Change search
Refine search result
1 - 9 of 9
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Bicaku, Ani
    et al.
    Austrian Institute of Technology, Vienna.
    Balaban, Silvia
    Karlsruhe Institute of Technology, Center for Applied Legal Studies.
    Trauber, Markus G.
    Austrian Institute of Technology, Vienna.
    Hudic, Alaksandar
    University of Applied Science Burgenland, Eisenstad.
    Mauthe, Andreas
    Lancaster University.
    Hutchison, David
    Lancaster University.
    Harmonized Monitoring for High Assurance Clouds2016In: 2016 IEEE International Conference on Cloud Engineering Workshop (IC2EW), Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE), 2016Conference paper (Refereed)
    Abstract [en]

    Due to a lack of transparency in cloud based services well-defined security levels cannot be assured within current cloud infrastructures. Hence sectors with stringent security requirements hesitate to migrate their services to the cloud. This applies especially when considering services where high security requirements are combined with legal constraints. To tackle this challenge this paper presents an extension to our existing work on assurance methodologies in cloud based environments by investigating how current state of the art monitoring solutions can be used to support assurance throughout the entire infrastructure. A case study is used in which monitoring information representing a set of relevant security properties is being collected. As result, we propose that a combination of existing tools should be used to harmonize existing monitoring artifacts. We describe and evaluate an Evidence Gathering Mechanism (EGM) that provides this harmonization and show how this can support assurance.This can also underpin legal proceedings from an evidence law perspective.

  • 2.
    Bicaku, Ani
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. University of Applied Sciences Burgenland, Eisenstadt.
    Maksuti, Silia
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. University of Applied Sciences Burgenland.
    Hegedűs, Csaba
    AITIA International Inc., Budapest.
    Tauber, Markus G.
    University of Applied Sciences Burgenland, Eisenstad.
    Delsing, Jerker
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab.
    Eliasson, Jens
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab.
    Interacting with the arrowhead local cloud: On-boarding procedure2018Conference paper (Refereed)
    Abstract [en]

    Industrial automation systems are advancing rapidly and a wide range of standards, communication protocols and platforms supporting the integration of devices are introduced. It is therefore necessary to design and build appropriate tools and frameworks that allow the integration of devices with multiple systems and services. In this work we present the Arrow-head Framework, used to enable collaborative IoT automation and introduce two support core systems, SystemRegistry and DeviceRegistry, which are needed to create a chain of trust from a hardware device to a software system and its associated services. Furthermore, we propose an on-boarding procedure of a new device interacting with the Arrowhead local cloud. This ensures that only valid and authorized devices can host software systems within an Arrowhead local cloud.

  • 3.
    Bicaku, Ani
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. University of Applied Sciences Burgenland.
    Maksuti, Silia
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. University of Applied Sciences Burgenland.
    Palkovits-Rauter, Silke
    University of Applied Sciences Burgenland.
    Tauber, Markus
    University of Applied Sciences Burgenland.
    Matischek, Rainer
    Infineon Technologies Austria.
    Schmittner, Christoph
    Austrian Institute of Technology.
    Mantas, Georgios
    Instituto de Telecomunicacoes.
    Thron, Mario
    Insitut for Automation und Kommunikation.
    Delsing, Jerker
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab.
    Towards Trustworthy End-to-End Communication in Industry 4.02017In: Proceedings: 2017 IEEE 15th International Conference on Industrial Informatics, INDIN 2017, Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE), 2017, p. 889-896, article id 8104889Conference paper (Refereed)
    Abstract [en]

    Industry 4.0 considers integration of IT and control systems with physical objects, software, sensors and connectivity in order to optimize manufacturing processes. It provides advanced functionalities in control and communication for an infrastructure that handles multiple tasks in various locations automatically. Automatic actions require information from trustworthy sources. Thus, this work is focused on how to ensure trustworthy communication from the edge devices to the backend infrastructure. We derive a meta-model based on RAMI 4.0, which is used to describe an end-to-end communication use case for an Industry 4.0 application scenario and to identify dependabilities in case of security challenges. Furthermore, we evaluate secure messaging protocols and the integration of Trusted Platform Module (TPM) as a root of trust for dataexchange. We define a set of representative measurable indicator points based on existing standards and use them for automated dependability detection within the whole system.

