Avaliação de desempenho de mecanismos de segurança em ambientes PACS (Picture Archiving and Communication System) baseados em computação em nuvem / Performance evaluation of security mechanisms in PACS environments (Picture Archiving and Communication System) based on cloud computing

Sant\'Ana, Fábio Sousa de

07 November 2016

Introdução: A adoção de um Sistema de Arquivamento e Distribuição de Imagens (PACS, do inglês Picture Archiving and Communication System) é condição fundamental para a estruturação de um ambiente radiológico sem filme. Um PACS é composto basicamente por equipamentos e sistemas informatizados interconectados em rede, direcionados à aquisição, armazenamento (ou arquivamento), recuperação e apresentação de imagens médicas aos especialistas responsáveis por avaliá-las e laudá-las. A computação em nuvem vem ao encontro dos PACS e surge como uma maneira de simplificar o compartilhamento de imagens entre organizações de saúde e promover a virtualização de espaços físicos e para garantir o seu funcionamento ininterrupto.Objetivo: Este estudo teve como objetivo implementar um PACS simplificado em ambiente cloud computing privado, com foco nas funcionalidades de arquivamento e disponibilização de imagens médicas e avaliar questões de segurança e performance. Metodologia: As imagens que compuseram o PACS do ambiente cloud foram obtidas através do PACS físico atualmente em uso no Centro de Ciência das Imagens e Física Médica do Hospital das Clinicas da Faculdade de Medicina de Ribeirão Preto - CCIFM/HCFMRP. Para os procedimentos da avaliação de segurança foram construídos cenários que possibilitavam a: 1) anominização de dados de identificação dos pacientes através de criptografia computacional em base de dados utilizando o algoritmo de criptografia Advanced Encryption Standard - AES, 2) transferência de imagens médicas seguras através de conexão com a Internet utilizando Virtual Network Private - VPN sobre o protocolo Internet Protocol Security - IPSec (VPN/IPSec) e 3) envio seguro através de tunelamento baseado em Secure Shell - SSH. Resultados: Foi identificada uma queda de performance no envio de informações para a nuvem quando submetidos aos níveis de segurança propostos, sugerindo a relação entre aumento de segurança e perda de performance, apontando para a necessidade de estudos de desempenho quando da condução de projetos envolvam a adoção em ambientes clínicos de solução PACS baseada em cloud computing. / Introduction: the adoption of a PCAS (Picture Archiving and Communication System) is fundamental for the structuring of a radiological environment without film. A PACS comprises, essentially, hardware and information systems interconnected in a network, oriented towards acquisition, storage (or archiving), retrieving and presentation of medical images to specialists entrusted with analyzing and assessing them. Cloud computing comes to support of PCAS, simplifying medical imaging sharing between health care organizations and promoting the virtualization of physical infrastructure to assure uninterrupted availability of the PCAS. Goal: This study aimed to implement a simplified PCAS in a private cloud computing environment, and subsequently to evaluate its security and performance. Methodology: The images that formed the new PCAS were obtained from the exiting PCAS of Centro de Ciência das Imagens e Física Médica of Hospital das Clinicas da Faculdade de Medicina de Ribeirão Preto - CCIFM/HCFMRP. To evaluate its security, scenarios were built within the following framework: 1) patient identification data anonymization through computational database cryptography, using the AES (Advanced Encription Standards) algorithm ; 2) transfer of encrypted medical images on the Internet using VPN (Virtual Private Network) over IPSec (Internet Protocol Security); and 3) safe traffic through Secure Shell (SSH) tunneling. Results: There was a performance drop on traffic of information to the cloud under the proposed security levels that suggests a relationship between increase in security and loss of performance, pointing to the need for performance studies when the project involving driving adoption in clinical environments PACS solution based on cloud computing.

