Establishing Distributed Social Network Trust Model in MobiCloud System

January 2011

abstract: This thesis proposed a novel approach to establish the trust model in a social network scenario based on users' emails. Email is one of the most important social connections nowadays. By analyzing email exchange activities among users, a social network trust model can be established to judge the trust rate between each two users. The whole trust checking process is divided into two steps: local checking and remote checking. Local checking directly contacts the email server to calculate the trust rate based on user's own email communication history. Remote checking is a distributed computing process to get help from user's social network friends and built the trust rate together. The email-based trust model is built upon a cloud computing framework called MobiCloud. Inside MobiCloud, each user occupies a virtual machine which can directly communicate with others. Based on this feature, the distributed trust model is implemented as a combination of local analysis and remote analysis in the cloud. Experiment results show that the trust evaluation model can give accurate trust rate even in a small scale social network which does not have lots of social connections. With this trust model, the security in both social network services and email communication could be improved. / Dissertation/Thesis / M.S. Computer Science 2011

Computer science

Cloud Computing

Distribute Computing

Email Trust

Social Network

Secure Sharing of Electronic Medical Records in Cloud Computing

January 2012

abstract: In modern healthcare environments, there is a strong need to create an infrastructure that reduces time-consuming efforts and costly operations to obtain a patient's complete medical record and uniformly integrates this heterogeneous collection of medical data to deliver it to the healthcare professionals. As a result, healthcare providers are more willing to shift their electronic medical record (EMR) systems to clouds that can remove the geographical distance barriers among providers and patient. Even though cloud-based EMRs have received considerable attention since it would help achieve lower operational cost and better interoperability with other healthcare providers, the adoption of security-aware cloud systems has become an extremely important prerequisite for bringing interoperability and efficient management to the healthcare industry. Since a shared electronic health record (EHR) essentially represents a virtualized aggregation of distributed clinical records from multiple healthcare providers, sharing of such integrated EHRs may comply with various authorization policies from these data providers. In this work, we focus on the authorized and selective sharing of EHRs among several parties with different duties and objectives that satisfies access control and compliance issues in healthcare cloud computing environments. We present a secure medical data sharing framework to support selective sharing of composite EHRs aggregated from various healthcare providers and compliance of HIPAA regulations. Our approach also ensures that privacy concerns need to be accommodated for processing access requests to patients' healthcare information. To realize our proposed approach, we design and implement a cloud-based EHRs sharing system. In addition, we describe case studies and evaluation results to demonstrate the effectiveness and efficiency of our approach. / Dissertation/Thesis / M.S. Computer Science 2012

Computer science

Cloud Computing

EHR

Healthcare

HIPAA

Privacy

Security

An evaluation of security issues in cloud-based file sharing technologies

Fana, Akhona

January 2015

Cloud computing is one of the most promising technologies for backup and data storage that provides flexible access to data. Cloud computing plays a vital role in remote backup. It is so unfortunate that this computing technique has flaws that thrilled and edgy end users in implementing it effectively. These flaws include factors like lack of integrity, confidentiality and privacy to information. A secure cloud is impossible unless the computer-generated environment is appropriately secured. In any form of technology it is always advisable that security challenges must be prior identified and fixed before the implementation of that particular technology. Primarily, this study will focus on finding security issues in cloud computing with the objective of finding concerns like credential theft and session management in the ―Cloud‖. Main arguments like HTTP banner disclosure, Bash ―ShellShock‖ Injection and password issues were discovered during the stages of study implementation. These challenges may provide information that will permit hackers in manipulating and exploiting cloud environment. Identifying credential theft and session management in cloud-based file sharing technologies a mixed method approach was implemented throughout the course of the study due to the nature of study and unity of analysis. Penetration tests were performed as security testing technique. Prevention and guideline of security threats leads to a friendly and authentic world of technology.

