Cost-effective and privacy-conscious cloud service provisioning: architectures and algorithms

Palanisamy, Balaji

27 August 2014

Cloud Computing represents a recent paradigm shift that enables users to share and remotely access high-powered computing resources (both infrastructure and software/services) contained in off-site data centers thereby allowing a more efficient use of hardware and software infrastructures. This growing trend in cloud computing, combined with the demands for Big Data and Big Data analytics, is driving the rapid evolution of datacenter technologies towards more cost-effective, consumer-driven, more privacy conscious and technology agnostic solutions. This dissertation is dedicated to taking a systematic approach to develop system-level techniques and algorithms to tackle the challenges of large-scale data processing in the Cloud and scaling and delivering privacy-aware services with anytime-anywhere availability. We analyze the key challenges in effective provisioning of Cloud services in the context of MapReduce-based parallel data processing considering the concerns of cost-effectiveness, performance guarantees and user-privacy and we develop a suite of solution techniques, architectures and models to support cost-optimized and privacy-preserving service provisioning in the Cloud. At the cloud resource provisioning tier, we develop a utility-driven MapReduce Cloud resource planning and management system called Cura for cost-optimally allocating resources to jobs. While existing services require users to select a number of complex cluster and job parameters and use those potentially sub-optimal per-job configurations, the Cura resource management achieves global resource optimization in the cloud by minimizing cost and maximizing resource utilization. We also address the challenges of resource management and job scheduling for large-scale parallel data processing in the Cloud in the presence of networking and storage bottlenecks commonly experienced in Cloud data centers. We develop Purlieus, a self-configurable locality-based data and virtual machine management framework that enables MapReduce jobs to access their data either locally or from close-by nodes including all input, output and intermediate data achieving significant improvements in job response time. We then extend our cloud resource management framework to support privacy-preserving data access and efficient privacy-conscious query processing. Concretely, we propose and implement VNCache: an efficient solution for MapReduce analysis of cloud-archived log data for privacy-conscious enterprises. Through a seamless data streaming and prefetching model in VNCache, Hadoop jobs begin execution as soon as they are launched without requiring any apriori downloading. At the cloud consumer tier, we develop mix-zone based techniques for delivering anonymous cloud services to mobile users on the move through Mobimix, a novel road-network mix-zone based framework that enables real time, location based service delivery without disclosing content or location privacy of the consumers.

Cloud computing

MapReduce

Big data

Cost-optimization

Locality-awareness

Caching

System privacy

Location privacy

The Right to Digital Privacy: Advancing the Jeffersonian Vision of Adaptive Change

Moller, Kerry

01 January 2014

The relationship between privacy, technology, and law is complex. Thomas Jefferson’s prescient nineteenth century observation that laws and institutions must keep pace with the times offers a vision for change. Statutory law and court precedents help to define our right to privacy, however, the development of new technologies has complicated the application of old precedents and statutes. Third party organizations, such as Google, facilitate new methods of communication, and the government can often collect the information that third parties receive with a subpoena or court order, rather than a Fourth Amendment-mandated warrant. Privacy promotes fundamental democratic freedoms, however, under current law, the digital age has diminished the right to privacy in our electronic communications data. This work explores the statutory and constitutional law protecting our right to privacy, as well as the inadequacies that have developed with the digital revolution. With commonplace use of third parties to facilitate electronic communication, our courts and lawmakers must amend current laws and doctrines to protect the privacy of communications in the digital age. To provide clarity and appropriate data privacy protections, the following clarifications and amendments should be made to the third party doctrine and the Stored Communications Act (SCA): 1) third party doctrine should only apply to context data, 2) content data should be protected by the Fourth Amendment, 3) the SCA should eliminate the distinction between Remote Computing Services (RCS) data and Electronic Communication Services (ECS) data, and 4) the SCA should require warrants for all content data acquisition.

Privacy

Digital

Law

Fourth Amendment

Statutory Law

Constitution

Fourth Amendment

Legislation

Privacy Law

Policy Merger System for P3P in a Cloud Aggregation Platform

Olurin, Olumuyiwa

09 January 2013

The need for aggregating privacy policies is present in a variety of application areas today. In traditional client/server models, websites host services along with their policies in different private domains. However, in a cloud-computing platform where aggregators can merge multiple services, users often face complex decisions in terms of choosing the right services from service providers. In this computing paradigm, the ability to aggregate policies as well as services will be useful and more effective for users that are privacy conscious regarding their sensitive or personal information. This thesis studies the problems associated with the Platform for Privacy Preference (P3P) language, and the present issues with communicating and understanding the P3P language. Furthermore, it discusses some efficient strategies and algorithms for the matching and the merging processes, and then elaborates on some privacy policy conflicts that may occur after merging policies. Lastly, the thesis presents a tool for matching and merging P3P policies. If successful, the merge produces an aggregate policy that is consistent with the policies of all participating service providers.