Cloud

Cloud security

Nuvem

PACS

PACS

PACS over cloud computing

PACS over cloud computing

Segurança em nuvem

SSH

SSH

Information Security Risk Assessment in Cloud

Faizi, Ana

January 2019

This research addresses the issue of information security risk assessment (ISRA) on cloud solutions implemented for large companies. Four companies were studied, of which three used cloud services and conducted ISRA, while one provided cloud services and consultancy to customers on ISRA. Data were gathered qualitatively to (1) analyze the cloud using companies’ practices and (2) to identify regularities observed by the cloud providing company. The COAT-hanger model, which focuses on theorizing the practices, was used to study the practices. The results showed that the companies aimed to follow the guidelines, in the form of frameworks or their own experience, to conduct ISRA; furthermore, the frameworks were altered to fit the companies’ needs. The results further indicated that one of the main concerns with the cloud ISRA was the absence of a culture that integrates risk management. In addition, the companies’ boards lacked interest in and/or awareness of risks associated with the cloud solutions. Finally, the finding also stressed the importance of a good understanding and a well written legal contract between the cloud providers and the companies utilizing the cloud services.

Information Security

Risk Assessment

Cloud Security

Risk Analysis

Risk Identification

Risk Evaluation

Practical Security

Computer Sciences

Datavetenskap (datalogi)

Privat molnlagring i arbetet : En fallstudie om hur ett IT-företaghanterar att anställda använder privatmolnlagring för arbetsrelateradinformation / Private cloud storage at work : A case study on how an IT companymitigates that employees use theirprivate cloud storage to store workrelated information

Berg, Markus

January 2018

Denna fallstudie har undersökt och studerat hur ett företag som arbetar med informationsteknologi (IT) hanterar problemet att anställda lagrar arbetsrelaterad information i sina privata molnlagringstjänster. En enkätundersökning gjordes för att undersöka och jämföra hur olika avdelningar på företaget bland annat använder sin privata molnlagringstjänst och om de är medvetna om risker med molnlagring. En intervju genomfördes med en informant från företaget för att kontrastera svaren från enkätundersökningen. Vidare genomfördes också en valideringsintervju med en informant från ett annat företag som arbetar inom samma bransch.Resultatet visade att anställda som arbetar inom IT-branschen faktiskt lagrar eller har lagrat arbetsrelaterade information i sina privata molnlagringstjänster. En av avdelningarna som deltog i enkäten var informationssäkerhetsteamet. Anställda som arbetar med informationssäkerhet kan antas vara mest pålästa och kunniga vad gäller säkerhet kring information, trots det så visade resultatet att dessa personer var de som använde privat molnlagring mest, i jämförelse med övriga avdelningar. Vidare så visar resultatet också att företagen arbetar med att motverka och upplysa anställda om risker med hur information hanteras, det ena företaget i synnerhet arbetar väldigt proaktivt och tar informationssäkerhet på stort allvar. / In this work, a case study was made on one company that is working with IT. The study was made to see how an IT company mitigates and handles the problem that employees use their private cloud storage to store work related information. A survey was sent to three different departments at the company to examine what employees think about private cloud storage and work related information and how and if it differs between different departments. One interview was also made with one informant from the same company to compare with the results from the survey. A second interview with another company was also made to validate the result from the first interview.The results from the survey showed that employees do store or have stored work related information in their private cloud storage, despite that the company policies forbid it. One of the departments that the survey was sent to was the information security team. It can be assumed that employees that work with information security have better understanding about security regarding information and how it should be stored. Despite that did the results show that the information security team was the department that used private cloud storage the most, compared to the other departments. The results from the interviews shows that the companies at least have policies on how and where the employees are allowed to store work related information. One company in particular works really hard and continuously to educate and enlighten its employees to take great care when dealing with work related information.

