The twofold role of Cloud Computing in Digital Forensics: target of investigations and helping hand to evidence analysis

This PhD thesis discusses the impact of Cloud Computing infrastructures on Digital Forensics in the twofold role of target of investigations and as a helping hand to investigators. The Cloud offers a cheap and almost limitless computing power and storage space for data which can be leveraged to commit either new or old crimes and host related traces. Conversely, the Cloud can help forensic examiners to find clues better and earlier than traditional analysis applications, thanks to its dramatically improved evidence processing capabilities. In both cases, a new arsenal of software tools needs to be made available. The development of this novel weaponry and its technical and legal implications from the point of view of repeatability of technical assessments is discussed throughout the following pages and constitutes the unprecedented contribution of this work

Sviluppo storico ed economico del cloud computing: Cloud foundry come esempio di platform as a service

Il Cloud Computing è una realtà sempre più diffusa e discussa nel nostro periodo storico, ma probabilmente non è ancora chiaro a tutti di cosa si tratta e le potenzialità che possiede. Infatti, non esiste ancora una definizione univoca e condivisa e questo può creare confusione. Oggi le grandi compagnie nella comunità informatica spingono sempre di più per affermare i servizi Cloud a livello mondiale, non solo per le aziende del settore, ma anche per tutte le altre. Ed è così che le aziende di tutto il mondo si muovono per imparare e adottare questa nuova tecnologia, per spostare i loro centri dati e le loro applicazioni nel Cloud. Ma dove e quando nasce il Cloud Computing? Quali sono realmente i benefici per le aziende che adottano questa tecnologia? Questo è l'obiettivo della mia tesi: cercare di far chiarezza sulla sua definizione, indagare sulla sua nascita e fare un quadro economico del suo sviluppo, analizzando i benefici per le aziende e le opportunità offerte. Come caso di studio ho scelto la piattaforma Cloud Foundry perchè in questo momento è in forte espansione e sta facendo un grosso lavoro per cercare di rendere il suo prodotto uno standard per il Cloud Computing. Come esempio particolare di piattaforma basata su Cloud Foundry si parlerà di Bluemix, la piattaforma Cloud offerta da IBM, una delle più grandi aziende nel settore informatico.

Problematiche di trust e privacy negli ambienti di cloud computing

Questa tesi si prefigge l’obiettivo di analizzare alcuni aspetti critici della sicurezza in ambito cloud. In particolare, i problemi legati alla privacy, dai termini di utilizzo alla sicurezza dei dati personali più o meno sensibili. L’aumento esponenziale di dati memorizzati nei sistemi di cloud storage (es. Dropbox, Amazon S3) pone il problema della sensibilità dei dati su un piano tutt'altro che banale, dovuto anche a non ben chiare politiche di utilizzo dei dati, sia in termini di cessione degli stessi a società di terze parti, sia per quanto riguarda le responsabilità legali. Questa tesi cerca di approfondire ed esaminare le mancanze più preoccupanti degli stessi. Oltre ad analizzare le principali criticità e i punti deboli dei servizi cloud, l’obiettivo di questo lavoro sarà quello di fare chiarezza sui passi e le infrastrutture che alcune aziende (es. Amazon) hanno implementato per avvicinarsi all’idea di 'safeness' nel cloud. Infine, l’ultimo obiettivo posto sarà l’individuazione di criteri per la valutazione/misura del grado di fiducia che l’utente può porre in questo contesto, distinguendo diversi criteri per classi di utenti. La tesi è strutturata in 4 capitoli: nel primo sarà effettuata una tassonomia dei problemi presenti nei sistemi cloud. Verranno presentati anche alcuni avvenimenti della storia recente, in cui queste problematiche sono affiorate. Nel secondo capitolo saranno trattate le strategie di 'safeness' adottate da alcune aziende, in ambito cloud. Inoltre, saranno presentate alcune possibili soluzioni, dal punto di vista architetturale. Si vedrà come il ruolo dell'utente sarà di estrema importanza. Il terzo capitolo sarà incentrato sulla ricerca di strumenti e metodi di valutazione che un utente, o gruppo di utenti, può utilizzare nei confronti di questi sistemi. Infine, il quarto capitolo conterrà alcune considerazioni conlusive sul lavoro svolto e sui possibili sviluppi di questa tesi.

Scalable and Seamless Discovery and Selection of Services in Mobile Cloud Computing

Mobile devices are now capable of supporting a wide range of applications, many of which demand an ever increasing computational power. To this end, mobile cloud computing (MCC) has been proposed to address the limited computation power, memory, storage, and energy of such devices. An important challenge in MCC is to guarantee seamless discovery of services. To this end, this thesis proposes an architecture that provides user-transparent and low-latency service discovery, as well as automated service selection. Experimental results on a real cloud computing testbed demonstrated that the proposed work outperforms state of-the-art approaches by achieving extremely low discovery delay.