Cloud computing -- Security measures

Computer networks -- Security measures

Computer security

On-line řešení programového vybavení / On-line Software Solutions

Nurko, Tomáš

January 2016

This diploma work deals with a product and service comparison of office suites accessible through a web browser. The author will also compare the advantages and disadvantages of using the desktop and on-line versions. The main benefit of this work is the introduction of cloud-based services and the research results, which could be used by managers of IT departments. This work should help on deciding the right solution in the sphere of cooperation and facilitation of work. Last but not least is the comparison of financial solutions.

Cloud computing - srovnání cloudových úložišť / Cloud computing - comparison of cloud storages

Tymeš, Radek

January 2017

This thesis deals with the utilization of cloud computing in the field of online data storages for storing and backing up of user data. After defining the target group and its requirements for the service, ten most suitable options from the total set of cloud storages were selected. Selected storages were subsequently tested and analyzed in order to be used in the next stage of thesis. Materials for multicriterial analysis of options were created on the basis of set criteria and their given or measured values. The most appropriate options were calculated by application of the aforementioned mathematical method. These options were then evaluated and described from the viewpoint of commissioning.

Avaliação de desempenho de virtualizações OpenVZ e KVM em nuvens computacionais usando Hadoop MapReduce / Performance analysis of KVM and OpenVZ virtualizations on cloud computing using Hadoop MapReduce

Vasconcelos, Pedro Roger Magalhães

05 June 2015

VASCONCELOS, P. R. M. Avaliação de Desempenho de Virtualizações OpenVZ e KVM em Nuvens Computacionais usando Hadoop MapReduce. 2015. 59f. - Dissertação (Mestrado em Engenharia Elétrica e da Computação). Universidade Federal do Ceará, Programa de Pós-Graduação em Engenharia Elétrica e da Computação (Sobral-CE) / Submitted by Ana Márcia Sousa (marciasousa@ufc.br) on 2017-01-31T12:03:56Z No. of bitstreams: 1 2015_dis_prmvasconcelos.pdf: 887927 bytes, checksum: 24478781417951f390514fb33717ac71 (MD5) / Approved for entry into archive by Ana Márcia Sousa (marciasousa@ufc.br) on 2017-01-31T12:07:02Z (GMT) No. of bitstreams: 1 2015_dis_prmvasconcelos.pdf: 887927 bytes, checksum: 24478781417951f390514fb33717ac71 (MD5) / Made available in DSpace on 2017-01-31T12:07:02Z (GMT). No. of bitstreams: 1 2015_dis_prmvasconcelos.pdf: 887927 bytes, checksum: 24478781417951f390514fb33717ac71 (MD5) Previous issue date: 2015-06-05 / Cloud computing provides access to a set of resources such as virtual machines, storage and network as services. In this context, virtualization has been used as a platform for resource-intensive applications, like Hadoop. The motivations of this use are the following features: server consolidation, scalability and better resources usage. OpenVZ and KVM are very popular and widely used virtualization platforms with distinct virtualization modes: container-based and full-virtualization, respectively. In this work, a set of benchmarks were conducted to measure the performance of Hadoop clusters deployed on OpenNebula private clouds with KVM and OpenVZ as virtualization platforms. The results show that the cluster hosted in the cloud with OpenVZ performs better than KVM in most tests, reaching a lower CPU virtualization overhead, higher disk I/O reading and memory throughput. The cluster hosted in the cloud using KVM, in turn, present better rates only in specifics tests of disk writing. The performance of network virtualization is very close to native in both clusters. / A Computação em nuvem permite acesso a um conjunto de recursos como máquinas virtuais, armazenamento e rede como serviços. Nesse contexto, a virtualização tem sido usada como uma plataforma para aplicações que fazem uso intensivo de recursos como, por exemplo, o Hadoop. As motivações desse uso são as seguintes características: consolidação de servidores, escalabilidade e melhor uso dos recursos físicos. OpenVZ e KVM são plataformas de virtualização amplamente utilizadas com modos de virtualização distintos: virtualização de sistemas operacionais e virtualização completa, respectivamente. Neste trabalho foi realizada uma série de experimentos para avaliar o desempenho de clusters Hadoop instalados em nuvens privadas OpenNebula utilizando OpenVZ e KVM como plataformas de virtualização. Os resultados mostraram que o cluster hospedado na nuvem com OpenVZ apresentou um melhor desempenho na maioria dos testes realizados com menor sobrecarga de virtualização de CPU e maior vazão de leitura de arquivos em disco e memória. O cluster hospedado na nuvem com KVM, por sua vez, apresentou taxas superiores apenas em testes específicos de escrita de dados em disco. O desempenho da virtualização de rede foi muito próximo do nativo em ambos os clusters.

