Data Sharing Middleware Prototype (DSMP) for Information...

Managed by UT-Battelle for the U.S. Department of Energy – Supporting the Department of Homeland Security

Data Sharing Middleware Prototype

(DSMP) for Information Dissemination

Among Heterogeneous SourcesQuarterly Review Meeting, Sept. 30, 2008

Hairong Qi (PI), University of Tennessee

Xiaorui Wang (co-PI), Seddik Djouadi (co-PI), UT

Oak Ridge National Laboratory*

Oracle Corporation*

Microsoft Research

Rutherford Appleton Laboratory, UK*

* Oracle, Microsoft Research, and ORNL verbal commitments for in-kind support (consulting and research software)


Contact Information

• Academia– Hairong Qi, 865-974-8527, [email protected], 1508 Middle Dr., 319 Ferris Hall, EECS Department,

University of Tennessee, Knoxville, TN 37996

– Xiaorui Wang, 865-974-0627, [email protected], 421 Ferris Hall, UT

– Seddik Djouadi, 865-974-5447, [email protected], 307 Ferris Hall, UT

– Raghul Gunasekaran, 865-385-5857, [email protected], 536 SERF, UT

– Ming Chen, Ying Sun, Samir Sahyoun, Ben Taylor, UT Graduate Students

• Research Laboratories– Frank DeNap, 865-576-8786, [email protected], Oak Ridge National Laboratory, PO Box

2008, MS6085, Oak Ridge, TN 37831

– Mallikarjun Shankar, 865-574-2704, [email protected], Oak Ridge National Laboratory, POBox 2008, MS6085, Oak Ridge, TN 37831

– Steve Fisher, RAL, [email protected], Rutherford Appleton Laboratory (RAL), UK

• Industry, Private sectors– Dieter Gawlick, Ronny Fehling, Aravind Yalamanchi, 650-560-8706, {dieter.gawlick,

ronny.fehling, aravind.yalamanchi}@oracle.com, Oracle Corporation

– Vijay Dialani, Microsoft Research Center


Collaborative Team

• Academia– University of Tennessee

– Vanderbilt University

• Research Laboratory– ORNL (Oak Ridge National Laboratory, US)

– RAL (Rutherford Appleton Laboratory, UK)

• Industry– Microsoft Research

– Oracle


Project Description

• The objective of this project is to develop a data sharingmiddleware that is able to handle multiple distributed datasources and dynamically changing items, and to assist inreal-time information dissemination across multipleagencies for homeland security purposes.

• The ultimate target scenarios are first responders andconsequence response at the urban area of Memphis(e.g., Shelby County) with stakeholders including the FireDepartment, Weather Services, the E911 OperationsCenter, Law Enforcement Agencies, etc.


Minutes from Last Quarterly Review

Meeting• INFOD concept

– John’s example: in the event of train derailment, who are the publishers/consumers/subscribers?

– John’s comment: INFOD is to minimize the impact of a disaster by providing the right information such thatwe can make use of the first responder better, compared to the mere use of police force

– How do you know if the consumer actually receives the alerting message? And how to alert the consumer?• Cell phone and Phone

• TomTom or Garmin. E.g., consumers can be notified automatically when congestions occur

• Real-time metadata matching– How many subscriptions would overload the system?

– How many within what period of time would crash the system?

– A: Depends on the system and deadlines set

– Data Triage

• Plume estimate and prediction model– What’s the requirement for the density of sensor?

– How quickly this model can predict? - Resiliency

– John’s comment: This model would provide more accurate measure of the damage, e.g., estimate of theboundary, which can help in both the rescue mission and the post-damage clean-up. In addition, it alsohelps make decisions like if people can return home. On the other hand, existing approaches lack suchexact estimate of the situation, resulting in the first responder cannot assign appropriate resource to the rightplace.

• Action items– Set up a meeting among plume analysis groups, including UT, Y12, and ORNL

– Hood up with Y12 fusion center


Comments from the September

Semi-Annual Review Meeting

• More clear on INFOD characteristics thistime

• Interesting project

• Take it to HSIN

• Good that we responded to commentsfrom last review meeting


Landscape AssessmentTraditional Model

Publisher

PublisherConsumer

Consumer

Subscriber(Subscription)INFOD RegistryPublisher

Publisher

Consumer

Subscriber/Consumer

Repository

INFOD Model

• Service-oriented system (binding AFTERevent)

• Repository – data center, processing center

• Static system. Extending the system isdifficult.