Towards Energy Consumption Measurement in a Cloud Computing Wireless Testbed

The evolution of the Next Generation Networks, especially the wireless broadband access technologies such as Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX), have increased the number of "all-IP" networks across the world. The enhanced capabilities of these access networks has spearheaded the cloud computing paradigm, where the end-users aim at having the services accessible anytime and anywhere. The services availability is also related with the end-user device, where one of the major constraints is the battery lifetime. Therefore, it is necessary to assess and minimize the energy consumed by the end-user devices, given its significance for the user perceived quality of the cloud computing services. In this paper, an empirical methodology to measure network interfaces energy consumption is proposed. By employing this methodology, an experimental evaluation of energy consumption in three different cloud computing access scenarios (including WiMAX) were performed. The empirical results obtained show the impact of accurate network interface states management and application network level design in the energy consumption. Additionally, the achieved outcomes can be used in further software-based models to optimized energy consumption, and increase the Quality of Experience (QoE) perceived by the end-users.

Missing Links in the Proposed EU Data Protection Regulation and Cloud Computing Scenarios: A Brief Overview

Applying location-focused data protection law within the context of a location-agnostic cloud computing framework is fraught with difficulties. While the Proposed EU Data Protection Regulation has introduced a lot of changes to the current data protection framework, the complexities of data processing in the cloud involve various layers and intermediaries of actors that have not been properly addressed. This leaves some gaps in the regulation when analyzed in cloud scenarios. This paper gives a brief overview of the relevant provisions of the regulation that will have an impact on cloud transactions and addresses the missing links. It is hoped that these loopholes will be reconsidered before the final version of the law is passed in order to avoid unintended consequences.

Improving Management of Distributed Services Using Correlations and Predictions in SLA-Driven Cloud Computing Systems

Recent advancements in cloud computing have enabled the proliferation of distributed applications, which require management and control of multiple services. However, without an efficient mechanism for scaling services in response to changing environmental conditions and number of users, application performance might suffer, leading to Service Level Agreement (SLA) violations and inefficient use of hardware resources. We introduce a system for controlling the complexity of scaling applications composed of multiple services using mechanisms based on fulfillment of SLAs. We present how service monitoring information can be used in conjunction with service level objectives, predictions, and correlations between performance indicators for optimizing the allocation of services belonging to distributed applications. We validate our models using experiments and simulations involving a distributed enterprise information system. We show how discovering correlations between application performance indicators can be used as a basis for creating refined service level objectives, which can then be used for scaling the application and improving the overall application's performance under similar conditions.

Service Level Agreements-Driven Management of Distributed Applications in Cloud Computing Environments

Cloud Computing enables provisioning and distribution of highly scalable services in a reliable, on-demand and sustainable manner. However, objectives of managing enterprise distributed applications in cloud environments under Service Level Agreement (SLA) constraints lead to challenges for maintaining optimal resource control. Furthermore, conflicting objectives in management of cloud infrastructure and distributed applications might lead to violations of SLAs and inefficient use of hardware and software resources. This dissertation focusses on how SLAs can be used as an input to the cloud management system, increasing the efficiency of allocating resources, as well as that of infrastructure scaling. First, we present an extended SLA semantic model for modelling complex service-dependencies in distributed applications, and for enabling automated cloud infrastructure management operations. Second, we describe a multi-objective VM allocation algorithm for optimised resource allocation in infrastructure clouds. Third, we describe a method of discovering relations between the performance indicators of services belonging to distributed applications and then using these relations for building scaling rules that a CMS can use for automated management of VMs. Fourth, we introduce two novel VM-scaling algorithms, which optimally scale systems composed of VMs, based on given SLA performance constraints. All presented research works were implemented and tested using enterprise distributed applications.

Service level agreements-driven management of distributed applications in cloud computing environments