  • 4.
    Bicaku, Ani
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. University of Applied Sciences Burgenland, Eisenstadt.
    Schmittner, Christoph
    Austrian Institute of Technology, Vienna.
    Tauber, Markus G.
    University of Applied Sciences Burgenland, Eisenstad.
    Delsing, Jerker
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab.
    Monitoring Industry 4.0 applications for security and safety standard compliance2018Conference paper (Refereed)
    Abstract [en]

    In Industry 4.0 independent entities shall inter-operate to allow flexible and customized production. To assure the parties that individual components are secured to inter-operate, we investigate automated standard compliance. The standard compliance is defined based on given sets of security and safety requirements from which are derived measurable indicator points. Those reflect configurations of systems recommended by security, safety or legally relevant standards and guidelines, which help to demonstrate the state of compliance. We propose in this paper an initial approach to automate such assessment when components are inter-operating with each other by using a monitoring and standard compliance verification framework. This will assure the parties that services or devices within their organizations operate in a secure and standard compliant way, without compromising the underlying infrastructure.

  • 5.
    Butterfield, Reginald
    et al.
    University of Applied Sciences Burgenland.
    Maksuti, Silia
    University of Applied Sciences Burgenland.
    Tauber, Markus
    University of Applied Sciences Burgenland.
    Wagner, Christian
    Austrian Institute of Technology.
    Bicaku, Ani
    University of Applied Sciences Burgenland.
    Towards Modelling a Cloud Application's Life Cycle2016Conference paper (Refereed)
    Abstract [en]

    The success of any cloud-based application depends on appropriate decisions being taken at each phase of the life cycle of that application coupled with the stage of the organisation’s business strategy at any given time. Throughout the life cycle of a cloud-based project, various stakeholders are involved. This requires a consistent definition of organizational, legal and governance issues regardless of the role of the stakeholder. We proffer that currently the models and frameworks that offer to support these stakeholders are predominantly IT focused and as such lack a sufficient focus on the business and its operating environment for the decision-makers to make strategic cloud related decisions that benefit their individual business model. We propose an emerging framework that provides a stronger platform on which to base cloud business decisions. We also illustrate the importance of this approach through extrapolating the subject of security from the initial Business Case definition phase, through the Decision Making phase and into the Application Development phase to strengthen the case for a comprehensive Business-based framework for cloud-based application decision-making. We envisage that this emerging framework will then be further developed around all phases of the Application Life Cycle as a means of ensuring consistency.

  • 6.
    Esfahani, Alireza
    et al.
    Instituto de Telecomunicações-Pólo de Aveiro, Aveiro, Portugal.
    Mantas, Georgios
    Instituto de Telecomunicações-Pólo de Aveiro, Aveiro, Portugal.
    Matischek, Rainer
    Infineon Technologies Austria AG Graz, Austria.
    Saghezchi, Firooz B.
    University of Aveiro, Aveiro, Portugal.
    Rodriguez, Jonathan
    University of Aveiro, Aveiro, Portugal.
    Bicaku, Ani
    University of Applied Sciences, Burgenland, Eisenstadt, Austria.
    Maksuti, Silia
    University of Applied Sciences, Burgenland, Eisenstadt, Austria.
    Tauber, Markus
    University of Applied Sciences, Burgenland, Eisenstadt, Austria.
    Schmittner, Christoph
    Austrian Institute of Technology, Wien, Austria.
    Joaquim, Bastos
    Instituto de Telecomunicações-Pólo de Aveiro, Aveiro, Portugal.
    A Lightweight Authentication Mechanism for M2M Communications in Industrial IoT Environment2019In: IEEE Internet of Things Journal, ISSN 2327-4662, Vol. 6, no 1, p. 288-296Article in journal (Refereed)
    Abstract [en]

    In the emerging Industrial IoT era, Machine-to-Machine (M2M) communication technology is considered as a key underlying technology for building Industrial IoT environments where devices (e.g., sensors, actuators, gateways) are enabled to exchange information with each other in an autonomous way without human intervention. However, most of the existing M2M protocols that can be also used in the Industrial IoT domain provide security mechanisms based on asymmetric cryptography resulting in high computational cost. As a consequence, the resource-constrained IoT devices are not able to support them appropriately and thus, many security issues arise for the Industrial IoT environment. Therefore, lightweight security mechanisms are required for M2M communications in Industrial IoT in order to reach its full potential. As a step towards this direction, in this paper, we propose a lightweight authentication mechanism, based only on hash and XOR operations, for M2M communications in Industrial IoT environment. The proposed mechanism is characterized by low computational cost, communication and storage overhead, while achieving mutual authentication, session key agreement, device’s identity confidentiality, and resistance against the following attacks: replay attack, man-in-the-middle attack, impersonation attack, and modification attack.

