Security in Cloud Computing: Evaluation and Integration

Au cours de la dernière décennie, le paradigme du Cloud Computing a révolutionné la manière dont nous percevons les services de la Technologie de l’Information (TI). Celui-ci nous a donné l’opportunité de répondre à la demande constamment croissante liée aux besoins informatiques des usagers en introduisant la notion d’externalisation des services et des données. Les consommateurs du Cloud ont généralement accès, sur demande, à un large éventail bien réparti d’infrastructures de TI offrant une pléthore de services. Ils sont à même de configurer dynamiquement les ressources du Cloud en fonction des exigences de leurs applications, sans toutefois devenir partie intégrante de l’infrastructure du Cloud. Cela leur permet d’atteindre un degré optimal d’utilisation des ressources tout en réduisant leurs coûts d’investissement en TI. Toutefois, la migration des services au Cloud intensifie malgré elle les menaces existantes à la sécurité des TI et en crée de nouvelles qui sont intrinsèques à l’architecture du Cloud Computing. C’est pourquoi il existe un réel besoin d’évaluation des risques liés à la sécurité du Cloud durant le procédé de la sélection et du déploiement des services. Au cours des dernières années, l’impact d’une efficace gestion de la satisfaction des besoins en sécurité des services a été pris avec un sérieux croissant de la part des fournisseurs et des consommateurs. Toutefois, l’intégration réussie de l’élément de sécurité dans les opérations de la gestion des ressources du Cloud ne requiert pas seulement une recherche méthodique, mais aussi une modélisation méticuleuse des exigences du Cloud en termes de sécurité. C’est en considérant ces facteurs que nous adressons dans cette thèse les défis liés à l’évaluation de la sécurité et à son intégration dans les environnements indépendants et interconnectés du Cloud Computing. D’une part, nous sommes motivés à offrir aux consommateurs du Cloud un ensemble de méthodes qui leur permettront d’optimiser la sécurité de leurs services et, d’autre part, nous offrons aux fournisseurs un éventail de stratégies qui leur permettront de mieux sécuriser leurs services d’hébergements du Cloud. L’originalité de cette thèse porte sur deux aspects : 1) la description innovatrice des exigences des applications du Cloud relativement à la sécurité ; et 2) la conception de modèles mathématiques rigoureux qui intègrent le facteur de sécurité dans les problèmes traditionnels du déploiement des applications, d’approvisionnement des ressources et de la gestion de la charge de travail au coeur des infrastructures actuelles du Cloud Computing. Le travail au sein de cette thèse est réalisé en trois phases.----------ABSTRACT: Over the past decade, the Cloud Computing paradigm has revolutionized the way we envision IT services. It has provided an opportunity to respond to the ever increasing computing needs of the users by introducing the notion of service and data outsourcing. Cloud consumers usually have online and on-demand access to a large and distributed IT infrastructure providing a plethora of services. They can dynamically configure and scale the Cloud resources according to the requirements of their applications without becoming part of the Cloud infrastructure, which allows them to reduce their IT investment cost and achieve optimal resource utilization. However, the migration of services to the Cloud increases the vulnerability to existing IT security threats and creates new ones that are intrinsic to the Cloud Computing architecture, thus the need for a thorough assessment of Cloud security risks during the process of service selection and deployment. Recently, the impact of effective management of service security satisfaction has been taken with greater seriousness by the Cloud Service Providers (CSP) and stakeholders. Nevertheless, the successful integration of the security element into the Cloud resource management operations does not only require methodical research, but also necessitates the meticulous modeling of the Cloud security requirements. To this end, we address throughout this thesis the challenges to security evaluation and integration in independent and interconnected Cloud Computing environments. We are interested in providing the Cloud consumers with a set of methods that allow them to optimize the security of their services and the CSPs with a set of strategies that enable them to provide security-aware Cloud-based service hosting. The originality of this thesis lies within two aspects: 1) the innovative description of the Cloud applications’ security requirements, which paved the way for an effective quantification and evaluation of the security of Cloud infrastructures; and 2) the design of rigorous mathematical models that integrate the security factor into the traditional problems of application deployment, resource provisioning, and workload management within current Cloud Computing infrastructures. The work in this thesis is carried out in three phases

