Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Towards a Secure Proxy-based Architecture for Collaborative AI Engineering
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.ORCID iD: 0000-0001-5458-5241
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.ORCID iD: 0000-0001-8453-447X
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.ORCID iD: 0000-0003-4814-4428
2020 (English)In: CANDAR 2020: International Symposium on Computing and Networking, IEEE, 2020, p. 373-379, article id 9355887Conference paper, Published paper (Refereed)
Abstract [en]

In this paper, we investigate how to design a security architecture of a Platform-as-a-Service (PaaS) solution, denoted as Secure Virtual Premise (SVP), for collaborative and distributed AI engineering using AI artifacts and Machine Learning (ML) pipelines. Artifacts are re-usable software objects which are a) tradeable in marketplaces, b) implemented by containers, c) offer AI functions as microservices, and, d) can form service chains, denoted as AI pipelines. Collaborative engineering is facilitated by the trading and (re-)using artifacts and, thus, accelerating the AI application design.

The security architecture of the SVP is built around the security needs of collaborative AI engineering and uses a proxy concept for microservices. The proxy shields the AI artifact and pipelines from outside adversaries as well as from misbehaving users, thus building trust among the collaborating parties. We identify the security needs of collaborative AI engineering, derive the security challenges, outline the SVP’s architecture, and describe its security capabilities and its implementation, which is currently in use with several AI developer communities. Furthermore, we evaluate the SVP’s Technology Readiness Level (TRL) with regard to collaborative AI engineering and data security.

Place, publisher, year, edition, pages
IEEE, 2020. p. 373-379, article id 9355887
Keywords [en]
Security Architecture, Trusted and Collaborative AI engineering, Proxy-based Architecture
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:bth-20769DOI: 10.1109/CANDARW51189.2020.00077Scopus ID: 2-s2.0-85102170354ISBN: 9781728199191 (print)OAI: oai:DiVA.org:bth-20769DiVA, id: diva2:1503391
Conference
th International Symposium on Computing and Networking Workshops, CANDARW 2020; Virtual, Naha, Japan, 24 November 2020 through 27 November 2020
Part of project
Bonseyes – Platform for Open Development of Systems of Artificial Intelligence
Note

open access

Available from: 2020-11-24 Created: 2020-11-24 Last updated: 2023-06-08Bibliographically approved
In thesis
1. Towards Decentralized Orchestration of Next-generation Cloud Infrastructures
Open this publication in new window or tab >>Towards Decentralized Orchestration of Next-generation Cloud Infrastructures
2021 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Cloud Computing helps to efficiently utilize the abundance of computing resources in large data centers. It enables interested parties to deploy their services in data centers while the hardware infrastructure is maintained by the cloud provider. Cloud computing is interesting in particular as it enables automation of service deployment and management processes. However, the more complex the service structure becomes, the more complex deployment and management automation of all its parts can become. To this end, the concept of service orchestration is introduced to streamline service deployment and management processes. Orchestration enables the definition and execution of complex automation workflows targeted to provision computing infrastructure, deploy needed service features, and provide management support. In particular, the orchestration process enables the deployment and enforcement of security and compliance mechanisms in the context of systems where sensitive data is being processed. 

This thesis investigates the orchestration process as a uniform approach to deploy and manage network services and required security and compliance mechanisms. To this end, we investigate different use-cases where the orchestration process is applied to address specific requirements towards security and compliance. This thesis includes two parts. In the first part, we focus on centralized orchestration mechanisms, where all activities are performed from one trusted server. We explore the use-cases of a security testbed and collaborative AI engineering and investigate the advantages and limitations of orchestration mechanisms application in their context. In the second part, we shift towards the investigation of decentralized orchestration mechanisms. We employ blockchain technology as the main decentralization mechanism, exploring the advantages and limitations of its application in the context of digital marketplaces. We demonstrate that the shift towards blockchain-enabled orchestration enables the deployment and management of decentralized security mechanisms, ensuring compliant behavior of digital marketplace actors. 