Advancements in cloud computing have enabled the proliferation of distributed applications, which require management and control of multiple services. However, without an efficient mechanism for scaling services in response to changing workload conditions, such as number of connected users, application performance might suffer, leading to violations of Service Level Agreements (SLA) and possible inefficient use of hardware resources. Combining dynamic application requirements with the increased use of virtualised computing resources creates a challenging resource Management context for application and cloud-infrastructure owners. In such complex environments, business entities use SLAs as a means for specifying quantitative and qualitative requirements of services. There are several challenges in running distributed enterprise applications in cloud environments, ranging from the instantiation of service VMs in the correct order using an adequate quantity of computing resources, to adapting the number of running services in response to varying external loads, such as number of users. The application owner is interested in finding the optimum amount of computing and network resources to use for ensuring that the performance requirements of all her/his applications are met. She/he is also interested in appropriately scaling the distributed services so that application performance guarantees are maintained even under dynamic workload conditions. Similarly, the infrastructure Providers are interested in optimally provisioning the virtual resources onto the available physical infrastructure so that her/his operational costs are minimized, while maximizing the performance of tenants’ applications. Motivated by the complexities associated with the management and scaling of distributed applications, while satisfying multiple objectives (related to both consumers and providers of cloud resources), this thesis proposes a cloud resource management platform able to dynamically provision and coordinate the various lifecycle actions on both virtual and physical cloud resources using semantically enriched SLAs. The system focuses on dynamic sizing (scaling) of virtual infrastructures composed of virtual machines (VM) bounded application services. We describe several algorithms for adapting the number of VMs allocated to the distributed application in response to changing workload conditions, based on SLA-defined performance guarantees. We also present a framework for dynamic composition of scaling rules for distributed service, which used benchmark-generated application Monitoring traces. We show how these scaling rules can be combined and included into semantic SLAs for controlling allocation of services. We also provide a detailed description of the multi-objective infrastructure resource allocation problem and various approaches to satisfying this problem. We present a resource management system based on a genetic algorithm, which performs allocation of virtual resources, while considering the optimization of multiple criteria. We prove that our approach significantly outperforms reactive VM-scaling algorithms as well as heuristic-based VM-allocation approaches.

Cloud Computing Service for Managing Large Medical Image Data-Sets Using Balanced Collaborative Agents

Managing large medical image collections is an increasingly demanding important issue in many hospitals and other medical settings. A huge amount of this information is daily generated, which requires robust and agile systems. In this paper we present a distributed multi-agent system capable of managing very large medical image datasets. In this approach, agents extract low-level information from images and store them in a data structure implemented in a relational database. The data structure can also store semantic information related to images and particular regions. A distinctive aspect of our work is that a single image can be divided so that the resultant sub-images can be stored and managed separately by different agents to improve performance in data accessing and processing. The system also offers the possibility of applying some region-based operations and filters on images, facilitating image classification. These operations can be performed directly on data structures in the database.

Cloud Computing en salud: Sistema para Administrar Imagenes Biomedicas

En el campo de la biomedicina se genera una inmensa cantidad de imágenes diariamente. Para administrarlas es necesaria la creación de sistemas informáticos robustos y ágiles, que necesitan gran cantidad de recursos computacionales. El presente artículo presenta un servicio de cloud computing capaz de manejar grandes colecciones de imágenes biomédicas. Gracias a este servicio organizaciones y usuarios podrían administrar sus imágenes biomédicas sin necesidad de poseer grandes recursos informáticos. El servicio usa un sistema distribuido multi agente donde las imágenes son procesadas y se extraen y almacenan en una estructura de datos las regiones que contiene junto con sus características. Una característica novedosa del sistema es que una misma imagen puede ser dividida, y las sub-imágenes resultantes pueden ser almacenadas por separado por distintos agentes. Esta característica ayuda a mejorar el rendimiento del sistema a la hora de buscar y recuperar las imágenes almacenadas.

Reliability issues related to the usage of Cloud Computing in Critical Infrastructures

The use of cloud computing is extending to all kind of systems, including the ones that are part of Critical Infrastructures, and measuring the reliability is becoming more difficult. Computing is becoming the 5th utility, in part thanks to the use of cloud services. Cloud computing is used now by all types of systems and organizations, including critical infrastructure, creating hidden inter-dependencies on both public and private cloud models. This paper investigates the use of cloud computing by critical infrastructure systems, the reliability and continuity of services risks associated with their use by critical systems. Some examples are presented of their use by different critical industries, and even when the use of cloud computing by such systems is not widely extended, there is a future risk that this paper presents. The concepts of macro and micro dependability and the model we introduce are useful for inter-dependency definition and for analyzing the resilience of systems that depend on other systems, specifically in the cloud model.

Algunos retos de la protección de datos en la sociedad del conocimiento. Especial detenimiento en la computación en la nube (cloud computing).

Los continuos avances tecnológicos están trayendo consigo nuevas formas de almacenar, tratar y comunicar datos personales. Es necesario repensar el derecho fundamental a la protección de datos, y arbitrar mecanismos para adaptarlo a las nuevas formas de tratamiento. a nivel europeo se está trabajando en una nueva propuesta de regulación que consideramos, en general, muy apropiada para afrontar los nuevos retos en esta materia. para ejemplificar todo esto, en el presente estudio se plantea de forma detallada el caso de la computación en nube, sus principales características y algunas preocupaciones acerca de los riesgos potenciales que su utilización trae consigo. Abstract: Rapid technological developments are bringing new ways to store, process and communicate personal data. We need to rethink the fundamental right to data protection and adapt it to new forms of treatment. there is a new «european» proposal for a regulation on the protection of individuals with regard to the processing of personal data, well suited to meet the new challenges. this study offers one example of this: the cloud computing, its main characteristics and some concerns about the potential risks that its use entails.