GEMOM – Genetic Message Oriented Secure Middleware

GEMOM – Genetic Message Oriented Secure Middleware

The main focus of GEMOM is the significant and measurable increase in end-to-end intelligence, security and resilience of complex, distributed information systems. The primary objective of GEMOM is to research, develop and deploy a prototype of a messaging platform that is evolutionary, self-organising, self healing, scalable and secure. Existing technologies are crude, not scalable and not suited for what will be required in the future. There is neither adequate robustness nor resilience appropriate for future real-time systems in particular, and the project will provide solutions to overcome these limitations to secure messaging. Fault tolerance will be looked at in a more dynamic way. GEMOM’s definition of intelligence and resilience draws attention to the fact that there can be insensitivity or low awareness of faults. These faults could result in the deterioration of the functional profile of the informational system, of the volumetric profile, or of the security profile. It also brings into question the availability of support for a reconfiguration back to an efficiently working system. GEMOM will be able to rectify such vulnerability to faults through researching, developing and deployment of a prototype of a messaging platform that is evolutionary, self-organising, self healing, scalable and secure. GEMOM will be resilient and be able to utilise redundant modules (hot-swap or switch-over) instantly without information loss. These resilience features will allow specialist, independent system actors, (viz. watchdogs, security and situation monitors, routers, and other optimisers,) to remove or replace compromised nodes from the broader network instantly and without compromising higher level functionality and security.

GEMOM Case Studies:

  • Collaborative business portal: This portal is intended as a generic platform to facilitate collaborative working between professionals in a local government setting with the range of professionals, e.g., the emergency services co-ordination business portal.
  • Dynamic linked exchange: This exchange is intended to match the procurement needs to available suppliers and specialising in local government / SME actors.
  • Financial market data delivery: This service is to deliver trading signals for a range of financial markets to private and institutional investors.
  • Dynamic road management system: This system is a complex operational system for distributing road network traffic and mobility information to a wide range of potential consumers.
  • Banking Scenario / Money Transfers: This system is a "Universal Banking HUB" in a central architectural position as a pervasive pivoting component of the bank’s IT architecture that should be able to exchange, both internally and externally, several types of messages, each representing a specific kind of business fact.

NR’s contribution

NR’s researchers work on the development of the GEMOM messaging platform prototype through the participation or leadership in several of the core development activities, the development of support for quality of service and security, and the implementation and specification of requirements for routing and switching in a way that is self-optimising and self-healing, and supports redundancy.

Benefit for customers

GEMOM provides solutions to overcome limitations regarding robustness resilience, and scalability. It supports a messaging infrastructure which will enable flexible solutions and assurance against security vulnerabilities and erroneous input vulnerabilities to improve the reliability, robustness and dependability of critical infrastructures. GEMOM, with its fluid, resilient, self-healing and adaptive messaging allows for flexible messaging solutions and offers monitoring, management and maintenance incrementally. Its adaptive security solution learns and adapts to changing environments during run-time in the face of changing threats without sacrificing the efficiency, flexibility, reliability, and security of the system.

Benefit for society

GEMOM complements other security and dependability efforts by focusing on facilitating the strengthening of the secure integration of services, and the security policies and the resilience of systems. It achieves this by making it possible to identify potential weaknesses, threats and vulnerabilities at all levels, resulting in a more robust and informed business and operational policy for security for organizations. This will enable trust in business critical models and processes.

Project results

The system requirements analysis and specification, and the quality of service and security requirement specifications are finalized. The following architectures are currently being implemented.

So far, we have prototyped and lab-tested

  • a full-featured message broker, transparent completion and encapsulation publishing framework,
  • adaptive security implementation (authentication, authorization, key management, Identity management),
  • a Security Monitoring Tool,
  • a MOM Intelligent Fuzzing Tool for a pre-emptive security "black box" testing, and
  • tools for the management of configuration and deployment and development process.

Further, we have developed demonstrators for

  • enhanced resilience,
  • QoS and security implementation,
  • security and QoS monitoring system,
  • integrators for well-known commercial MOM systems (JMS, Tibco's, Reuters, and IBM's MQ Series), and
  • a Broker Manager Agent without and with optimization.

Publications

The updated list of publications can be found at the project site (www.gemom.eu). In the following, we list selected publications.

  • GEMOM Middleware Self-healing and Fault-tolerance: a  Highway Tolling Case Study, ICSNC 2011 : The Sixth International Conference on Systems and Networks Communications, 2011, 136-142
  • Innovations and Advances in Adaptive Secure Message Oriented Middleware - the GEMOM Project, 2nd Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing Systems (RDCS 2010)
  • GEMOM Platform Prototype Validation through Case Studies - Main Results and Viewpoints to Exploitation, 2nd Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing Systems (RDCS 2010)
  • Self-Healing and Secure Adaptive Messaging Middleware for Business Critical Systems, In: International Journal on Advances in Security, Vol. 3, No. 1&2, July 2010
  • Applicability of Security Metrics for Adaptive Security Management in a Universal Banking Hub System, 1st International Workshop on Measurability of Security in Software Architectures (MeSSa 2010), Copenhagen, Denmark, August 23, 2010
  • Advances in Adaptive Secure Message Oriented Middleware for Distributed Business Critical Systems, 8th International Conference of Numerical Analysis and Applied Mathematics (ICNAAM 2010), 19-25 September 2010, Rhodes, Greece
  • Development of Measurable Security for a Distributed Messaging System, In: International Journal on Advances in Security, Vol. 2, No. 4, 2009, ISSN 1942-2636, pp. 358-380 (Published in March 2010)
  • Robust, Secure, Self-Adaptive and Resilient Messaging Middleware for Business Critical Systems, The First International Conference on Adaptive and Self-adaptive Systems and Applications, ADAPTIVE 2009, November 15-20, 2009 - Athens/Glyfada, Greece
  • Development of Security Metrics for a Distributed Messaging System, The 3rd International Conference on Application of Information and Communication Technologies, AICT2009, Azerbaijan, Baku, 14-16 October 2009
  • Adaptive Security and Trust Management for Autonomic Message-Oriented Middleware, IEEE Symposium on Trust, Security and Privacy for Pervasive Applications (TSP) 2009, October 12-14, 2009 in Macau SAR, P.R.China
  • Identification of Basic Measurable Security Components for a Distributed Messaging System, The 3rd International Conference on Emerging Security Information, Systems and Technologies (SECURWARE) 2009, June 18-23, 2009 - Athens/Glyfada, Greece
  • GEMOM - Significant and Measurable Progress beyond the State of the Art, The Third International Conference on Systems and Networks Communications, ICSNC 2008, October 26-31, 2008 - Sliema, Malta
  • Anomaly Detection in the Case of Message Oriented Middleware, proceedings of First International Workshop on Middleware Security, Dec, 2008, Leuven, Belgium.