Decentralized Machine Autonomy for Manufacturing Servitization

Blockchain ecosystems are rapidly maturing and meeting the needs of business environments (e.g., industry, manufacturing, and robotics). The decentralized approaches in industries enable novel business concepts, such as machine autonomy and servitization of manufacturing environments. Introducing the distributed ledger technology principles into the machine sharing and servitization economy faces several challenges, and the integration opens new interesting research questions. Our research focuses on data and event models and secure upgradeable smart contract platforms for machine servitization. Our research indicates that with the proposed approaches, we can efficiently separate on- and off-chain data and assure scalability of the DApp without compromising the trust. We demonstrate that the secure upgradeable smart contract platform, which was adapted for machine servitization, supports the business workflow and, at the same time, assures common identification and authorization of all the participants in the system, including people, devices, and legal entities. We present a hybrid decentralized application (DApp) for the servitization of 3D printing. The solution can be used for or easily adapted to other manufacturing domains. It comprises a modular, upgradeable smart contract platform and off-chain machine, customer and web management, and monitoring interfaces. We pay special attention to the data and event models during the design, which are fundamental for the hybrid data storage and DApp architecture and the responsiveness of off-chain interfaces. The smart contract platform uses a proxy contract to control the access of smart contracts and role-based access control in function calls for blockchain users. We deploy and evaluate the DApp in a consortium blockchain network for performance and privacy. All the actors in the solution, including the machines, are identified by their blockchain accounts and are compeers. Our solution thus facilitates integration with the traditional information-communication systems in terms of the hybrid architectures and security standards for smart contract design comparable to those in traditional software engineering.

EDITOR ZA XACML RBAC PROFIL

U ovom radu je analiziran XACML (OASIS eXtensible Access Control Markup Language) sa akcentom na RBAC (Role Based Access Control) profil ovog jezika. Objašnjeni su teorijski koncepti vezani za kontrolu pristupa. Razmatrano je definisanje prava pri­stupa kroz politike ovog profila, kojim bi se ispunili zahtevi za osnovni i hijerarhijski RBAC. Dat je opis im­plemen­tirane aplikacije i prikaz reprezentativnih delova koda.

Customized Learning Model Using Learner Activity Analysis

Reshaping education with knowledge and skills is the major objective of many of the developing organization to build competitive knowledge economy. Electronic learning, also popularly known as e-learning is one of the most effective applications of Information and Communication Technology (ICT), which refurbishes the dimension in higher education. COVID-19 pandemic situation justifies the need and real utilization of E-learning. Existing E-learning system provides static content to all learners irrespective of their learning needs. In this paper we propose to create Dynamic Role based access control model based on information from learners needs, audit logs and observations to support adaptive E-learning systems.

Hybrid Role and Attribute Based Access Control Applied in Information Systems

It this paper it is proposed a new access control model – Hybrid Role and Attribute Based Access Control (HRABAC). It is an extension of Role-Based Access Control (RBAC). HRABAC is designed for information systems and enterprise software and combines the advantages of RBAC and Attribute-Based Access Control (ABAC). HRABAC is easy configurable, fine-grained and supports role hierarchies. The proposed model HRABAC describes the access control scheme in Laravel package laravelroles/rolespermissions, which is developed by the author of the paper, as an answer to the requirements of practice of fine-grained and easy configurable access control solution. Laravel is chosen, because it is the most popular and the most widely used PHP framework. The package laravelroles/rolespermissions is developed on Laravel so that maximum number of programmers could use it. This package contains working and tested functionalities for managing users, roles and permissions, and it is applied in accounting information system.

Towards Better Understanding of User Authorization Query Problem via Multi-variable Complexity Analysis

User authorization queries in the context of role-based access control have attracted considerable interest in the past 15 years. Such queries are used to determine whether it is possible to allocate a set of roles to a user that enables the user to complete a task, in the sense that all the permissions required to complete the task are assigned to the roles in that set. Answering such a query, in general, must take into account a number of factors, including, but not limited to, the roles to which the user is assigned and constraints on the sets of roles that can be activated. Answering such a query is known to be NP-hard. The presence of multiple parameters and the need to find efficient and exact solutions to the problem suggest that a multi-variate approach will enable us to better understand the complexity of the user authorization query problem (UAQ). In this article, we establish a number of complexity results for UAQ. Specifically, we show the problem remains hard even when quite restrictive conditions are imposed on the structure of the problem. Our fixed-parameter tractable (FPT) results show that we have to use either a parameter with potentially quite large values or quite a restricted version of UAQ. Moreover, our second FPT algorithm is complex and requires sophisticated, state-of-the-art techniques. In short, our results show that it is unlikely that all variants of UAQ that arise in practice can be solved reasonably quickly in general.