89,781 research outputs found
A proposed case for the cloud software engineering in security
This paper presents Cloud Software Engineering in Security (CSES) proposal that combines the benefits from each of good software engineering process and security. While other literature does not provide a proposal for Cloud security as yet, we use Business Process Modeling Notation (BPMN) to illustrate the concept of CSES from its design, implementation and test phases. BPMN can be used to raise alarm for protecting Cloud security in a real case scenario in real-time. Results from BPMN simulations show that a long execution time of 60 hours is required to protect real-time security of 2 petabytes (PB). When data is not in use, BPMN simulations show that the execution time for all data security rapidly falls off. We demonstrate a proposal to deal with Cloud security and aim to improve its current performance for Big Data
Evolution Oriented Monitoring oriented to Security Properties for Cloud Applications
Internet is changing from an information space to a dynamic computing
space. Data distribution and remotely accessible software
services, dynamism, and autonomy are prime attributes. Cloud technology
offers a powerful and fast growing approach to the provision
of infrastructure (platform and software services) avoiding the high
costs of owning, operating, and maintaining the computational
infrastructures required for this purpose. Nevertheless, cloud technology
still raises concerns regarding security, privacy, governance,
and compliance of data and software services offered through it.
Concerns are due to the difficulty to verify security properties of
the different types of applications and services available through
cloud technology, the uncertainty of their owners and users about
the security of their services, and the applications based on them,
once they are deployed and offered through a cloud. This work
presents an innovative and novel evolution-oriented, cloud-specific
monitoring model (including an architecture and a language) that
aim at helping cloud application developers to design and monitor
the behavior and functionality of their applications in a cloud
environment.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tech
On Evaluating Commercial Cloud Services: A Systematic Review
Background: Cloud Computing is increasingly booming in industry with many
competing providers and services. Accordingly, evaluation of commercial Cloud
services is necessary. However, the existing evaluation studies are relatively
chaotic. There exists tremendous confusion and gap between practices and theory
about Cloud services evaluation. Aim: To facilitate relieving the
aforementioned chaos, this work aims to synthesize the existing evaluation
implementations to outline the state-of-the-practice and also identify research
opportunities in Cloud services evaluation. Method: Based on a conceptual
evaluation model comprising six steps, the Systematic Literature Review (SLR)
method was employed to collect relevant evidence to investigate the Cloud
services evaluation step by step. Results: This SLR identified 82 relevant
evaluation studies. The overall data collected from these studies essentially
represent the current practical landscape of implementing Cloud services
evaluation, and in turn can be reused to facilitate future evaluation work.
Conclusions: Evaluation of commercial Cloud services has become a world-wide
research topic. Some of the findings of this SLR identify several research gaps
in the area of Cloud services evaluation (e.g., the Elasticity and Security
evaluation of commercial Cloud services could be a long-term challenge), while
some other findings suggest the trend of applying commercial Cloud services
(e.g., compared with PaaS, IaaS seems more suitable for customers and is
particularly important in industry). This SLR study itself also confirms some
previous experiences and reveals new Evidence-Based Software Engineering (EBSE)
lessons
Algorithms for advance bandwidth reservation in media production networks
Media production generally requires many geographically distributed actors (e.g., production houses, broadcasters, advertisers) to exchange huge amounts of raw video and audio data. Traditional distribution techniques, such as dedicated point-to-point optical links, are highly inefficient in terms of installation time and cost. To improve efficiency, shared media production networks that connect all involved actors over a large geographical area, are currently being deployed. The traffic in such networks is often predictable, as the timing and bandwidth requirements of data transfers are generally known hours or even days in advance. As such, the use of advance bandwidth reservation (AR) can greatly increase resource utilization and cost efficiency. In this paper, we propose an Integer Linear Programming formulation of the bandwidth scheduling problem, which takes into account the specific characteristics of media production networks, is presented. Two novel optimization algorithms based on this model are thoroughly evaluated and compared by means of in-depth simulation results
A Security Pattern for Cloud service certification
Cloud computing is interesting from the economic, operational and even energy consumption perspectives but it still raises concerns regarding
the security, privacy, governance and compliance of the data and software services offered through it. However, the task of verifying security
properties in services running on cloud is not trivial. We notice the provision and security of a cloud service is sensitive. Because of the
potential interference between the features and behavior of all the inter-dependent services in all layers of the cloud stack (as well as dynamic
changes in them). Besides current cloud models do not include support for trust-focused communication between layers. We present a
mechanism to implement cloud service certification process based on the usage of Trusted Computing technology, by means of its Trusted Computing Platform (TPM) implementation of its architecture. Among many security security features it is a tamper proof resistance built in device and provides a root of trust to affix our certification mechanism. We present as a security pattern the approach for service certification based on the use TPM.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tec
- …