Visible to the public Middleware Security

SoS Newsletter- Advanced Book Block

Middleware Security

Middleware facilitates distributed processing, and is of significant interest to the security world with the development of cloud and mobile applications. The articles listed here, presented and published in the first half of 2014, cover middleware used for healthcare, cyber-physical systems, and trust management.

  • Bruce, N.; Sain, M.; Hoon Jae Lee, "A Support Middleware Solution For E-Healthcare System Security," Advanced Communication Technology (ICACT), 2014 16th International Conference on , vol., no., pp.44,47, 16-19 Feb. 2014. doi: 10.1109/ICACT.2014.6778919 This paper presents a middleware solution to secure data and network in the e-healthcare system. The e-Healthcare Systems are a primary concern due to the easiest deployment area accessibility of the sensor devices. Furthermore, they are often interacting closely in cooperation with the physical environment and the surrounding people, where such exposure increases security vulnerabilities in cases of improperly managed security of the information sharing among different healthcare organizations. Hence, healthcare-specific security standards such as authentication, data integrity, system security and internet security are used to ensure security and privacy of patients' information. This paper discusses security threats on e-Healthcare Systems where an attacker can access both data and network using masquerade attack Moreover, an efficient and cost effective approach middleware solution is discussed for the delivery of secure services.
    Keywords: data privacy; health care; medical administrative data processing; middleware; security of data; Internet security; authentication; data integrity; e-health care system security; electronic health care; health care organizations; health care-specific security standards; information sharing; masquerade attack; patient information privacy; patient information security; security vulnerabilities; support middleware solution; system security; Authentication; Communication system security; Logic gates; Medical services; Middleware; Wireless sensor networks; Data Security; Middleware; Network Security; e-Healthcare (ID#:14-2192)
  • Kanewala, T.A; Marru, S.; Basney, J.; Pierce, M., "A Credential Store for Multi-tenant Science Gateways," Cluster, Cloud and Grid Computing (CCGrid), 2014 14th IEEE/ACM International Symposium on , vol., no., pp.445,454, 26-29 May 2014. doi: 10.1109/CCGrid.2014.95 Science Gateways bridge multiple computational grids and clouds, acting as overlay cyber infrastructure. Gateways have three logical tiers: a user interfacing tier, a resource tier and a bridging middleware tier. Different groups may operate these tiers. This introduces three security challenges. First, the gateway middleware must manage multiple types of credentials associated with different resource providers. Second, the separation of the user interface and middleware layers means that security credentials must be securely delegated from the user interface to the middleware. Third, the same middleware may serve multiple gateways, so the middleware must correctly isolate user credentials associated with different gateways. We examine each of these three scenarios, concentrating on the requirements and implementation of the middleware layer. We propose and investigate the use of a Credential Store to solve the three security challenges.
    Keywords: cloud computing; grid computing; middleware; user interfaces; clouds; computational grids; credential store; gateway middleware; middleware tier; multitenant science gateways; overlay cyber infrastructure; resource tier;user interfacing tier; Authentication; Communities; Logic gates; Middleware; Portals; Servers; Apache Airavata; Credential Store; OA4MP; Science Gateways; Security (ID#:14-2193)
  • Al-Anzi, F.S.; Salman, AA; Jacob, N.K.; Soni, J., "Towards Robust, Scalable And Secure Network Storage In Cloud Computing," Digital Information and Communication Technology and it's Applications (DICTAP), 2014 Fourth International Conference on , pp.51,55, 6-8 May 2014. doi: 10.1109/DICTAP.2014.6821656 The term Cloud Computing is not something that appeared overnight, it may come from the time when computer system remotely accessed the applications and services. Cloud computing is Ubiquitous technology and receiving a huge attention in the scientific and industrial community. Cloud computing is ubiquitous, next generation's in-formation technology architecture which offers on-demand access to the network. It is dynamic, virtualized, scalable and pay per use model over internet. In a cloud computing environment, a cloud service provider offers "house of resources" includes applications, data, runtime, middleware, operating system, virtualization, servers, data storage and sharing and networking and tries to take up most of the overhead of client. Cloud computing offers lots of benefits, but the journey of the cloud is not very easy. It has several pitfalls along the road because most of the services are outsourced to third parties with added enough level of risk. Cloud computing is suffering from several issues and one of the most significant is Security, privacy, service availability, confidentiality, integrity, authentication, and compliance. Security is a shared responsibility of both client and service provider and we believe security must be information centric, adaptive, proactive and built in. Cloud computing and its security are emerging study area nowadays. In this paper, we are discussing about data security in cloud at the service provider end and proposing a network storage architecture of data which make sure availability, reliability, scalability and security.