Cloud storage

private cloud storage

cloud security

Molnlagring

privat molnlagring

säkerhet i molnet

Computer and Information Sciences

Data- och informationsvetenskap

Cloudacc: a cloud-based accountability framework for federated cloud

RODRIGUES, Thiago Gomes

08 September 2016

Submitted by Fabio Sobreira Campos da Costa (fabio.sobreira@ufpe.br) on 2017-04-19T15:09:08Z No. of bitstreams: 2 license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5) tgr_thesis.pdf: 4801672 bytes, checksum: ce1d30377cfe8fad52dbfd02d55554e6 (MD5) / Made available in DSpace on 2017-04-19T15:09:08Z (GMT). No. of bitstreams: 2 license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5) tgr_thesis.pdf: 4801672 bytes, checksum: ce1d30377cfe8fad52dbfd02d55554e6 (MD5) Previous issue date: 2016-09-08 / The evolution of software service delivery has changed the way accountability is performed. The complexity related to cloud computing environments increases the difficulty in properly performing accountability, since the evidences are spread through the whole infrastructure, from different servers, in physical, virtualization and application layers. This complexity increases when the cloud federation is considered because besides the inherent complexity of the virtualized environment, the federation members may not implement the same security procedures and policies. The main objective of this thesis is to propose an accountability framework named CloudAcc, that supports audit, management, planning and billing process in federated cloud environments, increasing trust and transparency. Furthermore, CloudAcc considers the legal safeguard requirements presented in Brazilian Marco Civil da Internet. We confirm the CloudAcc effectiveness when some infrastructure elements were submitted against Denial of Service (DoS) and Brute Force attacks, and our framework was able to detect them. Facing the results obtained, we can conclude that CloudAcc contributes to the state-of-the-art once it provides the holistic vision of the cloud federated environment through the evidence collection considering the three layers, supporting audit, management, planning and billing process in federated cloud environments. / A maneira de realizar accountability tem variado à medida em que o modo de entrega de serviços de Tecnologia da Informação (TI) tem evoluído. Em ambientes de nuvem a complexidade de realizar accountability apropriadamente é alta porque as evidências devem ser coletadas considerando-se as camadas física, de virtualização e de aplicações, que estão espalhadas em diferentes servidores e elementos da infraestrutura. Esta complexidade é ampliada quando ocorre a federação das infraestruturas de nuvem porque além da complexidade inerente ao ambiente virtualizado, os membros da federação podem não ter os mesmos grupos de políticas e práticas de segurança. O principal objetivo desta tese é propor um framework de accountability, denominado CloudAcc, que suporte processos de auditoria, gerenciamento, planejamento e cobrança, em nuvens federadas, aumentando a confiança e a transparência. Além disso, o CloudAcc também considera os requisitos legais para a salvaguarda dos registros, conforme descrito no Marco Civil da Internet brasileira. A efetividade do CloudAcc foi confirmada quando alguns componentes da infraestrutura da nuvem foram submetidos a ataques de negação de serviço e de força bruta, e o framework foi capaz de detectá-los. Diante dos resultados obtidos, pode-se concluir que o CloudAcc contribui para o estado-da-arte, uma vez que fornece uma visão holística do ambiente de nuvem federada através da coleta de evidências em três camadas suportando os processos de auditoria, gerenciamento, planejamento e cobrança.

Federação de nuvens

Accountability

Segurança em nuvem

Transparência

Conformidade com a lei

Cloud federation

Accountability

Cloud security

Transparency

Law compliance

Avaliação de desempenho de mecanismos de segurança em ambientes PACS (Picture Archiving and Communication System) baseados em computação em nuvem / Performance evaluation of security mechanisms in PACS environments (Picture Archiving and Communication System) based on cloud computing

