Secure Information Technology Center – Austria

9

May

2017

Migrating Edge Computing to Hybrid Edge Computing

Kategorie: Cloud Computing

Currently, various ways exist to offload computationally intensive tasks to remote computers. The goals of these approaches are similar: increase performance and reduce energy consumption.
Furthermore, is was discovered that moving computing units in the priximity of the users is beneficial and is key to achieve best possible results. These revelations form the baseline for the Edge Computing paradigm.
Weiter lesen…

5

May

2017

State of the Art Services for Direct Communication

Kategorie: Cloud Computing, IT-Security

Direct data transfer and direct communication services are becoming increasingly relevant due to widespread availability of high bandwidth Internet connections. At the same time, some properties of today’s Internet infrastructure overcomplicate the act of establishing direct end-to-end connections. This is mostly due to legacy technologies still dominating some key components of the TCP/IP stack. To make matters worse, this is unlikely to change significantly for the foreseeable future.
Weiter lesen…

24

April

2017

Automated Reasoning over Security Policies

Kategorie: Cloud Computing, eGovernment, IT-Security, Web Technologies

Applied approaches on authorization management often focus on a single system or environment, neglecting the need to address the security of data sharing processes that span various entities and organizations.
In the course of this work, we address the shortcomings of existing frameworks by separating authorization management from particular organizations, their business or resource models. We establish a framework that defines abstract means to manage the security of resources distributed across diverse services using a unified service and policy description models. Weiter lesen…

15

March

2017

Security Aspects of Web-APIs

Kategorie: Cloud Computing, eGovernment, IT-Security, Web Technologies

Web-APIs represent a significant building block of the modern Web. They enable efficient and technology neutral data and process integration between diverse entities and platforms. As an innovation driver, they facilitate the creation of new business models and products. The broad variety of APIs, as well as the need to efficiently manage their lifecycles, motivated the inception of specifications and tools to ease and accelerate their development and integration in programmatic environments. Weiter lesen…

Decentralisation of Centralised Services

Kategorie: Cloud Computing, IT-Security

In recent years, the way users utilise their personal devices changed drastically due to the increasing popularity of smartphones and other mobile devices. A modern-day user typically owns multiple devices running a wide variety of different services which (ideally) should be available anywhere at all times. Service operators cater to these needs. From a software-architectural point of view, this is oftentimes achieved by relying on traditional client-server architectures. Central instances still play a major role when it comes to delivering internet-based services to end users. In essence, existing systems have often been extended and adapted to meet today’s user requirements. Their underlying structure, however, remained unchanged in many cases. Weiter lesen…

Contextual Data Exchange

Kategorie: Cloud Computing, eGovernment, IT-Security

In this project we present the reusable data structure that addresses the issues of static, inflexible and practically non-interoperable authorization definitions. We first establish the structure that introduces enhanced expressivity, context-sensitivity and adaptability in descriptions of authorization constraints. We then develop the supporting software component and the web-based interface for definition and inspection of access authorizations established using the proposed structure. Based on that, we present a demonstration prototype and describe the application of the proposed structure both in terms of emerging solutions and existing authorization frameworks

 

13

July

2016

Server-side Solutions for Cloud-based Mobile Augmentation

Kategorie: Cloud Computing, IT-Security

Although mobile end-user devices are getting more and more powerful, they still suffer from limited processing capabilities and battery capacities. To address this problem, the augmentation of mobile devices with resources from surrounding devices or with cloud-based resources has gained popularity in the recent years. Existing solutions that follow this approach and offload computationally intensive tasks already yield great results for specific use cases. Unfortunately, most of these solutions are tailored to specific operating systems or programming languages, and do not support the flexible usage of resources. To overcome these limitations, we introduce a secure and flexible resource discovery solution for mobile augmentation systems.
Weiter lesen…

14

June

2016

Dynamic Key Usage Policies

Kategorie: Cloud Computing, IT-Security

More and more data and resources are moved to the cloud. Even cryptographic primitives do benefit from the advantages of the cloud. However, state-of-the-art authentication methodologies and defense strategies mostly cannot cope with attacks while simultaneously allowing the legitimate user to use the service. The legitimate user often is required to do manual steps to gain access to the service again. Denial-of-Service attacks against a user therefore persist. Weiter lesen…

12

May

2016

Managing Security of API-based Integration Workflows

Kategorie: Cloud Computing, IT-Security

Security requirements, particularly those on confidentiality, require IT processes to be compliant to the least privilege principle. OAuth 2.0, a currently broadly adopted authorization protocol, meets these requirements only partially. For example, due to unilateraly defined and service provider specific representation of access scopes, the possibility to granulary and interoperably structure access restrictions and authorizations is virtually eliminated. This problem concerns in particular cross-domain data exchanges, as the security measures in different organizations can be applied only in limited extent.

The architecture and relevant first results of ongoing work were presented in the scope of DISSECT Workshop at IEEE / IFIP NOMS Conference. The proposed approach addresses the security management of API-based interactions. The prospects of service providers, clients and data owners are taken into consideration to enable the contextual dependence in API-based data exchanges, as well as to support the granularity and interoperability in security management.

Platform Independent CMA System

Kategorie: Cloud Computing, IT-Security

Despite their continuously growing popularity, mobile end-user devices still suffer from limited computing resources. This complicates the use of complex mobile applications that require resource-intensive computations.
Recently, several frameworks have been developed that enable mobile applications to follow the cloud-based mobile augmentation (CMA) approach. This approach defines a strategy to dynamically outsource resource-intensive tasks to external resources. None of the existing frameworks focuses on cross-platform applicability and interoperability issues. It turns out that all of the existing frameworks are tailored to specific platforms and specific operating systems. Furthermore, security is not tackled at all by any of the frameworks.
Weiter lesen…