Microsoft and Amazon : a comparison of approaches to cloud security

Research has shown that data security has always been an important aspect of quality of service for data service providers; but cloud computing poses new and challenging security threats. The most common security concerns for users of cloud storage are data confidentiality, integrity and availability. Microsoft has considered these concerns and responded with the Azure virtual private storage based on Searchable Encryption. Amazon has also responded to these security issues with its Amazon Web Services. In this paper, we investigate and compare in depth the features of Microsoft Azure and Amazon Web Services deemed to provide security with a particular focus on confidentiality, integrity and availability of data.

Security concerns and remedy in a cloud based e-learning system

Cloud computing is an emerging technology and it utilizes the cloud power to many technical solutions. The e-learning solution is one of those technologies where it implements the cloud power in its existing system to enhance the functionality providing to e-learners. Cloud technology has numerous advantages over the existing traditional e-learning systems. However security is a major concern in cloud based e-learning. Therefore security measures are unavoidable to prevent the loss of users’ valuable data from the security vulnerabilities. This paper investigates various security issues involved in cloud based e-learning technology with an aim to suggest remedial in the form of security measures and security management standards. These will help to overcome the security threats in cloud based e-learning technology. Solving the key problems will also encourage the widespread adoption of cloud computing in educational institutes.

A hierarchical cloud pricing system

Cloud computing is experiencing phenomenal growth and there are now many vendors offering their cloud services. In cloud computing, cloud providers cooperate together to offer their computing resource as a utility and software as a service to customers. The demands and the price of cloud service should be negotiated between providers and users based on the Service Level Agreement (SLA). In order to help cloud providers achieving an agreeable price for their services and maximizing the benefits of both cloud providers and clients, this paper proposes a cloud pricing system consisting of hierarchical system, M/M/c queuing model and pricing model. Simulation results verify the efficiency of our proposed system.

Remote monitoring system enabling cloud technology upon smart phones and inertial sensors for human kinematics

Stroke is a common neurological condition which is becoming increasingly common as the population ages. This entails healthcare monitoring systems suitable for home use, with remote access for medical professionals and emergency responders. The mobile phone is becoming the easy access tool for self-evaluation of health, but it is hindered by inherent problems including computational power and storage capacity. This research proposes a novel cloud based architecture of a biomedical system for a wearable motion kinematic analysis system which mitigates the above mentioned deficiencies of mobile devices. The system contains three subsystems: 1. Bio Kin WMS for measuring the acceleration and rotation of movement 2. Bio Kin Mobi for Mobile phone based data gathering and visualization 3. Bio Kin Cloud for data intensive computations and storage. The system is implemented as a web system and an android based mobile application. The web system communicates with the mobile application using an encrypted data structure containing sensor data and identifiable headings. The raw data, according to identifiable headings, is stored in the Amazon Relational Database Service which is automatically backed up daily. The system was deployed and tested in Amazon Web Services.

Secure outsourced attribute-based signatures

Attribute-based signature (ABS) enables users to sign messages over attributes without revealing any information other than the fact that they have attested to the messages. However, heavy computational cost is required during signing in existing work of ABS, which grows linearly with the size of the predicate formula. As a result, this presents a significant challenge for resource-constrained devices (such as mobile devices or RFID tags) to perform such heavy computations independently. Aiming at tackling the challenge above, we first propose and formalize a new paradigm called Outsourced ABS, i.e., OABS, in which the computational overhead at user side is greatly reduced through outsourcing intensive computations to an untrusted signing-cloud service provider (S-CSP). Furthermore, we apply this novel paradigm to existing ABS schemes to reduce the complexity. As a result, we present two concrete OABS schemes: i) in the first OABS scheme, the number of exponentiations involving in signing is reduced from O(d) to O(1) (nearly three), where d is the upper bound of threshold value defined in the predicate; ii) our second scheme is built on Herranz et al.'s construction with constant-size signatures. The number of exponentiations in signing is reduced from O(d2) to O(d) and the communication overhead is O(1). Security analysis demonstrates that both OABS schemes are secure in terms of the unforgeability and attribute-signer privacy definitions specified in the proposed security model. Finally, to allow for high efficiency and flexibility, we discuss extensions of OABS and show how to achieve accountability as well.

Multi-cloud application execution and data management

Recently, fields with substantial computing requirementshave turned to cloud computing for economical, scalable, and on-demandprovisioning of required execution environments. However, current cloudofferings focus on providing individual servers while tasks such as applicationdistribution and data preparation are left to cloud users. This article presents anew form of cloud called HPC Hybrid Deakin (H2D) cloud; an experimentalhybrid cloud capable of utilising both local and remote computational servicesfor large embarrassingly parallel applications. As well as supporting execution,H2D also provides a new service, called DataVault, that provides transparentdata management services so all cloud-hosted clusters have required datasetsbefore commencing execution.

Security from the transparent computing aspect

Transparent computing is an emerging computing paradigm where the users can enjoy any kind of service over networks on-demand with any devices, without caring about the underlying deployment details. In transparent computing, all software resources (even the OS) are stored on remote servers, from which the clients can request the resources for local execution in a block-streaming way. This paradigm has many benefits including cross-platform experience, user orientation, and platform independence. However, due to its fundamental features, e.g., separation of computation and storage in clients and servers respectively, and block-streaming-based scheduling and execution, transparent computing faces many new security challenges that may become its biggest obstacle. In this paper, we propose a Transparent Computing Security Architecture (TCSA), which builds user-controlled security for transparent computing by allowing the users to configure the desired security environments on demand. We envision, TCSA, which allows the users to take the initiative to protect their own data, is a promising solution for data security in transparent computing. © 2014 IEEE.

