Active data-centric framework for data protection in cloud environment

Cloud computing is an emerging evolutionary computing model that provides highly scalable services over highspeed Internet on a pay-as-usage model. However, cloud-based solutions still have not been widely deployed in some sensitive areas, such as banking and healthcare. The lack of widespread development is related to users’ concern that their confidential data or privacy would leak out in the cloud’s outsourced environment. To address this problem, we propose a novel active data-centric framework to ultimately improve the transparency and accountability of actual usage of the users’ data in cloud. Our data-centric framework emphasizes “active” feature which packages the raw data with active properties that enforce data usage with active defending and protection capability. To achieve the active scheme, we devise the Triggerable Data File Structure (TDFS). Moreover, we employ the zero-knowledge proof scheme to verify the request’s identification without revealing any vital information. Our experimental outcomes demonstrate the efficiency, dependability, and scalability of our framework.

A survey of cloud-based service computing solutions for mammalian genomics

Cloud-based service computing has started to change the way how research in science, in particular biology, medicine, and engineering, is being carried out. Researchers in the area of mammalian genomics have taken advantage of cloud computing technology to cost-effectively process large amounts of data and speed up discovery. Mammalian genomics is limited by the cost and complexity of analysis, which require large amounts of computational resources to analyse huge amount of data and biology specialists to interpret results. On the other hand the application of this technology requires computing knowledge, in particular programming and operations management skills to develop high performance computing (HPC) applications and deploy them on HPC clouds. We carried out a survey of cloud-based service computing solutions, as the most recent and promising instantiations of distributed computing systems, in the context their use in research of mammalian genomic analysis. We describe our most recent research and development effort which focuses on building Software as a Service (SaaS) clouds to simplify the use of HPC clouds for carrying out mammalian genomic analysis.

Towards power consumption-delay tradeoff by workload allocation in cloud-fog computing

Fog computing, characterized by extending cloud computing to the edge of the network, has recently received considerable attention. The fog is not a substitute but a powerful complement to the cloud. It is worthy of studying the interplay and cooperation between the edge (fog) and the core (cloud). To address this issue, we study the tradeoff between power consumption and delay in a cloud-fog computing system. Specifically, we first mathematically formulate the workload allocation problem. After that, we develop an approximate solution to decompose the primal problem into three subproblems of corresponding subsystems, which can be independently solved. Finally, based on extensive simulations and numerical results, we show that by sacrificing modest computation resources to save communication bandwidth and reduce transmission latency, fog computing can significantly improve the performance of cloud computing.

Determining service trustworthiness in inter loud computing environments

Deployment of applications and scientific workflows that require resources from multiple distributed platforms are fuelling the federation of autonomous clouds to create cyber infrastructure environments. As the scope of federated cloud computing enlarges to ubiquitous and pervasive computing, there will be a need to assess and maintain the trustworthiness of the cloud computing entities. In this paper, we present a fully distributed framework that enable interested parties determine the trustworthiness of federated cloud computing entities.

Toward a framework for cloud security

While the emergence of cloud computing has made it possible to rent information technology infrastructures on demand, it has also created new security challenges. The primary security concern is trusting data (or resources in general) on another organization’s system. This document seeks to examine the current state of security in cloud computing and presents a set of challenges to address the security needs of clouds. The end result is a framework to help the design and implementation of effective cloud security infrastructures.

Toward ease of discovery, selection and use of clusters within a cloud

While the emergence of clouds had lead to a significant paradigm shift in business and research, cloud computing is still in its infancy. Specifically, there is no effective publication and discovery service nor are cloud services easy to use. This paper presents a new technology for offering ease of discovery, selection and use of clusters hosted within clouds. By improving these services, cloud clusters become easily accessible to all clients, software services to noncomputing human user.

Prevention of information harvesting in a cloud services environment

We consider a cloud data storage involving three entities, the cloud customer, the cloud business centre which provides services, and the cloud data storage centre. Data stored in the data storage centre comes from a variety of customers and some of these customers may compete with each other in the market place or may own data which comprises confidential information about their own clients. Cloud staff have access to data in the data storage centre which could be used to steal identities or to compromise cloud customers. In this paper, we provide an efficient method of data storage which prevents staff from accessing data which can be abused as described above. We also suggest a method of securing access to data which requires more than one staff member to access it at any given time. This ensures that, in case of a dispute, a staff member always has a witness to the fact that she accessed data.

CBF : A packet filtering method for DDoS attack defense in cloud environment

Distributed Denial-of-Service attack (DDoS) is a major threat for cloud environment. Traditional defending approaches cannot be easily applied in cloud security due to their relatively low efficiency, large storage, to name a few. In view of this challenge, a Confidence-Based Filtering method, named CBF, is investigated for cloud computing environment, in this paper. Concretely speaking, the method is deployed by two periods, i.e., non-attack period and attack period. More specially, legitimate packets are collected at non-attack period, for extracting attribute pairs to generate a nominal profile. With the nominal profile, the CBF method is promoted by calculating the score of a particular packet at attack period, to determine whether to discard it or not. At last, extensive simulations are conducted to evaluate the feasibility of the CBF method. The result shows that CBF has a high scoring speed, a small storage requirement and an acceptable filtering accuracy, making it suitable for real-time filtering in cloud environment.

Hybrid cloud resource provisioning policy in the presence of resource failures

Resource provisiomng is an important and challenging problem in the large-scale distributed systems such as Cloud computing environments. Resource management issues such as Quality of Service (QoS) further exacerbate the resource provisioning problem. Furthermore, with the increasing functionality and complexity of Cloud computing, resource failures are inevitable. Therefore, the question we address in this paper is how to provision resources to applications in the presence of resource failures in a hybrid Cloud computing environment. To this end, we propose three Cloud resource provisioning policies where we utilize workflow applications to drive the system workload. The proposed strategies take into account the workload model and the failure correlations to redirect requests to appropriate Cloud providers. Using real failure traces and workload models, we evaluated the performance and monetary cost of the proposed policies. The results of our experiments show that we can decrease the deadline violation rate of users' requests to as low as 20% with a limited cost on Amazon public Cloud.

Enhancement of user level controls in cloud databases

Industries in developed countries are moving quickly to ensure the rapid adoption of cloud computing. At this stage, several outstanding issues exist, particularly related to Service Level Agreements (SLAs), security and privacy. Consumers and businesses are willing to use cloud computing only if they can trust that their data will remain private and secure. Our review of research literature indicates the level of control that a user has on their data is directly correlated to the level of data privacy provided by the cloud service. We considered several privacy factors from the industry perspective, namely data loss, data storage location being unknown to the client, vendor lock-in, unauthorized secondary use of user's data for advertising, targeting secured backup and easy restoration. The level of user control in database models were identified according to the level of existence in these privacy factors. Finally, we focused on a novel logical model that might help to bring the level of user control of privacy in cloud databases into a higher level.