• Establishes a framework for info flow

• Matches publishers and consumers basedon information needs expressed throughsubscriptions and limited by properties

• Event-based system (binding BEFOREevent)

• Registry - NOT a data (event) repository

• Better handling of dynamics. Extensibility isgood. (Vocabulary, e.g., NIEM)

Alerting system

Consumer/Publisher

Right Info Right Person @ Right Time

Push

Pull

Push

Push


DMIS (Disaster Management Interoperability Service)

DMIS Server

Existing Alerting Systems

Right Info Right Person @ Right Time


An Information Dissemination Scenario

ABC Chemicals

Fire Station

Fire Station

Hospital

Police/E911

INFOD Registry

Service

County Office

Registers asa Publisher

Registers asa Consumer

Registers asa Consumer

Registers as a Subscriber,defines subscriptionidentifying consumers anddescribes message format.

Registers as a Subscriber anddefines subscription identifyingdynamic consumers

Service Providers

Notification Messagediffers based on theentries created andthe subscriptions Notification

Message

NotificationMessage

NotificationMessage

NotificationMessage

NotificationMessage

Registers as a Subscriber,defines subscriptionbased on clientnecessities.

Matches Entities basedon entries created

Registers asa ConsumerNotification

MessageWeather Station

Registers asa Publisher

NotificationMessage

NotificationMessage

NotificationMessage



ABC Chemicals

Fire Station

Fire Station

Hospital

Police

Alert Msg:Category: Fire, ChemicalSeverity: ExtremeChemical Types: XXX

Alert Msg:Category: FireUrgency: ImmediateAction: Stop

Alert Msg:Category: FireUrgency: ImmediateAction: Detour

Alert Msg:Category: FireUrgency: ExpectedAction: Evacuate

INFOD Registry

Service

Alert Msg:Category: Fire, ChemicalSeverity: Extreme, (Minor ,Moderate)Chemical Types: XXX

Sends Alert message

County Office

Alert Msg:Category: Fire, Chemical

Service Providers

Alert Msg:Category: Fire, ChemicalUrgency: Immediate


Alert Msg:Category: Chemical FireUrgency: ImmediateAction: Evacuate

Weather Station

Alert Msg:Category: Fire, ChemicalUrgency: ImmediateChemical Types: XXX


11

ABC Chemicals

Fire Station

Fire Station

Hospital

Police

Alert Msg:Category: Fire, ChemicalSeverity: ExtremeChemical Types: XXX

Alert Msg:Category: FireUrgency: ImmediateAction: Stop


Alert Msg:Category: Fire, ChemicalSeverity: Extreme, (Minor ,Moderate)Chemical Types: XXX

County Office

Alert Msg:Category: Fire, Chemical

Service Providers



Alert Msg:Category: Chemical FireUrgency: ImmediateAction: Evacuate

Weather Station


Alert Msg:Category: FireUrgency: ExpectedAction: Evacuate

Alerting

System

Alerting Consumers based ondynamically changing events


Alert Msg:Category: Chemical FireAction: Stay Indoors

Alert Msg:Category: FireUrgency: Immediate

Action: Detour East

INFOD Registry

Service


Subscription defines the event ofinterest at the publisher, themessage to be generated inresponse to an event and helpsidentify consumers dynamically.

Entries characterize real worldentities and define constraintsidentifying other entities of interest

Also, data source entry details onthe publishers information -associated to a data vocabulary.

Subscribers and Consumers aremodeled as independent entities.Subscriptions are created by asubscriber, conforming to a subsetof consumer.

Structured Information Model,user communities are identified byproperty and data vocabularies.

INFOD Resources

Consumer

Subscription

Data Vocabulary

Data SourceEntry

Property VocabularyInstance

Creation of resource

Notification (by INFOD registry)

Reference (EPR)

Notification (by Publishers)

INFOD Registry

Entry Resource – not an entry

ConsumerPublisher

Subscriber

Property Vocabulary

PublisherEntry

SubscriberEntry

ConsumerEntry

Vocabulary instances characterizeentities and constraints areevaluated on instances created.


