Showing papers by "Evangelos Pallis published in 2019"

Vulnerability assessment as a service for fog-centric ICT ecosystems: A healthcare use case

Abstract: Modern ICT ecosystems such as healthcare environments (hospitals, care-centers etc.), operate in different abstraction layers (cloud, fog, extreme-edge) and comprise large numbers of network entities such as terminals, devices, sensors or even specialized appliances (virtual or physical). It is common in such environments, that several network entities with intermittent connectivity, join and leave the network in an unstructured and unsupervised manner (Wi-Fi access-points, BYOD policies, IoT, etc.). Such devices of frivolous nature, or even trusted devices/terminals, are prone to security vulnerabilities, since they are operated by regular, non-expert users who are not aware of any security aspects whatsoever. To effectively manage and proactively protect such large, complex and multilayered networks, dedicated personnel (system administrators, security specialists etc.) must be employed and specialized appliances must be deployed. On the other hand, modern cyber-warfare has become even more elaborate and insightful. Thus, ICT infrastructures must continuously evolve and adapt to the everchanging cyber-threats, which is a rather cumbersome and expensive task to accomplish. Towards addressing the above-mentioned issues, this paper proposes a cross-layered system, which leverages the Software Defined Networking (SDN) paradigm and the distributed Fog architecture, for network slicing and task offloading to provide dynamic, security-aware Vulnerability-Assessment as a service for large ICT infrastructures. The presented system provides seamless assessment for all existing and newly introduced network entities against all known security vulnerabilities, certifies them through a Common Vulnerability Scoring System (CVSS), classifies them according to the cyber-threat they introduce, and finally assigns them to a connectivity-appropriate VLAN. The presented system was preliminarily evaluated under a controlled-conditions simulation environment.

Acceleration at the Edge for Supporting SMEs Security: The FORTIKA Paradigm

Abstract: This article presents FORTIKA, an ongoing EU-funded project which is a resilient cyber-security solution that can easily be tailored and adjusted to the versatile and ever changing needs of small and medium-sized enterprises (SMEs). To fulfill its vision, FORTIKA adopts a security-by-design hybrid approach that adequately integrates hardware and software with business needs and behavioral patterns at the individual and organizational levels to introduce an FPGA-powered middleware security layer as an add-on to existing network gateways, orientating small business users to trusted cyber-security services (through FORTIKA's marketplace) packaged in tailored solutions for each enterprise, and further extended to accommodate security intelligence and encourage security-friendly behavioral and organizational changes. Finally, the introduction of a software-defined smart ecosystem in the FORTIKA marketplace provides the feature of a lightweight solution, which offers virtualized security services (with minimum downloading requirements). Users (i.e., SMEs) may utilize a variety of services and share profiling information with the service providers in return for tailored security services aligned with their actual needs. FORTIKA marketplace also functions as a single point of access for the profiling information for each SME. Preliminary evaluation results indicate that users can upload bundles to the marketplace repository in approximately 4 to 5 minutes, download bundles from the FORTIKA marketplace to the gateway in approximately 20 seconds, and deploy them in an average of 4.5 ms.

Security Assessment as a Service Cross-Layered System for the Adoption of Digital, Personalised and Trusted Healthcare

Abstract: The healthcare sector is exploring the incorporation of digital solutions in order to improve access, reduce costs, increase quality and enhance their capacity in reaching a higher number of citizens. However, this opens healthcare organisations’ systems to external elements used within or beyond their premises, new risks and vulnerabilities in what regards cyber threats and incidents. We propose the creation of a Security Assessment as a Service (SAaaS) crosslayered system that is able to identify vulnerabilities and proactively assess and mitigate threats in an IT healthcare ecosystem exposed to external devices and interfaces, considering that most users are not experts (even technologically illiterate") in cyber security and, thus, unaware of security tactics or policies whatsoever. The SAaaS can be integrated in an IT healthcare environment allowing the monitoring of existing and new devices, the limitation of connectivity and privileges to new devices, assess a device’s cybersecurity risk and - based on the device’s behaviour – the assignment and revoking of privileges. The SAaaS brings a controlled cyber aware environment that assures security, confidentiality and trust, even in the presence of non-trusted devices and environments.

Elasticity Debt Analytics Exploitation for Green Mobile Cloud Computing: An Equilibrium Model

Abstract: Mobile cloud computing is the model to ubiquitously access a shared pool of cloud computing resources, data, and services on-demand. This paper introduces the elasticity debt analytics paradigm as a solution concept for the resource provisioning problem in mobile cloud computing environments, guaranteeing the quality of service requirements. A novel green-centric, game theoretic approach to minimizing the elasticity debt on mobile cloud-based service level is proposed, investigating the mobile cloud offloading case. The decision to offload a mobile device user’s task on cloud affects the level of elasticity debt minimization for the provided services. The modeling for the computation of the processing time, energy, and overhead in mobile opportunistic offloading is presented. A utility-driven elasticity debt and profit quantification approach is also examined for maximization of resource utilization, exploiting the hidden Markov model. The problem is formulated as an elasticity debt quantification game, elaborating on an incentive mechanism to predict elasticity debt, mitigate the risk of service over-utilization, achieve scalability, and optimize cloud resource provisioning. The experimental results prove the effectiveness of the equilibrium model, which allocates the mobile device user requests to high elasticity debt-level services and facilitates the elasticity debt minimization for green mobile cloud computing environments.

A View on Edge caching Applications.

Abstract: Devices with the ability to connect to the internet are growing in numbers day by day thus creating the need for a new way of manag-ing the way the produced traffic travels through data networks. Smart Cities, Vehicular Content Networks, Healthcare and Virtual Reality Videos are a few examples that require high volume data while maintaining low latency. Edge caching practices are a prom-ising solution in such cases in order meet the requirements of low latency in high volume traffic. This paper is a survey on four indic-ative areas, Smart Cities, Vehicular Content Networks, Healthcare and Virtual Reality Videos that make use of edge caching.