A layered security approach for cloud computing infrastructure

This paper introduces a practical security model based on key security considerations by looking at a number of infrastructure aspects of Cloud Computing such as SaaS, Utility, Web, Platform and Managed Services, Service commerce platforms and Internet Integration which was introduced with a concise literature review. The purpose of this paper is to offer a macro level solution for identified common infrastructure security requirements. This model with a number of emerged patterns can be applied to infrastructure aspect of Cloud Computing as a proposed shared security approach in system development life cycle focusing on the plan-built-run scope.

Energy-efficient management of data center resources for cloud computing : a vision, architectural elements, and open challenges

Cloud computing is offering utility-oriented IT services to users worldwide. Based on a pay-as-you-go model, it enables hosting of pervasive applications from consumer, scientific, and business domains. However, data centers hosting Cloud applications consume huge amounts of energy, contributing to high operational costs and carbon footprints to the environment. Therefore, we need Green Cloud computing solutions that can not only save energy for the environment but also reduce operational costs. This paper presents vision, challenges, and architectural elements for energy-efficient management of Cloud computing environments. We focus on the development of dynamic resource provisioning and allocation algorithms that consider the synergy between various data center infrastructures (i.e., the hardware, power units, cooling and software), and holistically work to boost data center energy efficiency and performance. In particular, this paper proposes (a) architectural principles for energy-efficient management of Clouds; (b) energy-efficient resource allocation policies and scheduling algorithms considering quality-of-service expectations, and devices power usage characteristics; and (c) a novel software technology for energy-efficient management of Clouds. We have validated our approach by conducting a set of rigorous performance evaluation study using the CloudSim toolkit. The results demonstrate that Cloud computing model has immense potential as it offers significant performance gains as regards to response time and cost saving under dynamic workload scenarios.

Above the trust and security in cloud computing : a notion towards innovation

While the nascent Cloud Computing paradigm supported by virtualization has the upward new notion of edges, it lacks proper security and trust mechanisms. Edges are like on demand scalability and infinite resource provisioning as per the `pay-as-you-go' manner in favour of a single information owner (abbreviated as INO from now onwards) to multiple corporate INOs. While outsourcing information to a cloud storage controlled by a cloud service provider (abbreviated as CSP from now onwards) relives an information owner of tackling instantaneous oversight and management needs, a significant issue of retaining the control of that information to the information owner still needs to be solved. This paper perspicaciously delves into the facts of the Cloud Computing security issues and aims to explore and establish a secure channel for the INO to communicate with the CSP while maintaining trust and confidentiality. The objective of the paper is served by analyzing different protocols and proposing the one in commensurate with the requirement of the security property like information or data confidentiality along the line of security in Cloud Computing Environment (CCE). To the best of our knowledge, we are the first to derive a secure protocol by successively eliminating the dangling pitfalls that remain dormant and thereby hamper confidentiality and integrity of information that is worth exchanging between the INO and the CSP. Besides, conceptually, our derived protocol is compared with the SSL from the perspectives of work flow related activities along the line of secure trusted path for information confidentiality.

Toward higher level abstractions for cloud computing

The general idea of cloud computing is offering computational resources as scalable, on demand services accessible over the internet. However, this new realisation of on demand computing is hindered by the amount of user involvement. Currently, high level abstractions in cloud computing only exist in the form of services. In particular, there is no effective means to publish, discover and finally use required services in clouds. In response, we propose a user level abstraction on top of already available cloud abstraction layers, present its concept using the resources via web services (RVWS) framework and demonstrate its feasibility by simplifying the exposure and use of clusters, a commonly used resource in cloud computing.

Establishing trust in hybrid cloud computing environments

Establishing trust for resource sharing and collaboration has become an important issue in distributed computing environment. In this paper, we investigate the problem of establishing trust in hybrid cloud computing environments. As the scope of federated cloud computing enlarges to ubiquitous and pervasive computing, there will be a need to assess and maintain the trustworthiness of the cloud computing entities. We present a fully distributed framework that enable trust-based cloud customer and cloud service provider interactions. The framework aids a service consumer in assigning an appropriate weight to the feedback of different raters regarding a prospective service provider. Based on the framework, we developed a mechanism for controlling falsified feedback ratings from iteratively exerting trust level contamination due to falsified feedback ratings. The experimental analysis shows that the proposed framework successfully dilutes the effects of falsified feedback ratings, thereby facilitating accurate and fair assessment of the service reputations.

