Above the trust and security in cloud computing : a notion towards innovation

While the nascent Cloud Computing paradigm supported by virtualization has the upward new notion of edges, it lacks proper security and trust mechanisms. Edges are like on demand scalability and infinite resource provisioning as per the `pay-as-you-go' manner in favour of a single information owner (abbreviated as INO from now onwards) to multiple corporate INOs. While outsourcing information to a cloud storage controlled by a cloud service provider (abbreviated as CSP from now onwards) relives an information owner of tackling instantaneous oversight and management needs, a significant issue of retaining the control of that information to the information owner still needs to be solved. This paper perspicaciously delves into the facts of the Cloud Computing security issues and aims to explore and establish a secure channel for the INO to communicate with the CSP while maintaining trust and confidentiality. The objective of the paper is served by analyzing different protocols and proposing the one in commensurate with the requirement of the security property like information or data confidentiality along the line of security in Cloud Computing Environment (CCE). To the best of our knowledge, we are the first to derive a secure protocol by successively eliminating the dangling pitfalls that remain dormant and thereby hamper confidentiality and integrity of information that is worth exchanging between the INO and the CSP. Besides, conceptually, our derived protocol is compared with the SSL from the perspectives of work flow related activities along the line of secure trusted path for information confidentiality.

Conceptualizing social influence in the ubiquitous computing era : technology adoption and use in multiple use contexts

Ubiquitous and mobile computing has increased the level of social connectedness. In an era where technology has permeated into spaces of work, play and socializing, social influence has become an important consideration. The operationalization of the social influence construct in the technology adoption and use literature often assumes singular technology use contexts and purposes. We question whether social influence, as operationalized in IS, is reflective of the utilitarian, hedonic and social environment that many individuals operate in. We propose a framework to consider social influence more inclusively, drawing on differences in referent power and levels of expertise. We outline our research approach within the demographic segment of young working professionals. Research in this area is necessary to improve theoretical explanations of adoptive behavior of these technologies. We hope to contribute by suggesting a richer, more encompassing operationalization of the social influence construct for future IS research.

Conceptualizing user satisfaction in the ubiquitous computing era

In this research-in-progress paper we argue that technology in the ubiquitous computing era offers experiences to users that extend well beyond the functional, practical applications offered in the world of work. In this era a realm of engagement is opening up to the individual that transcends the utilitarian, to encompass hedonic and social existence. Our central argument, therefore, is that user satisfaction is a notion which must extend to encompass rich, holistic human experience involving complex and fleeting interactions, driven by highly personal circumstances. We argue that the expectations, requirements and value perceptions of individuals in this dynamic context may only be anticipated and understood if situational factors (such as location, time, context, history-of-use) and quality of life factors (such as life stage, mobility, health, income, background, education) are taken into account. We identify the fundamental differences in key characteristics of user satisfaction between the traditional and ubiquitous computing environments and provide details about our own research approach, in which we are exploring ubiquitous content provision from the perspective of content providers.

Contextual influences on user satisfaction with mobile computing : findings from two healthcare organizations

Mobile information technologies (IT) are transforming individual work practices and organizations. These devices are extending not only the boundaries of the ‘office’ in space and time, but also the social context within which use occurs. In this paper, we investigate how extra-organizational influences can impact user satisfaction with mobile systems. The findings from our longitudinal study highlight the interrelatedness of different use contexts and their importance in perceptions of user satisfaction. The data indicate that varying social contexts of individual use (individual as employee, as professional, as private user, and as member of society) result in different social influences that affect the individual’s perceptions of user satisfaction with the mobile technology. While existing theories explain user satisfaction with IT within the organizational context, our findings suggest that future studies of mobile IT in organizations should accommodate such extra-organizational contextual influences.

Toward higher level abstractions for cloud computing

The general idea of cloud computing is offering computational resources as scalable, on demand services accessible over the internet. However, this new realisation of on demand computing is hindered by the amount of user involvement. Currently, high level abstractions in cloud computing only exist in the form of services. In particular, there is no effective means to publish, discover and finally use required services in clouds. In response, we propose a user level abstraction on top of already available cloud abstraction layers, present its concept using the resources via web services (RVWS) framework and demonstrate its feasibility by simplifying the exposure and use of clusters, a commonly used resource in cloud computing.

Special section : trusted computing

Security and privacy have been the major concern when people build computer networks and systems. Any computer network or system must be trustworthy to avoid the risk of losing control and retain confidence that it will not fail [1] Jun Ho Huh, John Lyle, Cornelius Namiluko and Andrew Martin, Managing application whitelists in trusted distributed systems. Future Generation Computer Systems,  27 2 (2011), pp. 211–226. [1]. Trust is the key factor to enable dynamic interaction and cooperation of various users, systems and services [2]. Trusted Computing aims at making computer networks, systems, and services available, predictable, traceable, controllable, assessable, sustainable, dependable, and security/privacy protectable. This special section focuses on the issues related to trusted computing, such as trusted computing models and specifications, trusted reliable and dependable systems, trustworthy services and applications, and trust standards and protocols.

Establishing trust in hybrid cloud computing environments

Establishing trust for resource sharing and collaboration has become an important issue in distributed computing environment. In this paper, we investigate the problem of establishing trust in hybrid cloud computing environments. As the scope of federated cloud computing enlarges to ubiquitous and pervasive computing, there will be a need to assess and maintain the trustworthiness of the cloud computing entities. We present a fully distributed framework that enable trust-based cloud customer and cloud service provider interactions. The framework aids a service consumer in assigning an appropriate weight to the feedback of different raters regarding a prospective service provider. Based on the framework, we developed a mechanism for controlling falsified feedback ratings from iteratively exerting trust level contamination due to falsified feedback ratings. The experimental analysis shows that the proposed framework successfully dilutes the effects of falsified feedback ratings, thereby facilitating accurate and fair assessment of the service reputations.

Trust ticket deployment : a notion of a data owner's trust in cloud computing

While cloud computing (CC) is a scalable model of shared infrastructure and on-demand computing, it lacks a transparent trust and security mechanism. A data owner (DO) loses control over the data outsourced to a machine in the cloud controlled and operated by a cloud service provider (CSP). This machine is at a location unknown to a data owner. This loss of control over data is further intensified with the lack of managing users' access to the data from practical cloud computing perspectives. In this paper, we introduce a new mechanism of ensuring trust and security in Software as a Service (SaaS) CC. Trust Ticket, with the supporting protocols, is our mechanism that helps a data owner in establishing a link between a CSP and a registered user. In our mechanism, a user first gets registered with a DO before receiving a Trust Ticket and a secret key from that DO. Each Trust Ticket is unique and encrypted. On completing the registration of each user, the DO apprises the CSP of the Trust Ticket. Trust Ticket and secret key are respectively for the registered user's getting accepted to the CSP and having a view of the data owner's data upon a successful verification by the CSP. We have done our experiment in Java network programming by creating an emulated cloud computing framework under the VMware ESXi 4.1 hyper visor based platform. Using the framework, we have evaluated our algorithmic protocol for Trust Ticket. We have also compared our work with prior work. Overall performance of our work is better. We argue that our proposed algorithmic protocol for Trust Ticket deployment establishes a data owner's trust. This trust is established through a data owner's control over data and a registered user, because a registered user is linked with a CSP by a data owner through Trust Ticket.