Sistemas de Informação

Computação em nuvem

Cloud Computing

Virtualização

The Organizational Effects of Software as a Service: The Nerds Rise to Power

Guggenheim, David R.

01 May 2016

Organizational subunits such as marketing, sales, human resources, and customer service invest in software as a service (SaaS) as a means to reduce information technology costs, speed time to market, gain access to new technologies, and improve application support and maintenance. For these reasons, SaaS has been characterized as a form of outsourcing, and one in which the internal IT function is losing relevancy because contracts are being executed between external application service providers and the affected subunits directly without IT oversight. Here we argue that SaaS is not outsourcing as it has been traditionally envisioned and enacted, and that through the generation of four types of functional slack it has demonstrated the ability to result in higher levels of IT innovation in support of a digital business strategy. A redistribution of IT resources from efficiency to innovation as a result of SaaS adoption was found that prescribed movement toward an equilibrium of ambidexterity between exploitative and exploratory activities. This research has established a number of firsts: 1) explored the production and combination of multidimensional slack, concentrated at a functional level; 2) demonstrated a previously disconfirmed positive relationship between IT outsourcing and innovation; 3) confirmed the feasibility of a theorized positive relationship between outsourcing and ambidexterity, and 4) discovered a new pathway within the realm of digital business strategy between a key external trend and an internal organizational shift of roles, responsibilities, and knowledge patterns. Further, our findings suggest that IT ambidexterity may be a better construct for investigating the impact of IT on firm performance than traditional measures of IT performance.

ambidexterity

cloud computing

competitive advantage

information technology

IT strategy

slack

TOWARD ENERGY-EFFICIENT SCHEDULING USING WEIGHTED ROUND-ROBIN AND VM REUSE

Alnowiser, Abdulaziz Mohammed

01 December 2013

AN ABSTRACT OF THE THESIS OF Abdulaziz M. AlNowiser, for the Master of Science degree in Computer Science, presented on November 1, 2013, at Southern Illinois University Carbondale. TITLE: TOWARD ENERGY-EFFICIENT SCHEDULING USING WEIGHTED ROUND- ROBIN AND VM REUSE MAJOR PROFESSOR: Dr. Michelle M. Zhu In recent years, the rapid evolving Cloud Computing technologies multiply challenges such as minimizing power consumption and meeting Quality-of-Services (QoS) requirements in the presence of heavy workloads from a large number of users using shared computing resources. Powering a middle-sized data center normally consumes 80,000kW power every year and computer servers consume around .5% of the global power [1]. Statistics for 5000 production servers over a six-month period show that only 10-50% of the total capacity has been effectively used, and a large portion of the resources is actually wasted. In order to address the skyrocket energy cost from the high level resource management aspect, we propose an energy efficient job scheduling approach based on a modified version of Weighted Round Robin scheduler that incorporates VMs reuse and live VM migration without compromising the Service Level Agreement (SLA). The Weighted Round Robin scheduler can monitor the running VMs status for possible VM sharing for job consolidation or migration. In addition, the VMs utilization rate is observed to start live migration from the over-utilizing Processing Element (PE) to under-utilized PEs or to the hibernated PEs by sending WOL (Wake-On-LAN) signal to activate them. The simulation experiments are conducted under the CloudReports environment based on open source CloudSim simulator. The comparisons with other similar scheduling algorithms demonstrate that our enhanced Weighted Round Robin algorithm (EWRR) can achieve considerable better performance in terms of energy consumption and resource utilization rate.