Matching Entities

• In generic pub/sub models – subscription only bindspublishers to consumers of information

• In INFOD, apart from the subscription, every entity(publisher, data source, consumer and subscriber) candefine constraints that grant or limit information flow.

Publisher

Entry and Properties

Consumer


Data Source


Subscriber



Today’s Presentation Outline

• INFOD Application Integration Environment - Ben Taylor

• Real-time Metadata Matching in INFOD - Ming Chen

• Application Scenario: Chemical Plume Tracking - SamirSahyoun

• Application Scenario: Dynamic Intrusion Detection inCyber Systems - Ying Sun

• Live Demo: INFOD Web Application - RaghulGunasekaran

• Potential Extensions - Hairong Qi, Xiaorui Wang, SeddikDjouadi


Collaborative Opportunities

• ORNL’s Shelby County Sensor Information FusionCenter– Provides a comprehensive target application scenario for INFOD

• Y-12– Privacy policy and NIEM

• ORNL’s SensorNet Group– Testbed setup

• Oracle– In-kind support

• Vanderbilt University– GME (Generic Modeling Environment)

• All the research findings and software developments areaccessible through public domains, maintained at UT– http://panda.ece.utk.edu/wiki/InfoD


Shelby County Fusion CenterSNAPS+POM+NOAA+INFOD

GIS Situational Awareness(ArcView or Google Earth, Browsers, …)

HPAC with Live Weather Feeds

8 chem/5 rad/5video /1 weathersensors Access control

WFS,OLS,…

FilterAgents

HTTPS: XML-RPC,SOAP

Replicated storage,image, video server

Fusion Center Portal

and Viewer (Web

Server; Database; GIS

(Google); HPAC plume

modeling)

Plotting of Data

Display Video Feeds

Shelby County Sheriff

SNAPS II Mobile System

Port of Memphis

Sensors

5 chem/ 1 weather sensors

NOAA Live

Regional Weather

Consumer

Publisher

Publisher

Distributed Wide-Area

Middleware

•Prototype and Analysis

•Distributed querying and top-

down programming

•Policy-based data-sharing

•Asynchronous messaging

UT ORNL

IndustryOracle, MS

INFO-D

1

2

3 4

Application infoEmergency updatesResponder data

Contact: ORNL UT-Battelle; HT Hunter; [email protected]; 865-574-6297


Information Flow, SCFC, ORNL

Sensors

ORNL Backup Server

1. Query

2. Data

SNAP2

2. Data

EV-DO ChannelINFOD

Registry

Video Management

Publisher/consumer

Publisher


GME - Generic Modeling Environment

ModelInterpreters

Meta-Model

DomainInterpreters

DomainExecutable

DomainAnalysis


Project Timeline

• The development of the DSMP (Task 1.2) has been divided into a 4-phase implementationplan. Because of the close collaboration with Oracle, Microsoft Research, ORNL, and RAL, weare able to finish all four phases of prototype development ahead of schedule.

• Phase 1 - simplest scenario with a known data vocabulary and a trivial subscription

• Phase 2 - 2 publishers services, 2 consumer services with the addition of property vocabularies

• Phase 3 - multiple data vocabularies, publish, consumer, and subscriber services

• Phase 4 - a standard notification interface


Budget Information

• Project budget (June 5, 2007 - May 31,2009): $400,000

• Spending as of August 31, 2008:$197,708


Commercialization Progress

• The INFOD working group is approached byOGC (Open Geospatial Consortium) to join theconsortium. This would help getting morepublicity of the product on geospatial andlocation based services

• Potential feature to Oracle product line


IP STATUS

• Open source development

– Will be available through sourceforge tostimulate broader participation


Achievements• Identified first responder as the ultimate use case scenario for DHS interest

• Finished all four phases of the prototype development (ahead of schedule)

• Finished simulation of collaborative event analysis (MS thesis)

• Proposed a new plume model with promising simulation results

• Visited Shelby County Fusion Center and discussed potential integration scenario

• Papers accepted– “Control-based real-time metadata matching for information dissemination,” 14th IEEE Int.