Place, publisher, year, edition, pages
Karlskrona: Blekinge Tekniska Högskola, 2021. p. 182
Series
Blekinge Institute of Technology Licentiate Dissertation Series, ISSN 1650-2140 ; 5
Keywords
Orchestration mechanisms, Cloud computing
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:bth-21345 (URN)978-91-7295-422-9 (ISBN)
Presentation
2021-06-15, Zoom, Karlskrona, 13:00 (English)
Supervisors
Available from: 2021-04-26 Created: 2021-04-22 Last updated: 2021-07-01Bibliographically approved
2. Efficient Design of Decentralized Privacy and Trust in Distributed Digital Marketplaces
Open this publication in new window or tab >>Efficient Design of Decentralized Privacy and Trust in Distributed Digital Marketplaces
2023 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The aim of this thesis is to advance the knowledge on the efficient design and evaluation of distributed marketplaces with an emphasis on trust and privacy. Distributed systems are an integral part of today's computing infrastructures, enabling multiple nodes to work towards a common goal. Although distributed, most of today's computational systems are still built with a centralized architecture, which assumes complete governance by a single organization. In the case of centralized marketplaces, the correct trade execution guarantees, \ie digital trust, and data privacy are provided centrally, containing all processes and operations within a single organization's boundaries. This puts the marketplace operator in a prime position to govern trade settlement conditions. However, trust issues are raised if more than one organization has to govern the marketplace. In such a case, trust and privacy are decentralized, and control is distributed among all organizations which are part of the marketplace system. Thus, a decentralized marketplace requires a robust and secure consensus mechanism, which enables digital trust while allowing organizations to process and store private data for further usage in trade settlements. 

This thesis investigates both centralized and decentralized marketplace architectures applied to use cases of AI artifacts and renewable energy trading. It begins with a study of a marketplace for Artificial Intelligence (AI) artifacts where multiple organizations collaborate on AI pipeline execution. The study defines a Secure Virtual Premise, which enables AI pipeline execution in a centralized marketplace governed by a trusted third party. The thesis continues with a survey of the telecommunication services marketplaces, where both centralized and decentralized architectures are discussed. In addition, the survey provides an in-depth investigation of blockchain technology as a main trust-enabling platform, providing distributed storage and data assurance to all processes in a decentralized marketplace. Having mapped the state-of-the-art, the research shifts towards an in-depth investigation of blockchain-based decentralized renewable energy marketplaces. The main aim of such a marketplace is to incentivize the widespread adoption of renewable energy sources, resulting in the decarbonization of electricity distribution systems. The designed marketplace enables automation and trusted execution of peer-to-peer (P2P) energy trade settlements in decentralized systems while preserving users' data privacy. Furthermore, the marketplace is aligned with the data and P2P energy trade regulations. The studies provide an in-depth requirements definition, system architecture, implementation, and performance evaluation of marketplaces based on two major blockchain platforms. The final study of this thesis provides the improvements towards the renewable energy marketplace model aiming at an enhancement of trust, privacy, and scalability.

Place, publisher, year, edition, pages
Karlskrona: Blekinge Tekniska Högskola, 2023
Series
Blekinge Institute of Technology Doctoral Dissertation Series, ISSN 1653-2090 ; 2023:13
National Category
Computer Sciences Energy Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:bth-24770 (URN)978-91-7295-465-6 (ISBN)
Public defence
(English)
Supervisors
Available from: 2023-06-16 Created: 2023-06-08 Last updated: 2023-09-07Bibliographically approved

Open Access in DiVA

fulltext(1355 kB)361 downloads
File information
File name FULLTEXT01.pdfFile size 1355 kBChecksum SHA-512
a92f0491c32f9c8bc78e0391ca61a71b4e6055c41bbdaa038b58839f42c2f503bffb62978783d5e7a1ec7c2755c1801adb64d44615ad9af1ab43eaa659f73582
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Tkachuk, Roman-ValentynIlie, DragosTutschku, Kurt

Search in DiVA

By author/editor
Tkachuk, Roman-ValentynIlie, DragosTutschku, Kurt
By organisation
Department of Computer Science
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 361 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 473 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf