Theo Dimitrakos

Theo Dimitrakos
University of Kent | KENT · School of Computing

PhD - Imperial College London

About

196
Publications
31,831
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,602
Citations
Additional affiliations
September 2016 - present
Huawei Technologies
Position
  • Lead expert -- Cyber security and Privacy Protection
September 2013 - present
University of Kent
Position
  • Professor
November 2004 - August 2016
British Telecommunications
Position
  • Chief Research Professional

Publications

Publications (196)
Chapter
In highly dynamic and distributed computing environments (e.g., Cloud, Internet of Things (IoT), mobile, edge), robust access and usage control of assets is crucial. Since assets can be replicated in various locations on heterogeneous platforms and dynamic networks with unknown or partially authenticated users, the need for a uniform control mechan...
Chapter
The need for collaboration and digital transformation is among the lessons the world has realized during the pandemic. This chapter argues that the strategy of the European Union to bring the concepts of sovereignty to the digital world is a crucial enabler to achieve these two goals. This strategy is being shaped by several community initiatives,...
Conference Paper
Access control has been traditionally used to protect data and privacy. Traditional access control models (e.g., ABAC, RBAC) cannot meet modern security requirements as technologies spread over heterogeneous and dynamic environments that need continuous monitoring. Modern models such as Usage Control (UCON) introduced the concept of continuous auth...
Chapter
Full-text available
The automotive industry is witnessing an accelerated growth in digital innovations that turn modern vehicles into digital systems. This makes the security of modern vehicles a crucial concern as they have evolved into cyber-physical and safety-critical systems. Therefore, stateful identity management and continuous access control have become a para...
Conference Paper
Managing access to resources is one of the security mechanisms used for protecting the organization's assets from unauthorized usage, and thus potential data leaks. Thus, keeping access control policies up to date is a crucial task for any organization. However, the access control policy update process usually requires direct interaction of securit...
Chapter
This work builds on top of an architecture and prototype implementation of a novel trust-aware continuous authorization technology that targets consumer Internet of Things (IoT), e.g., Smart Home to introduce a novel trust algorithm and meta attribute evaluation. Our approach extends previous work in two complementary ways: (1) By introducing a nov...
Chapter
Full-text available
Attribute Based Access Control is a widely used access control model, which regulates the access to the resources by evaluating security policies which contain a number of attributes related to the subject, the object and the environment distinguishing thus from a simple access control list or a role-based model. Although, the dynamicity of today’s...
Chapter
In many application scenarios, such as cloud computing and network function virtualisation, entities from different domains or their interactions are short-lived. Yet, it is often necessary to ensure accountability of events recorded by such entities about their application-specific interactions. The distributed and multi-domain nature of this prob...
Chapter
Full-text available
In this paper we present a security architecture style and approach named Security Controls Oriented Reference (SCORE) Architecture. The SCORE Architecture extends commonly used security architecture methodologies by placing particular emphasis on how security controls are specified, refined, implemented, traced and assessed throughout the security...
Article
Full-text available
Performance and dependability levels of cloud-based computations are difficult to guarantee by-design due to segregation of visibility and control between applications, data owners, and cloud providers. Lack of predictability increases users' uncertainty about the service levels they will actually achieve. Cloud tenants compete for shared resources...
Conference Paper
The benefits of Cloud Computing are now widely recognised, in terms of easy, flexible, scalable and cost effective deployment of services and storage. At the same time, the growth in Big Data solutions is offering a plethora of new service opportunities. However, significant barriers of trust and privacy concerns are slowing the adoption of Big Dat...
Patent
A method for deploying a software application for execution, the method comprising: receiving an application specification for the application, the application specification including an identification of one or more resources required for execution of the application; receiving a set of infrastructure specifications, each infrastructure specificat...
Conference Paper
Full-text available
Unpredictability of cloud computing due to segregation of visibility and control between applications, data owners, and cloud providers increases tenants’ uncertainty when using cloud services. Adaptation techniques become fundamental to provide a reliable cloud-based infrastructure with definite behavior, which preserves a stable quality of servic...
Patent
A method for enforcing a model deployment specification for a software application in execution in a virtualised computing environment, the method comprising: retrieving a compliance characteristic for the application, the compliance characteristic having associated a compliance criterion; receiving a model deployment specification for the complian...
Patent
A software compliance assessment apparatus for determining a level of compliance of a software application in execution in a virtualised computing environment, the apparatus comprising: an identifier component operable to identify resources instantiated for execution of the application; a retriever component operable to retrieve a compliance charac...