Conf. on Embedded and Real-Time Computing Sys and App, Taiwan, August 2008.(Acceptance rate: 26%)

– “Dynamic target classification in wireless sensor networks,” Int. Conf. on PatternRecognition (ICPR), Tampa, FL, December 8-11, 2008.

• Students graduated– Y. Sun, Dynamic Target Classification in Wireless Sensor Networks, MS Thesis, Summer

2008.

• Presentations– “INFOD Use Case Scenario & Demo,” Open Grid Forum (OGF), Feb 2008, Boston

– “An INFOD Reference Implementation,” Open Grid Forum (OGF), Oct 2007, Seattle

• Papers to be submitted– “Dynamic cyber-attack detection and classification based on the information

dissemination model”

– “Source localization of chemical plumes using stochastic approximation - plumeestimation and prediction”


Application IntegrationEnvironment

Ben Taylor

Advisor: Xiaorui Wang


Integration Environment

ORACLEPL/SQL

INFOD Registry Service

OC4JINFOD

Web Service

ORACLE10g

PL/SQLJavaproceduresXML

ClientEnvironment

INFOD

Spec.

PostgreSQL

Database

Clie

nt

Lib

rary

Stage1

Stage 2 – WebUtility

Web ManagementInterface

Tomcat

PublisherApp/ Service

Stage3

ConsumerApp/ Service

ClientApplications

ServletsServlets

app.jar : API for communication between applications and webutility.

Subscription


Integration Environment

• Stage 1 (completed by Ming previously)– Java client libraries to interact with the registry per the INFOD

specification

– Libraries provide support, examples to application developers

• Stage 2 (developed by Ben since last meeting)– Web interface to create, configure and monitor entities

– Provides INFOD registry interaction prior to applicationdeployment

• Stage 3 (currently under development)– Environment to facilitate connecting an information application

with INFOD

– Provide simple example applications to demonstrate INFODusability


INFOD Development

• Increase support for complex constraints– Currently support simple XQuery

– Provide full support for application required complexity

• Provide capability to automate the creation of webinterfaces for specifying constraints against specificvocabularies– Domain experts should not be required to know XPath

• Defining and supporting communities– Provide support for multiple community groups within

INFOD

– Define implicit restriction of matches

– Enforcement of community boundaries


Real-time Metadata Matching

Ming Chen

Advisor: Xiaorui Wang


Control-based Real-time Metadata Matching

• GoalsPrimary Goal: Average responsetime of subscription reevaluationmeets within a time constraint.

Secondary Goal: Maximize thenumber of low-priority subscriptionreevaluation upon each update.

Publishers

Consumers

…

…

Web S

erv

er

Subscriptions

Scheduler

…

INFOD

Registry

Subscribers

…

We cannot trigger all subscriptions.

Hundreds even thousands of subscriptions in the

registry;

Different subscriptions have different priorities;

High-priority should be evaluated first.

The average response time cannot be

predicted;

Valuable Information at the Right Time (VIRT).

The average response time of all triggered subscriptions should be within a time constraint.

The response time of reevaluating a

subscription may vary significantly;

• Motivations


Controller Design and Evaluation

• A feedback controller is designed andanalyzed;

• The average response time convergesto the set point in spite of workloadvariations;

• Better control accuracy and systemquality of service than two baselines;

• Theoretical analysis with extensiveexperiments on a physical test-bedverifies our conclusions.

Average response time

Updates

MonitorController

Job slaves pool

)(kr

( )n k

refR

Response

Scheduler

“Control-based real-time metadata matching for information dissemination,” 14th IEEE Int. Conf. on

Embedded and RT Comp Sys and App, Taiwan, August 2008.


Adaptive Control


Updates

MonitorController

Scheduler

Job slaves pool

)(kr

( )n k

refR

Response

SchedulerScheduler

EstimatorDesignerModel parameters

Controller parameters

Adaptive regulator

1( ) ( 1)r k n kb=

The slope

1( ) ( 1)r k n kb=

The slope


MIMO Control


Updates

MonitorController

Job slaves pool

( )x krefR

Response

SchedulerBatch

CPU utilization( )u k

( ) : p( ) and u( );

( ) : w( ) and ( );

( ) : ( ) and u( )

x k k k

u k k n k

y k r k k

How often should we trigger

subscription reevaluation to

meet the time constraint?