    Keywords: cloud computing; data integrity; data privacy; security of data; storage management; ubiquitous computing; virtualization; Internet; adaptive security; authentication; built in security; client overhead; cloud computing environment; cloud service provider; compliance; confidentiality; data security; data sharing; data storage; information centric security; integrity; middleware; network storage architecture; networking; on-demand access; operating system; pay per use model; privacy; proactive security; remote application access ;remote service access; robust scalable secure network storage; server; service availability; service outsourcing; ubiquitous next generation information technology architecture; virtualization; Availability; Cloud computing; Computer architecture; Data security; Distributed databases; Servers; Cloud Computing; Data Storage; Data security; RAID (ID#:14-2194)
  • Xingbang Tian; Baohua Huang; Min Wu, "A Transparent Middleware For Encrypting Data in MongoDB," Electronics, Computer and Applications, 2014 IEEE Workshop on , vol., no., pp.906,909, 8-9 May 2014. doi: 10.1109/IWECA.2014.6845768 Due to the development of cloud computing and NoSQL database, more and more sensitive information are stored in NoSQL databases, which exposes quite a lot security vulnerabilities. This paper discusses security features of MongoDB database and proposes a transparent middleware implementation. The analysis of experiment results show that this transparent middleware can efficiently encrypt sensitive data specified by users on a dataset level. Existing application systems do not need too many modifications in order to apply this middleware.
    Keywords: cryptography; middleware; relational databases; MongoDB database; NoSQL database; cloud computing; dataset level; security vulnerability; sensitive data encryption; transparent middleware; Blogs; Cryptography; Educational institutions; Middleware; Database; Encrypting; MongoDB; NoSQL (ID#:14-2195)
  • Ochian, Adelina; Suciu, George; Fratu, Octavian; Voicu, Carmen; Suciu, Victor, "An Overview Of Cloud Middleware Services For Interconnection Of Healthcare Platforms," Communications (COMM), 2014 10th International Conference on , vol., no., pp.1,4, 29-31 May 2014. doi: 10.1109/ICComm.2014.6866753 Using heterogeneous clouds has been considered to improve performance of big-data analytics for healthcare platforms. However, the problem of the delay when transferring big-data over the network needs to be addressed. The purpose of this paper is to analyze and compare existing cloud computing environments (PaaS, IaaS) in order to implement middleware services. Understanding the differences and similarities between cloud technologies will help in the interconnection of healthcare platforms. The paper provides a general overview of the techniques and interfaces for cloud computing middleware services, and proposes a cloud architecture for healthcare. Cloud middleware enables heterogeneous devices to act as data sources and to integrate data from other healthcare platforms, but specific APIs need to be developed. Furthermore, security and management problems need to be addressed, given the heterogeneous nature of the communication and computing environment. The present paper fills a gap in the electronic healthcare register literature by providing an overview of cloud computing middleware services and standardized interfaces for the integration with medical devices.
    Keywords: big data; cloud; healthcare; middleware; security; standards (ID#:14-2196)
  • Hoos, E., "Design method for developing a Mobile Engineering-Application Middleware (MEAM)," Pervasive Computing and Communications Workshops (PERCOM Workshops), 2014 IEEE International Conference on, vol., no., pp.176,177, 24-28 March 2014. doi: 10.1109/PerComW.2014.6815193 Mobile Apps running on smartphones and tablet pes offer a new possibility to enhance the work of engineers because they provide an easy-to-use, touchscreen-based handling and can be used anytime and anywhere. Introducing mobile apps in the engineering domain is difficult because the IT environment is heterogeneous and engineering-specific challenges in the app development arise e. g., large amount of data and high security requirements. There is a need for an engineering-specific middleware to facilitate and standardize the app development. However, such a middleware does not yet exist as well as a holistic set of requirements for the development. Therefore, we propose a design method which offers a systematic procedure to develop Mobile Engineering-Application Middleware.