Patent
A method of augmenting a deployment specification for a software application to determine a level of compliance of the application with a compliance characteristic, the deployment specification being suitable for identifying a resource required to execute the software application in a virtualised computing environment, the method comprising: receiv...
Patent
A method for categorising a state of operation of a software application in execution in a virtualised computing environment, the application having associated a set of software components being operable to access data associated with the application, the method comprising the steps of: receiving a set of software application state definitions, eac...
Patent
An apparatus for enforcing a compliance requirement for a software application in execution in a virtualised computing environment, the apparatus comprising: an identifier component operable to identify a resource instantiated for execution of the application; a retriever component operable to retrieve a compliance characteristic for the applicatio...
Conference Paper
Full-text available
The economic benefits of cloud computing are encouraging customers to bring complex applications and data into the cloud. However security remains the biggest barrier in the adoption of cloud, and with the advent of multi-cloud and federated clouds in practice security concerns are for applications and data in the cloud. This paper proposes securit...
Conference Paper
Protecting systems, applications and data hosted on a Cloud environment against cyber-threats, and accounting for security incidents across the Cloud estate are prerequisites to Cloud adoption by business, and a fundamental element of both national and corporate cyber-security and Cloud strategies. Yet, Cloud IaaS and PaaS providers typically hold...
Conference Paper
Businesses are using Cloud, hosting and managed services to facilitate growth, not just cut costs. For business critical applications to move to the Cloud, however, significant challenges to widespread adoption still remain, mostly concerning security, assurance and compliance, notably data protection, control, availability and resilience.
Conference Paper
In recent times, public bodies are adopting IaaS solutions for deploying online governmental services. A sufficient number are adopting private cloud solutions while others hybrid or public offerings, making the necessity of a Cloud Orchestrator highly imperative. In this paper, the STRATEGIC Cloud Orchestrator is presented which targets deployment...
Conference Paper
Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualized computing resources as on-demand and dynamic services. Nevertheless, a single cloud provider may not have limitless resources to offer to its users, hence the notion of an Inter-Cloud environment where a cloud can...
Article
Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualized computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud environment where a cloud can use the...
Patent
Methods and apparatus for controlling the operation of a distributed application using message interception techniques are disclosed. The message interception software is independent of the software components making up the distributed application. The message interception software processes messages by carrying out a series of actions set out in a...
Conference Paper
Despite the advantages and rapid growth of Cloud computing, the cloud environments are still not sufficiently trustworthy from a customer’s perspective. Several challenges such as specification of service level agreements, standards, security measures, selection of service providers and computation of trust still persists, that concerns the custome...
Patent
This invention relates to a system and method for establishing a secure group of entities in a computer network, such as those originating from different trust domains, for the purpose of protecting the activity being executed. The invention allows for the on-demand automated creation of a virtual security perimeter around an arbitrary group of ser...
Conference Paper
An innovative context-aware multi-factor authentication scheme based on a dynamic PIN is presented. The scheme is based on graphical passwords where a challenge is dynamically produced based on contextual factors and client device constraints while balancing security assurance and usability. The approach utilizes a new methodology where the cryptog...
Conference Paper
This paper presents a framework of Mirroring Mobile Phone in the Clouds (MMPC) to speed up data/computing intensive applications on a mobile phone by taking full advantage of the super computing power of the clouds. An application on the mobile phone is dynamically partitioned in such a way that the heavy-weighted part is always running on a mirror...
Conference Paper
Big data needs to feed users with fresh processing results and cloud platforms can be used to speed up big data applications. This paper describes a new data communication protocol (CloudJet) for long distance and large volume big data accessing operations to alleviate the large latencies encountered in sharing big data resources in the clouds. It...
Patent
Full-text available
A computer network is disclosed in which a group of computers co-operate to perform a distributed application. In order to ensure that only members of that group of computers are able to carry out certain operations, messages sent in the performance of the distributed application are checked by the recipient for the presence of a group membership t...
Patent
Full-text available
A distributed computer system is disclosed in which computers co-operate with one another by sending messages over a network such as the Internet in order to perform a distributed application. In order to improve the security of such system, each web service involved in the distributed application runs in a separate virtual machine. Furthermore, th...
Conference Paper
A mechanism that takes into account the combination of security requirements from independent administrative entities over a set of interacting resources on a smart device requires the ability to provide some sort of execution context control. The proposed framework consists of an architecture and a policy model. The architecture detects different...