Fábio Sousa de Sant\'Ana

07 November 2016

Introdução: A adoção de um Sistema de Arquivamento e Distribuição de Imagens (PACS, do inglês Picture Archiving and Communication System) é condição fundamental para a estruturação de um ambiente radiológico sem filme. Um PACS é composto basicamente por equipamentos e sistemas informatizados interconectados em rede, direcionados à aquisição, armazenamento (ou arquivamento), recuperação e apresentação de imagens médicas aos especialistas responsáveis por avaliá-las e laudá-las. A computação em nuvem vem ao encontro dos PACS e surge como uma maneira de simplificar o compartilhamento de imagens entre organizações de saúde e promover a virtualização de espaços físicos e para garantir o seu funcionamento ininterrupto.Objetivo: Este estudo teve como objetivo implementar um PACS simplificado em ambiente cloud computing privado, com foco nas funcionalidades de arquivamento e disponibilização de imagens médicas e avaliar questões de segurança e performance. Metodologia: As imagens que compuseram o PACS do ambiente cloud foram obtidas através do PACS físico atualmente em uso no Centro de Ciência das Imagens e Física Médica do Hospital das Clinicas da Faculdade de Medicina de Ribeirão Preto - CCIFM/HCFMRP. Para os procedimentos da avaliação de segurança foram construídos cenários que possibilitavam a: 1) anominização de dados de identificação dos pacientes através de criptografia computacional em base de dados utilizando o algoritmo de criptografia Advanced Encryption Standard - AES, 2) transferência de imagens médicas seguras através de conexão com a Internet utilizando Virtual Network Private - VPN sobre o protocolo Internet Protocol Security - IPSec (VPN/IPSec) e 3) envio seguro através de tunelamento baseado em Secure Shell - SSH. Resultados: Foi identificada uma queda de performance no envio de informações para a nuvem quando submetidos aos níveis de segurança propostos, sugerindo a relação entre aumento de segurança e perda de performance, apontando para a necessidade de estudos de desempenho quando da condução de projetos envolvam a adoção em ambientes clínicos de solução PACS baseada em cloud computing. / Introduction: the adoption of a PCAS (Picture Archiving and Communication System) is fundamental for the structuring of a radiological environment without film. A PACS comprises, essentially, hardware and information systems interconnected in a network, oriented towards acquisition, storage (or archiving), retrieving and presentation of medical images to specialists entrusted with analyzing and assessing them. Cloud computing comes to support of PCAS, simplifying medical imaging sharing between health care organizations and promoting the virtualization of physical infrastructure to assure uninterrupted availability of the PCAS. Goal: This study aimed to implement a simplified PCAS in a private cloud computing environment, and subsequently to evaluate its security and performance. Methodology: The images that formed the new PCAS were obtained from the exiting PCAS of Centro de Ciência das Imagens e Física Médica of Hospital das Clinicas da Faculdade de Medicina de Ribeirão Preto - CCIFM/HCFMRP. To evaluate its security, scenarios were built within the following framework: 1) patient identification data anonymization through computational database cryptography, using the AES (Advanced Encription Standards) algorithm ; 2) transfer of encrypted medical images on the Internet using VPN (Virtual Private Network) over IPSec (Internet Protocol Security); and 3) safe traffic through Secure Shell (SSH) tunneling. Results: There was a performance drop on traffic of information to the cloud under the proposed security levels that suggests a relationship between increase in security and loss of performance, pointing to the need for performance studies when the project involving driving adoption in clinical environments PACS solution based on cloud computing.

Nuvem

PACS

PACS over cloud computing

Segurança em nuvem

SSH

Cloud

Cloud security

PACS

PACS over cloud computing

SSH

Ochrana soukromí v cloudu / Privacy protection in cloud

Chernikau, Ivan

Unknown Date

In the Master’s thesis were described privacy protection problems while using cloud technologies. Some of the problems can be solved with help of homomorphic encryption, data splitting or searchable encryption. These techniques were described and compared by provided security, privacy protection and efficiency. The data splitting technique was chosen and implemented in the C language. Afterwards a performance of the implemented solution was compared to AES encryption/decryption performance. An application for secured data storing in cloud was designed and implemented. This application is using the implemented data splitting technique and third-party application CloudCross. The designed application provides command line interface (CLI) and graphical user interface (GUI). GUI extends the capabilities of CLI with an ability to register cloud and with an autodetection of registered clouds. The process of uploading/downloading the data to/from cloud storage is transparent and it does not overload the user with technical details of used data splitting technique.

Ochrana soukromí v cloudu / Privacy protection in cloud

Chernikau, Ivan

January 2019

In the Master’s thesis were described privacy protection problems while using cloud technologies. Some of the problems can be solved with help of homomorphic encryption, data splitting or searchable encryption. These techniques were described and compared by provided security, privacy protection and efficiency. The data splitting technique was chosen and implemented in the C language. Afterwards a performance of the implemented solution was compared to AES encryption/decryption performance. An application for secured data storing in cloud was designed and implemented. This application is using the implemented data splitting technique and third-party application CloudCross. The designed application provides command line interface (CLI) and graphical user interface (GUI). GUI extends the capabilities of CLI with an ability to register cloud and with an autodetection of registered clouds. The process of uploading/downloading the data to/from cloud storage is transparent and it does not overload the user with technical details of used data splitting technique.