    Keywords: middleware; mobile computing; IT environment; MEAM; mobile engineering-application middleware; touchscreen-based handling; Business; Design methodology; Measurement; Middleware; Mobile communication; Security; Systematics; Design Method; Mobile Application; Mobile Engineering Application Middleware (ID#:14-2197)
  • Gang Han; Haibo Zeng; Yaping Li; Wenhua Dou, "SAFE: Security-Aware FlexRay Scheduling Engine," Design, Automation and Test in Europe Conference and Exhibition (DATE), 2014 , vol., no., pp.1,4, 24-28 March 2014. doi: 10.7873/DATE2014.021 In this paper, we propose SAFE (Security Aware FlexRay scheduling Engine), to provide a problem definition and a design framework for FlexRay static segment schedule to address the new challenge on security. From a high level specification of the application, the architecture and communication middleware are synthesized to satisfy security requirements, in addition to extensibility, costs, and end-to-end latencies. The proposed design process is applied to two industrial case studies consisting of a set of active safety functions and an X-by-wire system respectively.
    Keywords: automotive electronics; mobile radio; protocols; scheduling; telecommunication security ;FlexRay static segment schedule; SAFE;X-by-wire system; active safety functions; automotive domain; automotive electrical-electronic systems; communication middleware; communication protocol; end-to-end latencies; security-aware FlexRay scheduling engine; Authentication; Automotive engineering; Field programmable gate arrays; Protocols; Runtime; Safety (ID#:14-2198)
  • Oliveira Vasconcelos, R.; Nery e Silva, L.D.; Endler, M., "Towards efficient group management and communication for large-scale mobile applications," Pervasive Computing and Communications Workshops (PERCOM Workshops), 2014 IEEE International Conference on , vol., no., pp.551,556, 24-28 March 2014. doi: 10.1109/PerComW.2014.6815266 Applications such as fleet management and logistics, emergency response, public security and surveillance or mobile workforce management use geo-positioning and mobile networks as means of enabling real-time monitoring, communication and collaboration among a possibly large set of mobile nodes. The majority of those systems require real-time tracking of mobile nodes (e.g. vehicles, people or mobile robots), reliable communication to/from the nodes, as well as group communication among the mobile nodes. In this paper we describe a distributed middleware with focus on management of context-defined groups of mobile nodes, and group communication with large sets of nodes. We also present a prototype Fleet Tracking and Management system based on our middleware, give an example of how context-specific group communication can enhance the node's mutual awareness, and show initial performance results that indicate small overhead and latency of the group communication and management.
    Keywords: middleware; mobile computing; collaboration; context-defined group management; context-specific group communication; distributed middleware; emergency response; fleet tracking and management system; geopositioning; large-scale mobile applications; logistics; mobile networks; mobile nodes; mobile workforce management; node mutual awareness; public security; real-time monitoring; real-time tracking; reliable communication; surveillance; Logic gates; Manganese; Mobile nodes; Subscriptions; Vehicles; DDS; context-defined groups; group communication; group management; middleware; mobile systems (ID#:14-2199)
  • Gazzarata, R.; Vergari, F.; Salmon Cinotti, T.; Giacomini, M., "A Standardized SOA For Clinical Data Interchange In A Cardiac Telemonitoring Environment," Biomedical and Health Informatics, IEEE Journal of, vol. PP, no.99, pp.1,1, July 2014. doi: 10.1109/JBHI.2014.2334372 Care of chronic cardiac patients requires information interchange between patients' homes, clinical environments and the Electronic Health Record (EHR). Standards are emerging to support clinical information collection, exchange and management and to overcome information fragmentation and actors delocalization. Heterogeneity of information sources at patients' homes calls for open solutions to collect and accommodate multi-domain information, including environmental data. Based on the experience gained in a European Research Program, this paper presents an integrated and open approach for clinical data interchange in cardiac telemonitoring applications. This interchange is supported by the use of standards following the indications provided by the national authorities of the countries involved. Taking into account the requirements provided by the medical staff involved in the project the authors designed and implemented a prototypal middleware, based on a Service Oriented Architecture (SOA) approach, to give a structured and robust tool to CHF (Congestive Heart Failure) patients for their personalized telemonitoring. The middleware is represented by a Health Record Management Service (HRMS), whose interface is compliant to the HSSP (Healthcare Services Specification Project) RLUS (Retrieve, Locate and Update Service) standard (Level 0), which allows communication between the agents involved through the exchange of CDA R2 (Clinical Document Architecture Release 2) documents. Three performance tests were carried out and showed that the prototype completely fulfilled all requirements indicated by the medical staff, however certain aspects, such as authentication, security and scalability, should be deeply analyzed within a future engineering phase.