How many subscriptions

should we trigger each

time to meet the time

constraint?

( 1) ( ) ( )

( 1) ( ) ( )

x k Ax k Bu k

y k Cx k Du k

+ = +

+ = +


Real-time Metadata Matching

• Adaptive control algorithm to guaranteethe control performance in spite of systemvariation; (current)

• MIMO control algorithm to meet with morechallenging updates interarrival intervals;(current)

• Apply those algorithms in the real INFOD.


Application Scenario:Chemical Plume Tracking

Samir S. Sahyoun

Advisor: Seddik M. Djouadi


Contents

• Motivation

• Mathematical Modeling of Plumes

• Source Localization (Non Linear Least squares)

• Source Localization (Stochastic Approximation)

• Boundary Tracking and Prediction

• Mobile Sensor Dynamics and Control

• Plume Tacking Scenario using three sensors

• Applications


36

ABC Chemicals

Fire Station

Fire Station

Hospital

Police

County Office

ervice Providers

Weather Station

Motivation

Evacuation Route

Service Providers


Plume Model

• The concentration (c) at any point (x, y, z)in the plume at time (t) is the solution ofthe following PDE:

• c: concentration (kg/m3)

• v: wind speed (m/s)

• Dy, Dz: eddy diffusivities (m2/sec)


Example: Steady State Gaussian

Plume


Example: Steady State Gaussian

Plume


• v: wind speed (m/s)

• Q: Mass emission rate (kg/sec)

• H: Stack height (m)

• Dy, Dz: eddy diffusivities (m2/s)


Source Localization


Source Localization

Non Linear Least Squares


Cost Function to be Minimized


Error with Different Signal to Noise

Ratios (S/N)


Effect of Increasing the Number of

Sensors for a 0 dB Channel


Source Localization Using

Stochastic Approximation

Stochastic approximation techniques areiterative methods that attempt to find zerosof functions which cannot be computeddirectly, but only estimated via noisyobservations.


Source Localization


Kiefer-Wolfowitz algorithm is used.


Source Localization


• The finite difference estimate:

where


Performance of Stochastic Approximation

Technique Compared with the Least Squares

Technique

0 10 20 30 40 50 60 70 800

200

400

600

800

1000

1200

sensors

Error(m)

LS

SA


Location Prediction

• The time-varying 2D Gaussian plume equation isgiven by:


• v: wind speed (m/sec)

• Q: Mass emission rate (kg/sec)

• Dy, Dz: eddy diffusivities (m2/sec)


Location Prediction

Process Block Diagram

• LQR: Linear Quadratic Regulator


Model for Location Estimation

and Prediction

• Stochastic state space model for plumelocation estimation:

where is the state vector,

represents the plume location, represents the plume velocity, y represents concentration measurements, w, v random noises.


Model for Location Estimation and

Prediction

• Given measurements of concentration, a Leastsquares technique is used to estimate theparameters of the stochastic state space model:


Location Estimation and

Prediction

• For the least squares problem, find suchthat the prediction error:

is minimized.

• Kalman filter is used to estimate andpredict the states (i.e. location and plumevelocity).


Kalman Filter Equations


K- Step Plume Location Prediction

K=30 minutes


Prediction Error

(30 min. step prediction)


Sensor Dynamics and Tracking

• Each sensor is governed by the followingsystem of differential equations:

• Optimal Linear Quadratic Regulator (LQR) isused to control sensor position.


Optimal Linear Quadratic Regulator

(LQR)


Tracking Scenario - Three Sensors


Applications

• The ideas presented here are widely applicable to a large number ofapplications

Framework can be applied to any problem where there is a spatial diffusionprocess for which there is an interest in prediction and control and wherethere are a limited number of samples and/or actuation points available.• Such applications could include, for example,– Mapping the diffusion of airborne contaminants,– Mapping the spread of water-borne contaminants.