Exposing HPC and sequential applications as services through the development and deployment of a SaaS cloud

Cloud and service computing has started to change the way research in science, in particular biology and medicine, is being carried out. Researchers that have taken advantage of this technology (making use of public and private cloud compute resources) can process large amounts of data (big data) and speed up discovery. However, this requires researchers to acquire a solid knowledge and skills in the development of sequential and high performance computing (HPC), and cloud development and deployment background. In response a technology exposing HPC applications as services through the development and deployment of a SaaS cloud, and its proof of concept in the form of implementation of a cloud environment, Uncinus, has been developed and implemented to allow researchers easy access to cloud computing resources. The new technology offers and Uncinus supports the development of applications as services and the sharing of compute resources to speed up applications' execution. Users access these cloud resources and services through web interfaces. Using the Uncinus platform, a bio-informatics workflow was executed on a private (HPC) cloud, server and public cloud (Amazon EC2) resources, performance results showing a 3 fold improvement compared to local resources' performance. Biology and medicine specialists with no programming and application deployment on clouds background could run the case study applications with ease.

Software engineering for multi-tenancy computing challenges and implications

Multi-tenancy is a cloud computing phenomenon. Multiple instances of an application occupy and share resources from a large pool, allowing different users to have their own version of the same application running and coexisting on the same hardware but in isolated virtual spaces. In this position paper we survey the current landscape of multi-tenancy, laying out the challenges and complexity of software engineering where multi-tenancy issues are involved. Multitenancy allows cloud service providers to better utilise computing resources, supporting the development of more exible services to customers based on economy of scale, reducing overheads and infrastructural costs. Nevertheless, there are major challenges in migration from single tenant applications to multi-tenancy. These have not been fully explored in research or practice to date. In particular, the reengineering effort of multi-tenancy in Software-as-a-Service cloud applications requires many complex and important aspects that should be taken into consideration, such as security, scalability, scheduling, data isolation, etc. Our study emphasizes scheduling policies and cloud provisioning and deployment with regards to multi-tenancy issues. We employ CloudSim and MapReduce in our experiments to simulate and analyse multi-tenancy models, scenarios, performance, scalability, scheduling and reliability on cloud platforms.

A framework for convergence of cloud services and Internet of things

Today, Cloud Computing and the Internet of things are two "major forces" that drive the development of new Information Technology (IT) solutions. Many Internet of things (IoT) based large-scale applications rely on a cloud platform for data processing and storage. However, big data generated or collected by large-scale geo-distributed devices needs to be transferred to the cloud, often becoming a bottleneck for the system. In this paper, we propose a framework that integrates popular cloud services with a network of loT devices. In the framework, novel methods have been designed for reliable and efficient data transportation. This framework provides a convergence of cloud services and devices that will ease the development of loT based, cloud-enabled applications. We have implemented a prototype of the framework to demonstrate the convergence of popular cloud services and IoT technologies.

A decentralized cloud firewall framework with resources provisioning cost optimization

Cloud computing is becoming popular as the next infrastructure of computing platform. Despite the promising model and hype surrounding, security has become the major concern that people hesitate to transfer their applications to clouds. Concretely, cloud platform is under numerous attacks. As a result, it is definitely expected to establish a firewall to protect cloud from these attacks. However, setting up a centralized firewall for a whole cloud data center is infeasible from both performance and financial aspects. In this paper, we propose a decentralized cloud firewall framework for individual cloud customers. We investigate how to dynamically allocate resources to optimize resources provisioning cost, while satisfying QoS requirement specified by individual customers simultaneously. Moreover, we establish novel queuing theory based model M/Geo/1 and M/Geo/m for quantitative system analysis, where the service times follow a geometric distribution. By employing Z-transform and embedded Markov chain techniques, we obtain a closed-form expression of mean packet response time. Through extensive simulations and experiments, we conclude that an M/Geo/1 model reflects the cloud firewall real system much better than a traditional M/M/1 model. Our numerical results also indicate that we are able to set up cloud firewall with affordable cost to cloud customers.

Security and privacy concerns for Australian SMEs cloud adoption: empirical study of metropolitan vs regional SMEs

New national infrastructure initiatives such as the National Broadband Network (NBN) allow small and medium-sized enterprises (SMEs) in Australia to have greater access to cost effective Cloud computing. However, the ability of Cloud computing to store data remotely and share services in a dynamic environment brings with it security and privacy concerns. Evaluating these concerns is critical to address the Cloud computing underutilisation issue and leverage the benefits of costly NBN investment. This paper examines the influence of privacy and security factors on Cloud adoption by Australian SMEs in metropolitan and regional area. Data were collected from 150 Australian SMEs (specifically, 79 metropolitan SMEs and 71 regional SMEs) and structural equation modelling was used for the analysis. The findings reveal that privacy and security factors do not significantly influence the decision-making of Australian SMEs in the adoption of Cloud computing. Moreover, the results indicate that Cloud computing adoption is not influenced by the geographical location (i.e., metropolitan or regional location) of the SMEs. The findings extend the current understanding of Cloud computing adoption by Australian SMEs. The results will be useful to SMEs, Cloud service providers and policy makers devising Cloud security and privacy policies.

Congestion control mechanism for sensor-cloud Infrastructure

 This thesis has developed a sensor-Cloud system that integrates WBANs with Cloud computing to enable real-time sensor data collection, storage, processing, sharing and management. As the main contribution of this study, a congestion detection and control protocol is proposed to ensure acceptable data flows are maintained during the network lifetime.