    Keywords: Educational institutions; Informatics; Medical services; Semantics; Service-oriented architecture; Standards (ID#:14-2200)
  • Potdar, M.S.; Manekar, AS.; Kadu, R.D., "Android "Health-Dr." Application for Synchronous Information Sharing," Communication Systems and Network Technologies (CSNT), 2014 Fourth International Conference on , vol., no., pp.265,269, 7-9 April 2014. doi: 10.1109/CSNT.2014.58 Android "Health-DR." is innovative idea for ambulatory appliances. In rapid developing technology, we are providing "Health-DR." application for the insurance agent, dispensary, patients, physician, annals management (security) for annals. So principally, the ample of record are maintain in to the hospitals. The application just needs to be installed in the customer site with IT environment. Main purpose of our application is to provide the healthy environment to the patient. Our cream focus is on the "Health-DR." application meet to the patient regiment. For the personal use of member, we provide authentication service strategy for "Health-DR." application. Prospective strategy includes: Professional Authentications (User Authentication) by doctor to the patient, actuary and dispensary. Remote access is available to the medical annals, doctor affability and patient affability. "Health-DR." provides expertness anytime and anywhere. The application is middleware to isolate the information from affability management, client discovery and transit of database. Annotations of records are kept in the bibliography. Mainly, this paper focuses on the conversion of E-Health application with flexible surroundings.
    Keywords: Android (operating system);electronic health records; middleware; mobile computing; Android Health-Dr ;IT environment; affability management; ambulatory appliances ;annals management; bibliography; client discovery; database transit; dispensary; doctor affability; e-health application; healthy environment; insurance agent; medical annals; middleware; patient affability; physician; professional authentications; synchronous information sharing; user authentication; Androids; Authentication; Databases; Educational institutions; Insurance; Medical services; Mobile communication; Alert mechanism; Annotations of records; Doctor Flexibility; Health-DR. Engineering ;Insurance acumen or actuary Medical annals; Patient flexibility; Professional authentications (ID#:14-2201)
  • Dong-Hoon Shin; Shibo He; Junshan Zhang, "Robust, Secure, and Cost-Effective Design for Cyber-Physical Systems," Intelligent Systems, IEEE , vol.29, no.1, pp.66,69, Jan.-Feb. 2014. doi: 10.1109/MIS.2014.9 Cyber-physical systems (CPS) can potentially benefit a wide array of applications and areas. Here, the authors look at some of the challenges surrounding CPS, and consider a feasible solution for creating a robust, secure, and cost-effective architecture.
