compared with public key cryptography, sym...
Recent research on ubiquitous computing has introduced a new concept of activity-based computing as a way of thinking about supporting human activities in ubiquitous computing environment. Existing access control approaches such as RBAC, became inappropriate to support this concept because they do not consider human activities. In this paper, we pr...
Bardram introduced a new concept of activity-based computing as a way of thinking about supporting human activities in ubiquitous environments. In such environments where users are using a multitude of heterogeneous computing devices, the need for supporting users at the activity level becomes essential. However, without considering basic security...
For many sensor network applications such as military or homeland security, it is essential for users (sinks) to access the sensor network while they are moving. Sink mobility brings new challenges to secure routing in large-scale sensor networks. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemin...
Key establishment plays a central role in authentication and encryption in wireless sensor networks, especially when they are mainly deployed in hostile environments. Because of the strict constraints in power, processing and storage, designing an efficient key establishment protocol is not a trivial task. Compare with traditional public key crypto...
Important applications of Wireless Ad Hoc Networks make them very attractive to attackers, therefore more research is required to guarantee the security for Wireless Ad Hoc Networks. In this paper, we proposed a transmission time based mechanism (TTM) to detect wormhole attacks - one of the most popular & serious attacks in Wireless Ad Hoc Networks...
Key establishment plays a central role in authentication and encryption in wireless sensor networks, especially when they are mainly deployed in hostile environments. Because of the strict constraints in power, processing and storage, designing an efficient key establishment protocol is not a trivial task. Also, it is infeasible to apply public key...