Paul Rimba

Learn More
1 Introduction While WS*-based Service-Oriented Architecture (SOA) is employed heavily in the enterprise application & integration space, end-user-oriented organizations such as Facebook, Google or Yahoo! adopted the REST paradigm. Web service ecosystems [1] have been established around web service offerings like social networking, where open platforms(More)
Half a decade after Bitcoin became the first widely used cryptocurrency, blockchains are receiving considerable interest from industry and the research community. Modern blockchains feature services such as name registration and smart contracts. Some employ new forms of consensus, such as proof-of-stake instead of proof-of-work. However, these blockchains(More)
When monitoring complex applications in cloud systems, a difficult problem for operators is receiving false positive alarms. This becomes worse when the system is sporadically being changed and upgraded due to the emerging continuous deployment practice. Other legitimate but sporadic maintenance operations, such as log compression, garbage collection and(More)
At the RELENG 2014 Q&A, the question was asked, "What is your greatest concern?" and the response was "someone subverting our deployment pipeline". That is the motivation for this paper. We explore what it means to subvert a pipeline and provide several different scenarios of subversion. We then focus on the issue of securing a pipeline. As a result, we(More)
This summary reports on three separate events, the main conference and two co-located workshops, which were held at the International Conference on Software Engineering (ICSE) in 2015 in Florence. The workshops are the third international workshop on RELeng ENGineering (RELENG) and the first international workshop on Complex faUlts and Failures in LargE(More)
Building high assurance secure applications requires the proper use of security mechanisms and assurances provided by the underlying secure platform. However, applications are often built using security patterns and best practices that are agnostic with respect to the intricate specifics of the different underlying platforms. This independence from the(More)
  • 1