Active data-centric framework for data protection in cloud environment

Cloud computing is an emerging evolutionary computing model that provides highly scalable services over highspeed Internet on a pay-as-usage model. However, cloud-based solutions still have not been widely deployed in some sensitive areas, such as banking and healthcare. The lack of widespread development is related to users’ concern that their confidential data or privacy would leak out in the cloud’s outsourced environment. To address this problem, we propose a novel active data-centric framework to ultimately improve the transparency and accountability of actual usage of the users’ data in cloud. Our data-centric framework emphasizes “active” feature which packages the raw data with active properties that enforce data usage with active defending and protection capability. To achieve the active scheme, we devise the Triggerable Data File Structure (TDFS). Moreover, we employ the zero-knowledge proof scheme to verify the request’s identification without revealing any vital information. Our experimental outcomes demonstrate the efficiency, dependability, and scalability of our framework.

Detecting and mitigating HX-DoS attacks against cloud web services

Cyber-Physical Systems allow for the interaction of the cyber world and physical worlds using as a central service called Cloud Web Services. Cloud Web Services can sit well within three models of Cyber- Physical Systems, Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a- Service (IaaS). With any Cyber-Physical system use Cloud Web Services it inherits a security problem, the HX-DoS attack. HX-DoS attack is a combination of HTTP and XML messages that are intentionally sent to flood and destroy the communication channel of the cloud service provider. The relevance of this research is that TCP/IP flood attacks are a common problem and a lot of research to mitigate them has previously been discussed. But HTTP denial of service and XML denial of service problem has only been addressed in a few papers. In this paper, we get closer to closing this gap on this problem with our new defence system called Pre- Decision, Advance Decision, Learning System (ENDER). In our previous experiments using our Cloud Protector, we were successful at detecting and mitigate 91% with a 9% false positive of HX-DoS attack traffic. In this paper, ENDER was able to improve upon this result by being trained and tested on the same data, but with a greater result of 99% detection and 1% false positive.

Sensor-cloud computing : novel applications and research problems

Recent developments in sensor networks and cloud computing saw the emergence of a new platform called sensor-clouds. While the proposition of such a platform is to virtualise the management of physical sensor devices, we are seeing novel applications been created based on a new class of social sensors. Social sensors are effectively a human-device combination that sends torrent of data as a result of social interactions and social events. The data generated appear in different formats such as photographs, videos and short text messages. Unlike other sensor devices, social sensors operate on the control of individuals via their mobile devices such as a phone or a laptop. And unlike other sensors that generate data at a constant rate or format, social sensors generate data that are spurious and varied, often in response to events as individual as a dinner outing, or a news announcement of interests to the public. This collective presence of social data creates opportunities for novel applications never experienced before. This paper discusses such applications as a result of utilising social sensors within a sensor-cloud environment. Consequently, the associated research problems are also presented.

Hybrid cloud resource provisioning policy in the presence of resource failures

Resource provisiomng is an important and challenging problem in the large-scale distributed systems such as Cloud computing environments. Resource management issues such as Quality of Service (QoS) further exacerbate the resource provisioning problem. Furthermore, with the increasing functionality and complexity of Cloud computing, resource failures are inevitable. Therefore, the question we address in this paper is how to provision resources to applications in the presence of resource failures in a hybrid Cloud computing environment. To this end, we propose three Cloud resource provisioning policies where we utilize workflow applications to drive the system workload. The proposed strategies take into account the workload model and the failure correlations to redirect requests to appropriate Cloud providers. Using real failure traces and workload models, we evaluated the performance and monetary cost of the proposed policies. The results of our experiments show that we can decrease the deadline violation rate of users' requests to as low as 20% with a limited cost on Amazon public Cloud.

Enhancement of user level controls in cloud databases

Industries in developed countries are moving quickly to ensure the rapid adoption of cloud computing. At this stage, several outstanding issues exist, particularly related to Service Level Agreements (SLAs), security and privacy. Consumers and businesses are willing to use cloud computing only if they can trust that their data will remain private and secure. Our review of research literature indicates the level of control that a user has on their data is directly correlated to the level of data privacy provided by the cloud service. We considered several privacy factors from the industry perspective, namely data loss, data storage location being unknown to the client, vendor lock-in, unauthorized secondary use of user's data for advertising, targeting secured backup and easy restoration. The level of user control in database models were identified according to the level of existence in these privacy factors. Finally, we focused on a novel logical model that might help to bring the level of user control of privacy in cloud databases into a higher level.

Microsoft and Amazon : a comparison of approaches to cloud security

Research has shown that data security has always been an important aspect of quality of service for data service providers; but cloud computing poses new and challenging security threats. The most common security concerns for users of cloud storage are data confidentiality, integrity and availability. Microsoft has considered these concerns and responded with the Azure virtual private storage based on Searchable Encryption. Amazon has also responded to these security issues with its Amazon Web Services. In this paper, we investigate and compare in depth the features of Microsoft Azure and Amazon Web Services deemed to provide security with a particular focus on confidentiality, integrity and availability of data.