    Keywords: middleware; power system security; smart power grids ;stability; CPS; cost-effective architecture; cost-effective design; cyberphysical systems; middleware; robustness; security vulnerability ; mart grid; Cyberphysical systems Logic gates; Middleware; Monitoring; Phasor measurement units; Quality of service; Robustness; CPS; CPSS; cyber-physical systems; cyber-physical-social systems; intelligent systems; middleware (ID#:14-2202)
  • Li, X.; Ma, H.; Zhou, F.; Gui, X., "Service Operator-aware Trust Scheme for Resource Matchmaking across Multiple Clouds," Parallel and Distributed Systems, IEEE Transactions on , vol.PP, no.99, pp.1,1, May 2014. doi: 10.1109/TPDS.2014.2321750 This paper proposes a service operator-aware trust scheme (SOTS) for resource matchmaking across multiple clouds. Through analyzing the built-in relationship between the users, the broker, and the service resources, this paper proposes a middleware framework of trust management that can effectively reduce user burden and improve system dependability. Based on multi-dimensional resource service operators, we model the problem of trust evaluation as a process of multi-attribute decision-making, and develop an adaptive trust evaluation approach based on information entropy theory. This adaptive approach can overcome the limitations of traditional trust schemes, whereby the trusted operators are weighted manually or subjectively. As a result, using SOTS, the broker can efficiently and accurately prepare the most trusted resources in advance, and thus provide more dependable resources to users. Our experiments yield interesting and meaningful observations that can facilitate the effective utilization of SOTS in a large-scale multi-cloud environment.
    Keywords: Availability; Computational modeling; Entropy; Information entropy; Registers; Security (ID#:14-2203)
  • Ravindran, K.; Mukhopadhyay, S.; Sidhanta, S.; Sabbir, A, "Managing shared contexts in distributed multi-player game systems," Communication Systems and Networks (COMSNETS), 2014 Sixth International Conference on , vol., no., pp.1,8, 6-10 Jan. 2014. doi: 10.1109/COMSNETS.2014.6734908 In this paper, we consider the impact of a weaker model of eventual consistency on distributed multi-player games. This model is suitable for networks in which hosts can leave and join at anytime, e.g., in an intermittently connected environment. Such a consistency model is provided by the Secure Infrastructure for Networked Systems (SINS) [24], a reliable middleware framework. SINS allows agents to communicate asynchronously through a distributed transactional key-value store using anonymous publish-subscribe. It uses Lamport's Paxos protocol [17] to replicate state. We consider a multi-player maze game as example to illustrate our consistency model and the impact of network losses/delays therein. The framework based on SINS presented herein provides a vehicle for studying the effect of human elements participating in collaborative simulation of a physical world as in war games.
    Keywords: computer games; message passing; middleware; protocols; security of data; Lamport Paxos protocol; SINS; anonymous publish-subscribe; distributed multiplayer game systems; distributed transactional key-value store; multiplayer maze game; network losses-delay; reliable middleware framework; secure infrastructure for networked systems; shared context mapping; war games; Delays; Irrigation; Protocols; Real-time systems; Receivers; Semantics; Silicon compounds (ID#:14-2204)
  • Apolinarski, W.; Iqbal, U.; Parreira, J.X., "The GAMBAS Middleware And SDK For Smart City Applications," Pervasive Computing and Communications Workshops (PERCOM Workshops), 2014 IEEE International Conference on , vol., no., pp.117,122, 24-28 March 2014. doi: 10.1109/PerComW.2014.6815176 The concept of smart cities envisions services that provide distraction-free support for citizens. To realize this vision, the services must adapt to the citizens' situations, behaviors and intents at runtime. This requires services to gather and process the context of their users. Mobile devices provide a promising basis for determining context in an automated manner on a large scale. However, despite the wide availability of versatile programmable mobile platforms such as Android and iOS, there are only few examples of smart city applications. One reason for this is that existing software platforms primarily focus on low-level resource management which requires application developers to repeatedly tackle many challenging tasks. Examples include efficient data acquisition, secure and privacy-preserving data distribution as well as interoperable data integration. In this paper, we describe the GAMBAS middleware which tries to simplify the development of smart city applications. To do this, GAMBAS introduces a Java-based runtime system with an associated software development kit (SDK). To clarify how the runtime system and the SDK can be used for application development, we describe two simple applications that highlight different middleware functions.
    Keywords: Java; middleware; software engineering; GAMBAS middleware; Java-based runtime system; SDK; distraction-free support; smart city applications; software development kit; Androids; Cities and towns; Data acquisition; Humanoid robots; Middleware; Runtime; Security (ID#:14-2205)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.