Trust ticket deployment : a notion of a data owner's trust in cloud computing

While cloud computing (CC) is a scalable model of shared infrastructure and on-demand computing, it lacks a transparent trust and security mechanism. A data owner (DO) loses control over the data outsourced to a machine in the cloud controlled and operated by a cloud service provider (CSP). This machine is at a location unknown to a data owner. This loss of control over data is further intensified with the lack of managing users' access to the data from practical cloud computing perspectives. In this paper, we introduce a new mechanism of ensuring trust and security in Software as a Service (SaaS) CC. Trust Ticket, with the supporting protocols, is our mechanism that helps a data owner in establishing a link between a CSP and a registered user. In our mechanism, a user first gets registered with a DO before receiving a Trust Ticket and a secret key from that DO. Each Trust Ticket is unique and encrypted. On completing the registration of each user, the DO apprises the CSP of the Trust Ticket. Trust Ticket and secret key are respectively for the registered user's getting accepted to the CSP and having a view of the data owner's data upon a successful verification by the CSP. We have done our experiment in Java network programming by creating an emulated cloud computing framework under the VMware ESXi 4.1 hyper visor based platform. Using the framework, we have evaluated our algorithmic protocol for Trust Ticket. We have also compared our work with prior work. Overall performance of our work is better. We argue that our proposed algorithmic protocol for Trust Ticket deployment establishes a data owner's trust. This trust is established through a data owner's control over data and a registered user, because a registered user is linked with a CSP by a data owner through Trust Ticket.

Enhancing cloud computing environments using a cluster as a service

The emergence of cloud computing has caused a significant change in how IT infrastructures are provided to research and business organizations. Instead of paying for expensive hardware and incur excessive maintenance costs, it is now possible to rent the IT infrastructure of other organizations for a minimal fee. While the existence of cloud computing is new. The elements used to create clouds have been around for some time. Cloud computing systems have been made possible through the use of large-scale clusters, service-oriented architecture (SOA), Web services, and virtualization. While the idea of offering resources via Web services is commonplace in cloud computing, little attention has been paid to the clients themselves specifically, human operators. Despite that clouds host a variety of resources which in turn are accessible to a variety of clients, support for human users is minimal.

Cloud computing services : theoretical foundations of ethical and entrepreneurial adoption behaviour

Clouicomputing is an emerging service technology that has ethical and entrepreneurial implications. Due to technological innovations increasing the attention placed on cloud computing services, more people are focusing on the security and privacy issues determined by ethical guidelines and how the technology is evolving as an entrepreneurial service innov.ation. This paper presents a theoretical perspective on how a person adopts cloud computing. The literature on technology innovation and adoption behaviour is examined with a focus on social cognitive theory. A theoretical framework is then presented, which indicates a number of propositions to describe the intention of a person to adopt cloud computing services. The role of technology marketing capability, sustained learning and outcome expectancy are included in helping to understand the role of cloud computing applications. Suggestions for future research and practical implications are stated.

Modeling a dynamic data replication strategy to increase system availability in cloud computing environments

Failures are normal rather than exceptional in the cloud computing environments. To improve system avai-lability, replicating the popular data to multiple suitable locations is an advisable choice, as users can access the data from a nearby site. This is, however, not the case for replicas which must have a fixed number of copies on several locations. How to decide a reasonable number and right locations for replicas has become a challenge in the cloud computing. In this paper, a dynamic data replication strategy is put forward with a brief survey of replication strategy suitable for distributed computing environments. It includes: 1) analyzing and modeling the relationship between system availability and the number of replicas; 2) evaluating and identifying the popular data and triggering a replication operation when the popularity data passes a dynamic threshold; 3) calculating a suitable number of copies to meet a reasonable system byte effective rate requirement and placing replicas among data nodes in a balanced way; 4) designing the dynamic data replication algorithm in a cloud. Experimental results demonstrate the efficiency and effectiveness of the improved system brought by the proposed strategy in a cloud.