  • 7.
    Maksuti, Silia
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. University of Applied Sciences Burgenland.
    Bicaku, Ani
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. University of Applied Sciences Burgenland.
    Tauber, Markus
    University of Applied Sciences Burgenland.
    Palkovits-Rauter, Silke
    University of Applied Sciences Burgenland.
    Haas, Sarah
    Infineon Technologies Austria.
    Delsing, Jerker
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab.
    Towards Flexible and Secure End-to-End Communication in Industry 4.02017In: Proceedings: 2017 IEEE 15th International Conference on Industrial Informatics, INDIN 2017, Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE), 2017, p. 883-888, article id 8104888Conference paper (Refereed)
    Abstract [en]

    The digital transformation of industrial production is driven by the advance of Cyber-Physical Production Systems (CPPS) within which raw materials, machines and operations are interconnected to form a sophisticated network. Making such systems self-adaptable is a priority concern for the future implementation of Industry 4.0 application scenarios. In this position paper, we design a meta-model and use it as a tool to describe an end-to-end communication use case from an ongoing research project. Based on this use case we develop a business process performance and security trade-off model, which shows that maximazing both parameters at the same time is not possible, thus an efficient balance between them has to be achieved. Motivated by the result, we propose self adaptation as a solution towards a flexible and secure end-to-end communicationin Industry 4.0. To identify and document the self-adaptation points in a structured methodological and lightweight way we use the bespoken meta-model.

  • 8.
    Novak, Marko
    et al.
    Austrian Institute of Technology.
    Shirazi, Syed Noorulhassan
    Lancaster University.
    Hudic, Aleksandar
    Austrian Institute of Technology.
    Hecht, Thomas
    Austrian Institute of Technology.
    Tauber, Markus
    University of Applied Sciences Burgenland; Austrian Insitute of Technology.
    Hutchison, David
    Lancaster University.
    Maksuti, Silia
    University of Applied Sciences Burgenland.
    Bicaku, Ani
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. University of Applied Sciences Burgenland.
    Towards Resilience Metrics for Future Cloud Applications2016In: CLOSER 2016: proceedings of the 6th International Conference on Cloud Computing and Services Science, April 23-25, 2016, Rome, Italy, SCITEPRESS , 2016, p. 295-301Conference paper (Refereed)
    Abstract [en]

    An analysis of new technologies can yield insight into the way these technologies will be used. Inevitably,new technologies and their uses are likely to result in new security issues regarding threats, vulnerabilities andattack vectors. In this paper, we investigate and analyse technological and security trends and their potentialto become future threats by systematically examining industry reports on existing technologies. Using a cloudcomputing use case we identify potential resilience metrics that can shed light on the security properties of thesystem.

  • 9.
    Schluga, Oliver
    et al.
    University of Applied Sciences Burgenland, Eisenstadt.
    Bauer, Elsiabeth
    University of Applied Sciences Burgenland, Eisenstadt.
    Bicaku, Ani
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. University of Applied Sciences Burgenland, Eisenstadt.
    Maksuti, Silia
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. University of Applied Sciences Burgenland, Eisenstadt.
    Tauber, Markus G.
    University of Applied Sciences Burgenland, Eisenstadt.
    Wöhler, Alexander
    University of Applied Sciences Burgenland, Eisenstadt.
    Operations security evaluation of IaaS-cloud backend for industry 4.02018In: CLOSER 2018: Proceedings of the 8th International Conference on Cloud Computing and Services Science / [ed] Ferguson D.,Helfert M.,Pahl C.,Munoz V.M., 2018, p. 392-399Conference paper (Refereed)
    Abstract [en]

    The fast growing number of cloud based Infrastructure-as-a-Service instances raises the question, how the operations security depending on the underlying cloud computing infrastructure can be sustained and guaranteed. Security standards provide guidelines for information security controls applicable to the provision and use of the cloud services. The objectives of operations security are to support planning and sustaining of day-to-day processes that are critical with respect to security of information environments. In this work we provide a detailed analysis of ISO 27017 standard regarding security controls and investigate how well popular cloud platforms can cater for them. The resulting gap of support for individual security controls is furthermore compared with outcomes of recent cloud security research projects. Hence the contribution is twofold, first we identify a set of topics that still require research and development and secondly, as a practical output, we provide a comparison of popular industrial and open-source platforms focusing on private cloud environments, which are important for Industry 4.0 use cases.

1 - 9 of 9
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf