Search results

This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain.

An SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed.

Blockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software.

A blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history.

Many SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.

The purpose of this paper is to apply security policies over the mobile ad hoc networks. A mobile ad hoc network refers to infrastructure-less, persistently self-designing systems; likewise, there is a noteworthy innovation that supplies virtual equipment and programming assets according to the requirement of mobile ad hoc network.

It faces different execution and effectiveness-based difficulties. The major challenge is the compromise of performance because of unavailable resources with respect to the MANET. In order to increase the MANET environment’s performance, various techniques are employed for routing and security purpose. An efficient security module requires a quality-of-service (QoS)-based security policy. It performs the task of routing and of the mobile nodes, and it also reduces the routing cost by finding the most trusted node.

The experimental results specify that QoS-based security policy effectively minimizes the cost, response time as well as the mobile makespan (routing cost and response time) of an application with respect to other existing approaches.

In this paper, the authors proposed an enhancement of Cross Centric Intrusion Detection System named as PIHNSPRA Routing Algorithm (PIHNSPRA).

It maps the security with the secure IDS communication and distributes the packets among different destinations, based on priority. This calculation is proposed for the purpose of routing and security by considering greatest throughput with least routing cost and reaction time.

When the concept is applied to practical applications. Quality of Service introduced in the proposed research reduces the cost of routing and improves the throughput.

The proposed calculation is tested by NS2 simulator and the outcomes showed that the execution of the calculation is superior to other conventional algorithms.

Blockchain technology was developed to synchronize the data and transactions over the supply chain network and connected nodes. This paper aims to show how blockchain technology can enhance flexibility and agility in supply chain operations. The integration of blockchain and other recently developed technology can help deal with supply chain uncertainties and other challenges being faced by the industry.

Through an extensive literature review of existing research papers and conversation with supply chain managers, barriers and challenges in the supply chain were identified. Some elements were researched of blockchain technology that can be used to resolve some challenges. Blockchain technology and other technologies integration is developed for implementation in supply chain for better visibility and efficiency of supply chain.

The challenges in the supply chain are categorized, and the solution is given through the integration of blockchain and other technologies like Internet of Things and artificial intelligence. The integration shows the execution of tasks through blockchain and various technologies in supply chain.

Blockchain in supply chain is finding its strong place in India when compared to developing nations. There is a need for technology experts, supply chain managers and consumers to understand blockchain’s importance. Challenges faced by industries to use blockchain may be analyzed further with real-life industry case studies.

This research helps enterprises in successful execution of smart technologies in their supply chains. This research helps enterprises in successful execution of smart technologies in their supply chains. Managers and practitioners may use the models developed in real-time implementation. The technologies are described in detail to help the practitioners select the best suitable for their organization.

Digital supply chains are finding the way in industries due to lean and efficient nature. It is beneficial to use the smart technologies to make supply chain green and sustainable.

The implementation of the digital supply chain and its challenges are discussed in the research paper. This will work as a platform for research in the area of technologies for supply chain.

The purpose of this research is to study and analyze the literature that integrates Lean Six Sigma (LSS) approach with blockchain technology in different sectors for improved quality management.

This study presents a scoping review on the application of integrated LSS and blockchain technology in the manufacturing and healthcare sector. Further, the authors examined existing blockchain-based solutions on a variety of dimensions, including application area, technical approach, methodology, application scenario, various blockchain platforms, purpose, and monitoring parameters. The authors study LSS approaches in detail, as well as the key benefits that blockchain technology can enable. Finally, the authors discuss significant research problems to be addressed in order to develop a highly efficient, resilient, and secure quality management framework using blockchain technology.

It has been observed that the adoption of blockchain technology for quality management and assurance is influenced by several factors such as transaction execution speed, throughput, latency. Also, prior blockchain-based solutions have neglected to leverage the benefits of LSS methodologies for effective quality management.

This is the first study to explores the influence of blockchain technology on quality management and assurance in manufacturing and healthcare industry. Furthermore, prior research has not examined how integrating the LSS methodology with blockchain technology can aid in the control of product quality management.

The Internet is an open and global programming environment where applications and services mostly follow the traditional client/server model. The use of new programming paradigms based on mobile entities, such as mobile agents (MA), can accelerate the process of diffusion of new applications and services in the areas of e‐commerce, network and systems management, and mobile computing. However, the lack of security is one of the main obstacles to a wide diffusion of MA. On the one hand, mobility increases the potential of security breaches because of the injection of possibly malicious MAs; on the other hand, it introduces the new issue of protecting MAs against integrity and secrecy attacks from their execution environments. This paper discusses the security issues introduced by the MA technology and proposes a security architecture composed of a wide set of services and components, which adequately fulfil the requirements of several application areas. The implementation of the security framework in the secure and open MA system has provided the support for the development of a secure electronic marketplace prototype that demonstrates the effectiveness of adopting the MA technology in the Internet environment.

The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is data privacy; hence, the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously.

An approach that avoids having to trust a single entity is proposed. This approach is based on two concepts: the technical abstraction of sealed computation, i.e. a technical mechanism to confine a privacy-aware processing of data within a tamper-proof hardware container, and the role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected.

Discussion and analysis of the abstract, technical and procedural requirements of these concepts and how they can be applied in practice are explained.

A preliminary version of this paper was published in the proceedings of the second International Workshop on SECurity and Privacy Requirements Engineering (SECPRE, 2018).

Organizational technologies can be classified according to the roles they play as either commodity or strategic. Commodity technologies support common operations, while strategic technologies address perceived threats to competitiveness, often identified by strategic foresight. These must go through an adoption process before playing an effective role in strategy execution. The adoption process includes known activities, ranging from sourcing (itself from in-house development to turn-key acquisition) to operational integration. This paper aims to reveal strategic technology adoption risks that arise during strategy execution.

A gradually developed causal loop diagram model, supported by general literature, introduces three general classes of technology adoption risks: mismatched requirements, supplier dependence and unmanaged life cycles.

Rather than managed, these risks are incurred or avoided depending on decisions made during the adoption process.

Despite the scarce literature coverage for the approach, examples revealing the presence of adoption risks are nevertheless available in the well-documented history of enterprise resource planning (ERP).

Although ERP is presented as a general-purpose strategic technology, the unique business features of maritime container terminals pose serious challenges to its adoption, which provides additional support to the discussion and reinforces the conclusions.

The approach to identifying risks in strategic technology adoption departs from the current risk paradigm in two significant ways. First, it emphasizes policy decision-making rather than external events. Second, it views risks as systemic rather than occurring independently.

The purpose of this paper is to identify the gap that currently exists between enterprise and consumer‐focused mashup tools in terms of personalized, trusted collaboration. The authors describe how Sqwelch, a semantically enabled mashup maker, addresses this gap during the design of mashups and in their execution.

Sqwelch enables the composition of mashups based on the concept of trust explicitly specified by users through a visual interface. Taxonomies are used to enable lightweight mediation of payloads delivered through a publish/subscribe mechanism.

The authors demonstrate the use of Sqwelch as a proof of concept in the remote delivery of healthcare, and how Sqwelch has been used to address areas of trust and collaboration in the delivery of telehealth services.

Integrating trust and collaboration across the boundaries of enterprises is required where sensitive data are transferred across those boundaries in the expectation of the delivery of a service. Across these boundaries, the authors find variations in users' skills, their expectations, and their responsibilities. The prototype described here enables users to discover, compose, share and collaborate in the day‐to‐day use of systems that match personalized requirements.

The rapid technological growth, changes in consumer demands, products’ built-in obsolescence, presence of more non-repairable parts, shorter lifespan, etc., lead to the generation of e-waste at an unprecedented rate. Although a number of research proposals and business products to manage e-waste exist in the literature, they lack in many aspects such as incomplete coverage of product’s life cycle, access control, payment channels (in few cases), incentive mechanisms, scalability issues, and missing experimental validation. The purpose of this paper is to introduce a novel blockchain-based e-waste management system aiming to mitigate the above-mentioned downsides and limitations of the existing proposals.

This paper proposes a robust and reliable e-waste management system by leveraging the power of blockchain technology, which captures the complete life cycle of e-products commencing from their manufacturing as new products to their disposal as e-waste and their recycling back into raw materials.

While the use of blockchain technology increases accountability, transparency and trust in the system, the proposal overcomes various challenges and limitations of the existing systems by providing seamless interactions among various agencies.

This paper presents a prototype implementation of the system as a proof-of-concept using solidity on the Ethereum platform and this paper performs experimental evaluations to demonstrate its feasibility and effective performance in terms of execution gas cost and transaction throughput.