Conference Paper
Full-text available
Recommender systems typically use collaborative filtering to make sense of huge and growing volumes of data. An emerging trend in industry has been to use public clouds to deal with the computing and storage requirements of such systems. This, however, comes at a price -- data privacy. Simply ensuring communication privacy does not protect against...
Conference Paper
Security and trust in service providers is a major concern in the use of cloud services and the associated process of selecting a cloud service provider that meets the expectations and needs of one’s security requirements is not easy. As a solution, we propose a broker architecture model that enables us to build a security reputation framework for...
Conference Paper
Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualised computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud enviroment where a cloud can use the i...
Article
Full-text available
Recommender systems use, amongst others, a mechanism called collaborative filtering (CF) to predict the rating that a user will give to an item given the ratings of other items provided by other users. While reasonably accurate CF can be achieved with various well-known techniques, preserving the privacy of rating data from individual users poses a...
Conference Paper
This paper focuses on the problem of how to protect personal data and privacy in the context of internet-centric services. Two main challenges are considered: how to enable individuals to express data protection requirements on their data in a disclosure request; and how to ensure data is actually protected and processed according to the intended p...
Conference Paper
Full-text available
Year 2012 completes a decade since the iTrust research network was established in Europe. The international research community associated with iTrust is the predecessor of the IFIP Working Group 11.11 on Trust Management, the organization largely behind events such as the IFIPTM conference series. The completion of a decade since the establishment...
Conference Paper
The cloud is a utility computing infrastructure that has caused a paradigm shift in the way organisations requisition, allocate, and use IT resources. One big challenge is to preserve the confidentiality of information on the cloud. Most typical solutions use cryptographic techniques without considering how well suited they are to the cloud. This p...
Article
Full-text available
The Internet of Things and Services is a rapidly growing concept that illustrates that the ever increasing amount of physical items of our daily life which become addressable through a network could be made more easily manageable and usable through the use of Services. This surge of exposed resources along with the level of privacy and value of the...
Conference Paper
Full-text available
Rating-based collaborative filtering (CF) enables the prediction of the rating that a user will give to an item, based on the ratings of other items given by other users. However, doing this while preserving the privacy of rating data from individual users is a significant challenge. Several privacy preserving schemes have, so far been proposed in...
Conference Paper
Full-text available
We demonstrate the OPTIMIS toolkit for scalable and dependable service platforms and architectures that enable flexible and dynamic provisioning of Cloud services. The innovations demonstrated are aimed at optimizing Cloud services and infrastructures based on aspects such as trust, risk, eco-efficiency, cost, performance and legal constraints. Ada...
Conference Paper
Full-text available
The use of cloud computing services has developed into a new method for deploying software and services and hosting data. The model has provided enormous social and economic benefits but at the same time it has also created potential privacy and security challenges for businesses, individuals and the governments. For example, the use of shared comp...
Conference Paper
Service Oriented Infrastructures including Grid and Cloud Computing are technologies in a critical transition to wider adoption by business. Their use may enable enterprises to achieve optimal IT utilization, including sharing re-sources and services across-enterprises and on-demand utilization of those made available by business partners over the...
Conference Paper
Full-text available
The cloud based delivery model for IT resources is revolutionizing the IT industry. Despite the marketing hype around “the cloud”, the paradigm itself is in a critical transition state from the laboratories to mass market. Many technical and business aspects of cloud computing need to mature before it is widely adopted for corporate use. For exampl...
Chapter
The Virtual Hosting Environment (VHE) is an advanced Information and Communication Technologies (ICT) environment where business services can be integrated with one another across organisational boundaries and domains. The VHE also provides the means to virtualize the environment where the business servicesoperate. There are two keys areas to be co...
Conference Paper
Full-text available
In this work we focus on solutions to an emerging threat to cloud-based services namely that of data seizures within a shared multiple customer architecture. We focus on the problem of securing distributed data storage in a cloud computing environment by designing a specialized multi-tenant data-storage architecture. The architecture we present not...
Conference Paper
Full-text available
Business requirements for rapid operational efficiency, customer responsiveness as well as rapid adaptability are actively driving the need for ever increasing communication and integration capabilities of software assets. In this context, security, although acknowledged as being a necessity, is often perceived as a hindrance. Indeed, dynamic envir...
Chapter
Full-text available
Most of the results presented in this book were created within the BEinGRID project. BEinGRID, Business Experiments in GRID, is the European Commission’s largest integrated project funded by the Information Society Technologies (IST) research, part of the European Union’s sixth research Framework Programme (FP6). This consortium of 96 partners is d...
Chapter
The mission of the BEinGRID project was to generate knowledge, technological improvements, business demonstrators and reference case studies to help companies and other organizations to establish effective routes to foster the adoption of Grid and Cloud Computing, which are often summarized under the term Service Oriented Infrastructures (SOI)1, an...
Book
Service-Oriented Infrastructures including Grid and Cloud Computing are technologies in a critical transition to wider adoption by business. Their use may enable enterprises to achieve optimal IT utilization, including sharing resources and services across enterprises and on-demand utilization of those made available by business partners over the n...
Chapter
The way enterprises conduct business today is changing greatly. The enterprise has become more pervasive with a mobile workforce, outsourced data centers, different engagements with customers and distributed sites [19.1, 2]. In addition, companies seeking to optimize their processes across their supply chains are implementing integration strategies...
Chapter
Organisations increasingly engage in business collaborations with different partners in different locations. Such enterprises want to capitalise on and offer their existing internal capabilities as services to its customers. Service-oriented architectures let them do so. SOA by definition is loosely coupled, highly granular, and often widely distri...
Conference Paper
Full-text available
Currently, business requirements for rapid operational efficiency, customer responsiveness as well as rapid adaptability are driving the need for ever increasing communication and integration capabilities of the software assets. Service Oriented Architecture (SOA) is generally acknowledged as being a potential solution to expose finely grained piec...
Article
Full-text available
TrustCom is a new European integrated project that aims to develop a framework for trust, security and contract management in dynamic Virtual Organisations. The framework will enable the secure enactment of collaborative business processes in self-managed, and dynamic value-chains of businesses and governments. The framework will leverage and exten...
Conference Paper
Full-text available
This paper presents a Service Oriented Architecture to manage the lifecycle of a federation in a secure Business to Business (B2B) environment. The main contribution of the authors to Grid and SOA communities is related to the definition and development of a set of design patterns and software components to support the creation, management and diss...
Article
Full-text available
The concept of the Service Oriented Infrastructure (SOI) is not just the result of technological advance; it has been stimulated by the needs of organisations. The modern organisation is seeking to efficiently utilise its information and communications technology (ICT) infrastructure, while at the same time ensuring that components of the infrastru...
Chapter
IntroductionConceptScenarios and Case StudiesConclusion References
Conference Paper
One of the primary benefits of Service Oriented Architecture (SOA) (1) is the ability to compose applications, processes or more complex services from other services. As the complexity and sophistication of theses structures increases, so does the need for adaptability of each component. In recent years, a lot of effort has been put into improving...
Conference Paper
Full-text available
Web Services and SOA provide interoperability and architectural baseline for flexible and dynamic cro ss- enterprise collaborations, where execution and use of the participating services contributes to the commo n objective. Relationships within these collaboration s are complex, with services joining and leaving throughout the life cycle, or the s...
Conference Paper
The work presented in this paper describes an architecture for a secure Virtual Organization Management framework. This work is taking place in the BEinGRID EU project, which aims to advance the take up of Grid technologies in the business domain by conducting a number of business experiments and in parallel producing a number of components. The ma...
Conference Paper
Security enforcement framework is an important aspect of any distributed system. With new requirements imposed by SOA-based business models, adaptive security enforcement on the application level becomes even more important. Our work on the enforcement framework to date has resulted in a comprehensive middleware-based solution leveraging on Web ser...
Article
Levaraging the convergence of Grid and Web services technologies, we anticipate the emergence of new business and scientific computing paradigms that are based on dynamic Virtual Organisations (VO). These VOs span across organisational boundaries and enable the enactment of collaborative processes that integrate services, resources and knowledge in...
Conference Paper
Full-text available
Andago Ingeniería SL has developed the Andago Games Platform [1], an open source platform which provides the necessary technological base for provisioning online game services based on service strategies like user loyalty, or based on business strategy models like subscriptions or micro payments. However, the platform requires important investments...
Conference Paper
Full-text available
The rise in practical Virtual Organisations (VOs) requires secure access to data and interactions between their partners. Ad hoc solutions to meet these requirements are possible, but Web services hold out the potential for generic security solutions whose cost can be spread across several short lived dynamic VOs. This paper identifies trust and se...