Application Scenario: DynamicCyber-attack Detection and

Classification (Cyber Defense)

Ying Sun

Advisor: Hairong Qi


Dynamic Target Classification

• Hypothesis– for each type of target, there exists an optimal set of features in

conjunction with a specific classifier, which can yield the bestperformance in terms of classification accuracy using leastamount of computation, measured by the number of featuresused, thus minimum response time.

• Optimal combination selection:Fitness function:

where:f1 : Time functionf2 : Accuracy functionx : combination stringy : classification algorithm

• Dynamic Target classification– base the selection of optimal combination of features and

classifiers on the “potential” appearance of a certain target

1min

2

( , )( , )

( , )

f x yF x y

f x y=


Combination Results


Experimental Results


Application Description

• Cyber system is composed of computers withdifferent security levels;

• Different intrusions are given different threatlevels.

• Set up the mapping between computers withdifferent security levels and intrusion type withdifferent threat levels;

• According to the threat level of an intrusion,attacked computer will send the message torelevant computers.


Mapping

• Notation:– Four security levels:

• Security level 1 S1 Low

• Security level 2 S2

• Security level 3 S3

• Security level 4 S4 High

– Four threat levels:• Probe T1 Low

• Denial of service (DoS) T2

• Remote-to-local (R2L) T3

• User-to-root (U2R) T4 High

S4 S3 S2 S1

T4 T3 T2 T1 T4 T3 T2 T4 T3 T4


Dynamic Intrusion Detection

• Assumption:

for each time interval, only one type of intrusion attacksthe system consecutively

• Steps:1. For the first receiving packet, use all the input features to

classify: normal or intrusion, intrusion type;

2. Once the type of intrusion is determined, use optimalcombination set to classify the rest.

3. When conflict occurs, which might indicate wrong classificationor another type of action happens, use full features to classifythe action type;

4. Return to step 2.


Cyber-defense - Workflow

Receiving packet

Type

Normal T1 T2 T3 T4

No action Send

message to

S4 computers

Send message

to S3, S4

computers

Send message

to S2, S3, S4

computers

Send message

to S1 S2, S3,

S4 computers

Dynamic Classification


System Architecture

INFOD

Registry

Publisher

(Attacked

Computer)

Consumer

Attack

(Event)

Cyber

system


Near-Term Plan

• Optimal combination generation and validation(current)

• Interface with INFOD– Consumer registration (current)– Define property vocabulary and data vocabulary of

consumer (current)– Matching and setting up connection– When consumer property changes, interaction with

INFOD, reestablish connection.

• Application model testing• Performance evaluation


DEMOINFOD Web Application

Raghul Gunasekaran


INFOD Example Scenario: Tornado Relief

Campaign

• Need– Monitor activities in the affected region for a short

time period.

– Track first responders in the region – ambulances,police, fire service, doctors, etc …

– First responder needs to be aware of the resourcesavailable and contact information

• Requirements– A functional system instantly available that would

cater to the current application

– Instant setup by domain experts


Example Scenario: Tornado Relief Campaign

INFODRegistry

Affected Region

Register vocabularies

Create Subscriptions

Entities register; create entriesand property instances

Notification messageon resource availability

Publishers and consumerscommunicate specificneeds directly

Entities updateon current status

New notificationmessages sent oncurrent resourceavailability

New Consumer

- Existing subscriptions applicable.- Notification messages sent oncurrent resource availability.

Plug and Play


Information dissemination in 4 steps

1. Register community property and data vocabularies inthe INFOD registry

2. Define subscriptions binding entities, defining eventsand which entity needs to be alerted on which otherentities presence.

3. Entities register to the INFOD registry• Create entries

• Create and update property instances

4. Notification message sent to matched entities.

Example Scenario: Tornado Relief Campaign


INFOD Web Services


INFOD Web Services


Property Vocabulary

Property Vocabulary Predicates Comments

Identification Identifier for the Unit/ Person/Organization

Name Name of the Unit/ Person/ Organization

Description Text Description

Location Physical location information

Contact Information Person to me contacted

Resource Type Description of the resource

Resource Location Resource Physical location information

Community User Property Vocabulary

Vocabulary predicates are an abstraction from NIEM (National Information Exchange Model)