Essential Healthcare Services and Cloud Computing

Hourani, Osama

January 2021

Like many organizations, critical infrastructures and essential services are adopting cloud computing. The many benefits are however clouded with security concerns. These types of organizations and services are associated with severe societal and individual consequences from failures or incidents. They are naturally subject to strict regulations and requirements. Even if critical and essential services are adopting and utilizing cloud computing, organizations hesitate due to unsolved challenges with cloud computing for critical and essential services. To mitigate such unnecessary impediments and to enhance secure Health-CC, there is a need for an exploration of existing solutions for Health-CC, as well as investigating gaps, to provide improving considerations. To address this problem, the thesis investigated existing challenges and solutions for cloud computing security, regarding cloud computing within essential healthcare. Here, called “Health-CC”, and encompasses settings and processes where cloud computing is highly involved and where system, assets, and data protection are intensively actualized. The research question required the author to identify cloud computing challenges, thematize related solutions, patterns, gaps, and laying a basis for a well-based discussion on possible improving considerations – from a pertinent critical infrastructure protection perspective, for essential healthcare services. The chosen research question necessitated a problem-driven mixed methods approach, where a systematic literature review was utilized for the overall research guidance and selection procedures. Selection criteria were formulated to capture the mentioned Health-CC security settings. An integrated traditional literature review was added for the purpose of the scientific base. At the analysis level, the mixed methods approach facilitated a thematic synthesis analysis – to identify themes, patterns, and gaps or shortcomings, as well as lay the basis for following discussion of improving security considerations. Three solution groups were identified: specific techniques, software architecture, and assessment models. Further analysis of their solution types from a pertinent critical infrastructure protection perspective, identified multiple patterns: from recurring techniques or administrative components, targeted security issues, Health-CC environment focus, framework coverage, to the type of aspects and perspectives involved. This resulted in general patterns of solution components and perspectives, although revealing several shortcomings and possible improving considerations for enhanced Health-CC security: explicit critical infrastructure protection perspective; focus on continuity aspects; multi-party and multi-actor nature of Health-CC arrangement deserves more focus; system protection emphasis; availability concept and deterring properties highly considered; cloud environment specified when possible; data protection concerns only crucial and sensitive data required by law. Its conclusions on the exploration of solutions as well as improving considerations contribute to the HealthCC security field, to a satisfying degree.

cloud computing

essential healthcare

cloud security

critical infrastructure protection

system protection

data protection.

Computer Sciences

Datavetenskap (datalogi)

Préservation de la confidentialité des données externalisées dans le traitement des requêtes top-k / Privacy preserving top-k query processing over outsourced data