P3P

Cloud Computing

XML Merger

Policy Languages

Privacy

XML

Privacy Policy

Aggregation Platform

Three-way Merge

Design And Implementation Of A Privacy Framework For Web Services In The Travel Domain

Erkanar, Mehmet

01 November 2005

A web service is a collection of functions that are packaged as a single entity and published to the network for use by other programs. Web services are building blocks for creating open distributed systems, and allow companies and individuals to quickly and cheaply make their digital assets available worldwide. With considerable interoperability, privacy management becomes an inevitable concern of the web services. Companies and individuals should be able to restrict the information available about themselves and specify the use of that information in order to protect their confidentiality. In the thesis, a privacy framework has been designed and implemented in order to prepare and match privacy documents for web services. Privacy documents are prepared based upon message ontologies which describe the input data of web services. Service requestors and providers prepare their own privacy documents which are going to be checked before the web service transaction begins. Privacy content has been derived from the World Wide Web Consortium&rsquo / s Platform for Privacy Preferences specification.

QA Computer Software 76.75-76.765

Role Management in a Privacy-Enhanced Collaborative Environment

Lorenz, Anja, Borcea-Pfitzmann, Katrin

13 January 2012

Nowadays, social software is in demand in very different settings. Managing relationships (e.g., social networking sites) and content sharing (e.g., photo sharing), but also collaborative working via the Internet became a widely accepted part of the social lives of people. Especially, collaborative environments provide platforms supporting users in creating and exchanging new ideas, material, and conducting discussions, but also in representing themselves by allowing for according profile management etc., cf. [KR07]. Supporting the users’ privacy in such interactive environments stands in sharp contrast to the objectives of collaboration. However, previous work has shown that different approaches may overcome this ostensible contradiction. One further approach is subject of this paper and consists of a differentiated role management. Accordingly, this paper describes the particular settings of applications shaping Privacy-Enhanced Collaborative Environments (PECE), for which a comprehensive role management has to be realized. The paper discusses the implications on the role concept resulting from the privacy-related settings and introduces a three-dimensional approach for roles in a collaborative environment.

Rollenmanagement

PECE

Privacy

Role Management

PECE

Privacy

ddc:000

Privatsphäre

Soziale Software

Kollaboration

Das Websurfen und der Datenschutz : ein Rechtsvergleich unter besonderer Berücksichtigung der Zulässigkeit sogenannter Cookies und Web Bugs am Beispiel des deutschen und U.S.-amerikanischen Rechts /

Wagner, Sylke.

January 2006

Univ., Diss.--Mainz, 2005. / Literaturverz. S. 17 - 43.

Software agents, surveillance, and the right to privacy a legislative framework for agent-enabled surveillance /

Schermer, Bart Willem,

January 1900

Thesis (doctoral)--Universiteit Leiden, 2007. / Description based on print version record. Includes bibliographical references (p. [231]-241).

A review of the implementation of the personal data (privacy) ordinance in the Hong Kong Correctional Services Department /

Kan, Chi-keung.

January 1998

Thesis (M.P.A.)--University of Hong Kong, 1998. / Includes bibliographical references (leaf 127-129).

A review of the implementation of the personal data (privacy) ordinance in the Hong Kong Correctional Services Department

Kan, Chi-keung.

January 1998

Thesis (M.P.A.)--University of Hong Kong, 1998. / Includes bibliographical references (leaves 127-129). Also available in print.

Factors influencing information privacy in Abu Dhabi Emirate

Aldhaheri, Omar

January 2016

Individuals in the UAE and Abu Dhabi Emirate, in particular, have become increasingly concerned about their private information. This is mainly due to the use of technology, which makes accessing, transmitting and editing personal information faster and easier. Besides the use of technology, and the awareness and understanding of the privacy of expatriates, working in Abu Dhabi Emirate has had an impact on UAE citizens in terms of their rights to privacy. There is a need for organisations to comply with international bodies in protecting individuals rights to privacy and to increase the exploration of culturally sensitive information in the media. These issues have all led to the importance of and need to explore and identify Abu Dhabi Emirate employees perceptions, and the factors influencing their behaviour, towards privacy. The aim of this research was to investigate and analyse factors influencing employees information privacy behaviour and employees perceptions, awareness and behaviour on the handling of private information in the Abu Dhabi Emirate public sector, ADEC, as well as to provide practical recommendations to improve the privacy. The research methods used in this project are based on a mixed-method approach comprising both quantitative and qualitative strategies. Qualitative data collection in this research included face-to-face interviews and focus groups with Abu Dhabi Education Council. Quantitative surveys for all the Abu Dhabi Education Council were also utilised. The research identified the types of information that were considered private and defined privacy in the context of UAE culture. The main factors influencing privacy in Abu Dhabi Emirate employees were identified and analysed such as national culture, organisation culture and perceived benefits as examples. Following this, practical recommendations for changes to promote and enhance privacy in Abu Dhabi Emirate were offered. A model has been developed and designed based on the factors influencing individual information behaviour regarding private information handling, interrelated and influenced. This is essential to provide a practical model capable of acting as a guideline to help organisations, decision makers, and strategic planners in the Abu Dhabi Emirate public sector decide how best to approach privacy policy.

658.4