Data Vocabulary

Data Vocabulary

Predicates

Comments

Activity Description between time period

Event Description at a specific time

Substance Description of a chemical material

Status Actual, Exercise, System, Test

Message Type Alert, Update, Cancel, Ack, Error

Scope Public, Restricted, Private,

Urgency Immediate, Expected, Future, Past

Response Type Shelter, Evacuate, Prepare, Execute, Monitor, Assess, None

Severity Extreme, Severe, Moderate, Minor

Certainty Very likely, Likely, Possible, Unlikely

Category Geo, Met, Safety, Security, Rescue, Fire, Health, Env, Transport,Infra, CBRNE, Other

Alert Message Data Vocabulary (NIEM and CAP - Common Alerting Protocol)


INFOD Web Services

Step 1 : Register Property andData vocabularies for a community


INFOD Web Services

Step 2 : Create Consumers andPublishers

Property Constraints

for $publishers in fn:collection("$$INFODpublisher")

where $ publishers

//OrganizationSubUnitName=”RedCross”


INFOD Web Services


Property Constraintsfor $publisher in fn:collection("$$INFODpublishers")

where $publisher//OrganizationSubUnitName=”E911Center”

for $firstresponders in fn:collection("$$INFODconsumers")

where $ firstresponders//OrganizationSubUnitName=”RedCross”

Data Constraintsdeclare namespace $data =

http://infod.firstrespondernet.com/AlertDataVocabulary;

let $msg1 := for $firstresponders

where $data:AlertStatus = ‘Actual’ and

$data:EventCategory = ‘CBRNE’ and

$data:EventSeverity > ‘Moderate’

return {$data, $data:Instruction = ’Evacuate people in the region’ }

let $msg2 := for $firstresponders

where $data:capAlertStatus = ‘Actual’ and

$data:EventCategory = ‘Fire’ and

$data:EventSeverity > ‘Moderate’

return { $data:Substance, $data:Volume, $data:EventCategory }

Dynamic Consumer Constraint for $firstresponders

where $firstresponders//OrganizationSubUnitName=”Police”

return msg1

for $firstresponders

where firstresponders//OrganizationSubUnitName=”FireService”

return msg2

INFOD Web Services

Step 3 : Subscribers and Subscriptions


INFOD Web Services

Step 4 : Notification Messages


Potential Extensions


INFOD - Security Considerations

• Authentication– Users establish identity with the registry

– Publishers authenticate to the consumer

– Web Service Security Specification

Role

Policy Set

Policy

Rule

Resource

& Action• Authorization– RBAC: Role-based access control policies

• INFOD users are associated with Roles

• Limit operational and resource access of users with the registry

– Add security constraints to limit or grant mapping between entitiesmatched through subscription

P1

P2

C1

C2

C3

C4

C5

P1

P2

C1

C2

C3

C4

C5

C6

P1

P2

C1

C2

C3

C4

C5

C6SubscriptionEvaluation

Securityconstraint

“INFOD Security Issues,” Design Document, October 2007.


INFOD - Privacy Issues

• What to share?

• How to share?

• Can we share?

• Should we share?

P1

P2

C1

C2

C3

C4

C5

P1

P2

C1

C2

C3

C4

C5

C6

P1

P2

C1

C2

C3

C4

C5

C6SubscriptionEvaluation

Securityconstraint

Privacyconstraint


Real-Time Resilient Metadata Matching

• Integration with security constraints– Authentication and authorization constraints may contribute to

longer processing delay

– How to achieve desired response time while evaluating as manysubscriptions as possible?

• Integrated (MIMO) control of response time and CPU utilization

• Resilience to security attacks– Security attacks may trigger a huge number of subscription

reevaluation requests• E.g., fast moving plume

– Admission control: reject low-priority requests to guaranteedesired response time.

• E.g., reject weather forecast requests

– Freshness check: reject outdated requests


Extended Study on Plume Tracking

• More general plume models (e.g. Eulerian models) needto be used for testing.

• In proposed approach sensors are controlled individually.However for the process to be completely autonomous,coordination of the distributed sensors is necessary.

• Build a prototype plume-tracking testbed using Mote-based distributed robots.

• Detection and source localization using a distributedsensor network.

Date post:	19-Mar-2020
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times

Data Sharing Middleware Prototype (DSMP) for Information...

Documents