Mahboubi, Sakina

21 November 2018

L’externalisation de données d’entreprise ou individuelles chez un fournisseur de cloud, par exemple avec l’approche Database-as-a-Service, est pratique et rentable. Mais elle introduit un problème majeur: comment préserver la confidentialité des données externalisées, tout en prenant en charge les requêtes expressives des utilisateurs. Une solution simple consiste à crypter les données avant leur externalisation. Ensuite, pour répondre à une requête, le client utilisateur peut récupérer les données cryptées du cloud, les décrypter et évaluer la requête sur des données en texte clair (non cryptées). Cette solution n’est pas pratique, car elle ne tire pas parti de la puissance de calcul fournie par le cloud pour évaluer les requêtes.Dans cette thèse, nous considérons un type important de requêtes, les requêtes top-k, et le problème du traitement des requêtes top-k sur des données cryptées dans le cloud, tout en préservant la vie privée. Une requête top-k permet à l’utilisateur de spécifier un nombre k de tuples les plus pertinents pour répondre à la requête. Le degré de pertinence des tuples par rapport à la requête est déterminé par une fonction de notation.Nous proposons d’abord un système complet, appelé BuckTop, qui est capable d’évaluer efficacement les requêtes top-k sur des données cryptées, sans avoir à les décrypter dans le cloud. BuckTop inclut un algorithme de traitement des requêtes top-k qui fonctionne sur les données cryptées, stockées dans un nœud du cloud, et retourne un ensemble qui contient les données cryptées correspondant aux résultats top-k. Il est aidé par un algorithme de filtrage efficace qui est exécuté dans le cloud sur les données chiffrées et supprime la plupart des faux positifs inclus dans l’ensemble renvoyé. Lorsque les données externalisées sont volumineuses, elles sont généralement partitionnées sur plusieurs nœuds dans un système distribué. Pour ce cas, nous proposons deux nouveaux systèmes, appelés SDB-TOPK et SD-TOPK, qui permettent d’évaluer les requêtes top-k sur des données distribuées cryptées sans avoir à les décrypter sur les nœuds où elles sont stockées. De plus, SDB-TOPK et SD-TOPK ont un puissant algorithme de filtrage qui filtre les faux positifs autant que possible dans les nœuds et renvoie un petit ensemble de données cryptées qui seront décryptées du côté utilisateur. Nous analysons la sécurité de notre système et proposons des stratégies efficaces pour la mettre en œuvre.Nous avons validé nos solutions par l’implémentation de BuckTop, SDB-TOPK et SD-TOPK, et les avons comparé à des approches de base par rapport à des données synthétiques et réelles. Les résultats montrent un excellent temps de réponse par rapport aux approches de base. Ils montrent également l’efficacité de notre algorithme de filtrage qui élimine presque tous les faux positifs. De plus, nos systèmes permettent d’obtenir une réduction significative des coûts de communication entre les nœuds du système distribué lors du calcul du résultat de la requête. / Outsourcing corporate or individual data at a cloud provider, e.g. using Database-as-a-Service, is practical and cost-effective. But it introduces a major problem: how to preserve the privacy of the outsourced data, while supporting powerful user queries. A simple solution is to encrypt the data before it is outsourced. Then, to answer a query, the user client can retrieve the encrypted data from the cloud, decrypt it, and evaluate the query over plaintext (non encrypted) data. This solution is not practical, as it does not take advantage of the computing power provided by the cloud for evaluating queries.In this thesis, we consider an important kind of queries, top-k queries,and address the problem of privacy-preserving top-k query processing over encrypted data in the cloud.A top-k query allows the user to specify a number k, and the system returns the k tuples which are most relevant to the query. The relevance degree of tuples to the query is determined by a scoring function.We first propose a complete system, called BuckTop, that is able to efficiently evaluate top-k queries over encrypted data, without having to decrypt it in the cloud. BuckTop includes a top-k query processing algorithm that works on the encrypted data, stored at one cloud node,and returns a set that is proved to contain the encrypted data corresponding to the top-k results. It also comes with an efficient filtering algorithm that is executed in the cloud on encypted data and removes most of the false positives included in the set returned.When the outsourced data is big, it is typically partitioned over multiple nodes in a distributed system. For this case, we propose two new systems, called SDB-TOPK and SD-TOPK, that can evaluate top-k queries over encrypted distributed data without having to decrypt at the nodes where they are stored. In addition, SDB-TOPK and SD-TOPK have a powerful filtering algorithm that filters the false positives as much as possible in the nodes, and returns a small set of encrypted data that will be decrypted in the user side. We analyze the security of our system, and propose efficient strategies to enforce it.We validated our solutions through implementation of BuckTop , SDB-TOPK and SD-TOPK, and compared them to baseline approaches over synthetic and real databases. The results show excellent response time compared to baseline approaches. They also show the efficiency of our filtering algorithm that eliminates almost all false positives. Furthermore, our systems yieldsignificant reduction in communication cost between the distributed system nodes when computing the query result.

Préservation de la confidentialité

Requêtes top-K

Données sensibles

Sécurité du cloud

Systèmes distribués

Privacy Preserving

Top-K Query Processing

Sensitive Data

Cloud security

Distributed Systems

雲端運算環境下檔案更新管理之安全性研究 / A study on the security of patch management in a cloud computing environment

簡禎儀

Unknown Date

隨著雲端運算盛行,企業採用大量虛擬主機來取代實體機器,虛擬主 機有效率的模擬實體機器達到企業減少能源耗損與提高成本效率目 標。 文中提及虛擬主機映像檔目錄系統(VMIC)主要讓使用者能有效 率搜尋期望的檔案並獲得下載的實體位置,故本論文研究重點著重在 改進安全性在原 VMIC 系統,應用 Pakiti 監控系統來掌握更新檔狀況 於實體機器或虛擬機器環境,使資安人員能在短期間內獲得正確資 訊,及時升級更新檔避免攻擊災害發生。 / As cloud computing techniques advance, Virtual Machines (VM) seems to be an appropriate solution than physical machine deployment. Having multiple instances of virtual machines cause more efficient use of computing resources to achieve the aim of energy consumption and cost effectiveness. In this thesis, Virtual Machine Image Catalogue (VMIC) is designed for helping users search and acquire expected virtual machine images promptly. Nevertheless, security of VMIC is also a crucial task to keep systems up-to-date and defends against security attacks. Pakiti is adopted to monitor patch status of physical and virtual machines, and schedules the warning information to remind security staffs to update the patches.

雲端安全

虛擬主機映像檔

更新檔管理

Cloud security

Virtual machine image

Patch management