Khaled Mahbub

Khaled Mahbub
Birmingham City University | BCU · School of Computing and Digital Technology

About

23
Publications
3,055
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
365
Citations

Publications

Publications (23)
Article
We discuss the problem of accountability when multiple parties cooperate towards an end result such as multiple companies in a supply chain or departments of a government service under different authorities. In cases where a full trusted central point does not exist, it is difficult to obtain a trusted audit trail of a workflow when each individual...
Chapter
Full-text available
Auditing operations in multi-party data exchange, and over an arbitrary topology, is a common requirement yet still an open problem especially in the case where no trust on any participating party can be presumed. The challenges range from storage of the audit trail to tampering and collusion of participating entities. In this paper, we propose a b...
Chapter
Workflows involve actions and decision making at the level of each participant. Trusted generation, collection and storage of evidence is fundamental for these systems to assert accountability in case of disputes. Ensuring the security of audit systems requires reliable protection of evidence in order to cope with its confidentiality, its integrity...
Article
Cyber Threat Intelligence (CTI) sharing has become a novel weapon in the arsenal of cyber defenders to proactively mitigate increasing cyber attacks. Automating the process of CTI sharing, and even the basic consumption, has raised new challenges for researchers and practitioners. This extensive literature survey explores the current state-of-the-a...
Chapter
Microservices-based applications are considered to be a promising paradigm for building large-scale digital systems due to their flexibility, scalability, and agility of development. To achieve the adoption of digital services, applications holding personal data must be secure while giving end-users as much control as possible. On the other hand, f...
Article
Microservices have drawn significant interest in recent years and are now successfully finding their way into different areas, from enterprise IT and the Internet of Things to critical applications. This paper discusses how microservices can be secured at different levels and stages considering a common software development lifecycle.
Article
Full-text available
Cyber threat intelligence sharing has become a focal point for many organizations to improve resilience against cyberattacks. The objective lies in sharing relevant information achieved through automating as many processes as possible without losing control or compromising security. The intelligence may be crowdsourced from decentralized stakeholde...
Chapter
Cyber threat intelligence sharing is an imperative process to survive current and future attacks. The received information may protect stakeholders from being attacked by utilizing the course of action to remedy on-site vulnerabilities. Automating this process has shown to be challenging because several processes have to be synchronized and orchest...
Article
In this paper we describe the structure and functionality of a certification integrated framework aimed to support the certification of security properties of a Cloud infrastructure (IaaS), a platform (PaaS), or the software layer (SaaS). Such framework will bring service users, service providers and cloud suppliers to work together with certificat...
Conference Paper
Existing approaches for monitoring Service-based Systems assume monitor rules are pre-defined and known in advance. Furthermore, in most of the cases, monitor rules are associated to a set of actions, triggered by the deviations from the expected behaviour, to compensate for an unexpected conduct. Such a reactive strategy, based on pre-defined rule...
Conference Paper
With the increased awareness of security and safety of services in on-demand distributed service provisioning (such as the recent adoption of Cloud infrastructures), certification and compliance checking of services is becoming a key element for service engineering. Existing certification techniques tend to support mainly design-time checking of se...
Article
Full-text available
Effective runtime service discovery requires identification of services based on different service characteristics such as structural, behavioural, quality, and contextual characteristics. However, current service registries guarantee services described in terms of structural and sometimes quality characteristics and, therefore, it is not always po...
Conference Paper
Full-text available
In this paper we propose a framework for proactive SLA negotiation that integrates this process with dynamic service discovery and, hence, can provide integrated runtime support for both these key activities which are necessary in order to achieve the runtime operation of service based systems with minimised interruptions. More specifically, our fr...
Conference Paper
Full-text available
Service discovery has been recognised as an important aspect of service oriented computing. This is even more the case when developing service centric systems in which software systems are constructed based on the identification and composition of Web services that together can fulfil the functionality of the system being developed. In this paper w...
Conference Paper
Full-text available
In this paper we describe a platform that supports context aware runtime service discovery. The platform supports service discovery based on structural and behavioural service models as well as complex context related service discovery conditions which are specified in a newly introduced query language. During discovery, context information is obta...
Conference Paper
Full-text available
This paper describes a framework supporting the runtime monitoring of requirements for systems implemented as compositions of Web-services specified in BPEL. The requirements that can be monitored are specified in event calculus. The paper presents an overview of the framework and describes the architecture and implementation of a tool that we have...
Conference Paper
Full-text available
This work proposes a framework for run-time monitoring of the compliance of systems composed of Web-services with requirements set for them. The framework assumes systems composed of Web-services which are coordinated by a service composition process expressed in BPEL4WS and uses event calculus to specify the requirements to be monitored. These req...

Network

Cited By