A Middleware Architecture for Securing Ubiquitous Computing Cyber Infrastructures

Ubiquitous computing is revolutionizing the way applications, users, resources, and physical spaces interact. In this paper we address securing cyber infrastructures for ubiquitous computing environments, like smart buildings and campuses. Our emphasis here is to construct a middleware-based critical cyber infrastructure (CCI) that encompasses heterogeneous components and binds networks, processors, and devices with mechanisms, protocols and services to offer reliable, fault-tolerant, available, and secure operations. Existing CCI implementations create statically configured, confined networked subsystems, which are isolated from the public Internet, and are context insensitive. This leads to multiple subsystems that are incompatible and incapable of interoperating, thus making operations, management, and trust difficult. In this paper, we propose Hestia: Heterogeneous Survivable Trusted Information-assurance Architecture and describe how it addresses the problem of securing critical information services in largescale ubiquitous computing environments. Hestia is a novel programmable middleware solution, implemented as a network of Middleboxes. These Middleboxes form protective layers that isolate critical cyber-infrastructure services and mediate authorized access to the services in our system. The Middleboxes provide a programmable distributed object-oriented framework that enables us to integrate security, privacy, and reliability mechanisms into service access interfaces and implementations.