The current device-centric protection model against security threats has serious limitations. On the one hand, the proliferation of user terminals such as smart-phones, tablets, notebooks, smart TVs, game consoles and desktop computers makes it extremely difficult to achieve the same level of protection regardless of the device used. On the other hand, when various users share devices (e.g., parents and kids using the same devices at home), the set up of distinct security profiles, policies, and protection rules for the different users of a terminal is far from trivial. In light of this, this paper advocates for a paradigm shift in user protection. In our model, the protection is decoupled from the users' terminals, and it is provided by the access network through a Trusted Virtual Domain (TVD). Each TVD provides unified and homogeneous security for a single user, irrespective of the terminal employed. We describe a user-centric model, where non-technically savvy users can define their own profiles and protection rules in an intuitive way. We show that our model can harness from the virtualization power offered by nextgeneration access networks, especially, from Network Functions Virtualization (NFV) in the Points of Presence (POPs) at the edge of Telecom operators. We also analyze the distinctive features of our model, and the challenges faced based on the experience gained in the development of a proof-of-concept.
Software development is facing new challenges as a result of evolution toward integration and collaboration-based service engineering, which embody high degrees of dynamism both at design time and run-time. Short times-to-market require cost reduction by maximizing software reuse. Openness for new innovations presumes a flexible development platform and fast software engineering practices. User satisfaction assumes situation-based applications of high quality. The main contribution of this paper is the piecemeal service engineering (PSE) approach developed for and tested in application development for smart spaces. The intent of PSE is to maximize the reuse of existing knowledge of business and design practices and existing technical assets in the development of new smart-space applications. Business knowledge is mostly informal and domain-dependent, but architectural knowledge is generic, at least semiformal, and represented in principles, ontologies, patterns, and rules that together form a reusable architectural knowledge base for fast smart-space application development. The PSE facilitates the incremental development of intelligent applications by supporting abstraction, aggregation, and adaptability in smart-space development.INDEX TERMS Service engineering, semantic, dynamic, architectural knowledge, reuse.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.