Cloud Computing

Power Consumption

Resource Utilization

Virtualization

Weighted Round Robin

Detecting Compute Cloud Co-residency with Network Flow Watermarking Techniques

Bates, Adam, Bates, Adam

January 2012

This paper presents co-resident watermarking, a traffic analysis attack for cloud environments that allows a malicious co-resident virtual machine to inject a watermark signature into the network flow of a target instance. This watermark can be used to exfiltrate co-residency data, compromising isolation assurances. While previous work depends on virtual hypervisor resource management, our approach is difficult to defend without costly underutilization of the physical machine. We evaluate co-resident watermarking under many configurations, from a local lab environment to production cloud environments. We demonstrate the ability to initiate a covert channel of 4 bits per second, and we can confirm co-residency with a target VM instance in less than 10 seconds. We also show that passive load measurement of the target and behavior profiling is possible. Our investigation demonstrates the need for the careful design of hardware to be used in the cloud. This thesis includes unpublished co-authored material.

Cloud Computing

Cloud Security

Covert Channel

Network Flow Watermarking

Evidence-based accountability audits for cloud computing

Rübsamen, Thomas

January 2016

Cloud computing is known for its on-demand service provisioning and has now become mainstream. Many businesses as well as individuals are using cloud services on a daily basis. There is a big variety of services that ranges from the provision of computing resources to services such as productivity suites and social networks. The nature of these services varies heavily in terms of what kind of information is being out-sourced to the cloud provider. Often, that data is sensitive, for instance when PII is being shared by an individual. Also, businesses that move (parts of) their processes to the cloud are actively participating in a major paradigm shift from having data on-premise to transfering data to a third-party provider. However, many new challenges come along with this trend, which are closely tied to the loss of control over data. When moving to the cloud, direct control over geographical storage location, who has access to it and how it is shared and processed is given up. Because of this loss of control, cloud customers have to trust cloud providers that they treat their data in an appropriate and responsible way. Cloud audits can be used to check how data has been processed in the cloud (i.e., by whom, for what purpose) and whether or not this happened in compliance with what has been defined in agreed-upon privacy and data storage, usage and maintenance (i.e., data handling) policies. This way, a cloud customer can regain some of the control he has given up by moving to the cloud. In this thesis, accountability audits are presented as a way to strengthen trust in cloud computing by providing assurance about the processing of data in the cloud according to data handling and privacy policies. In cloud accountability audits, various distributed evidence sources need to be considered. The research presented in this thesis discusses the use of various heterogeous evidence sources on all cloud layers. This way, a complete picture of the actual data handling practices that is based on hard facts can be presented to the cloud consumer. Furthermore, this strengthens transparency of data processing in the cloud, which can lead to improved trust in cloud providers, if they choose to adopt these mechanisms in order to assure their customers that their data is being handled according to their expectations. The system presented in this thesis enables continuous auditing of a cloud provider's adherence to data handling policies in an automated way that shortens audit intervals and that is based on evidence that is produced by cloud subsystems. An important aspect of many cloud offerings is the combination of multiple distinct cloud services that are offered by independent providers. Data is thereby freuqently exchanged between the cloud providers. This also includes trans-border flows of data, where one provider may be required to adhere to more strict data protection requirements than the others. The system presented in this thesis addresses such scenarios by enabling the collection of evidence at providers and evaluating it during audits. Securing evidence quickly becomes a challenge in the system design, when information that is needed for the audit is deemed sensitive or confidential. This means that securing the evidence at-rest as well as in-transit is of utmost importance, in order not to introduce a new liability by building an insecure data heap. This research presents the identification of security and privacy protection requirements alongside proposed solutions that enable the development of an architecture for secure, automated, policy-driven and evidence-based accountability audits.

004.67