Security measurement as a trust in cloud computing service selection and monitoring

With the increase in the number of cloud service offerings by the cloud service providers nowadays, selecting the appropriate service provider becomes difficult for customers. This is true since most of the cloud service providers offer almost similar services at different costs. Thus, making cloud service selection a tedious process for customers. The selection of the cloud services from the security standpoint needs a distinct consideration from both the academia and the industry. Security is an important factor in cloud computing. Thus, any exploited vulnerability will have a negative effect on cloud computing adoption by customers. Hence, little attention has been paid to cloud service monitoring and selection from a security perspective. To solve this issue, we propose a security measurement as a trust (SMaaT) in the cloud computing selection. Finally, we propose Analytical Hierarchical Process (AHP) for service selection from the customers’ perspective

Pemilihan Produk Database pada Google Cloud Platform Menggunakan Metode Analytical Hierarchy Process untuk Aplikasi XYZ

Aplikasi XYZ merupakan aplikasi yang dikembangkan untuk pengguna gawai dengan operating system Android. Aplikasi ini berfungsi untuk mengidentifikasi berbagai jenis buah dari foto yang diambil secara langsung maupun dari galeri penguna. Dalam pengembangannya, aplikasi diharapkan dapat menyimpan informasi dan gambar hasil identifikasi pada penyimpanan cloud. Google Cloud Platform, yang ditawarkan oleh Google, merupakan penyedia layanan cloud computing. Terdapat setidaknya tiga produk yang ditawarkan oleh Google Cloud Platform untuk mengembangkan database aplikasi XYZ, yakni Cloud Firestore, Cloud SQL, dan Cloud Spanner. Tujuan penelitian ini adalah untuk menentukan prioritas pemilihan produk database, guna pengembangan aplikasi XYZ dengan metode Analytical Hierarchy Process (AHP). Digunakan empat kriteria, yakni user needs, easy to use, security, dan cost. Berdasarkan pengolahan data, cost menjadi prioritas utama untuk dipertimbangkan dalam memilih database, sementara disaster recovery menempati prioritas terakhir. Berdasarkan analisis menggunakan metode AHP, dapat disimpulkan produk database yang paling direkomendasikan untuk mengembangkan aplikasi XYZ adalah Cloud Firestore

Cloud Service Provider Evaluation System using Fuzzy Rough Set Technique

Cloud Service Providers (CSPs) offer a wide variety of scalable, flexible, and cost-efficient services to cloud users on demand and pay-per-utilization basis. However, vast diversity in available cloud service providers leads to numerous challenges for users to determine and select the best suitable service. Also, sometimes users need to hire the required services from multiple CSPs which introduce difficulties in managing interfaces, accounts, security, supports, and Service Level Agreements (SLAs). To circumvent such problems having a Cloud Service Broker (CSB) be aware of service offerings and users Quality of Service (QoS) requirements will benefit both the CSPs as well as users. In this work, we proposed a Fuzzy Rough Set based Cloud Service Brokerage Architecture, which is responsible for ranking and selecting services based on users QoS requirements, and finally monitor the service execution. We have used the fuzzy rough set technique for dimension reduction. Used weighted Euclidean distance to rank the CSPs. To prioritize user QoS request, we intended to use user assign weights, also incorporated system assigned weights to give the relative importance to QoS attributes. We compared the proposed ranking technique with an existing method based on the system response time. The case study experiment results show that the proposed approach is scalable, resilience, and produce better results with less searching time.Comment: 12 pages, 7 figures, and 8 table

Virtual assistants in customer interface

This thesis covers use of virtual assistants from a user organization’s perspective, exploring challenges and opportunities related to introducing virtual assistants to an organization’s customer interface. Research related to virtual assistants is spread over many distinct fields of research spanning several decades. However, widespread use of virtual assistants in organizations customer interface is a relatively new and constantly evolving phenomenon. Scientific research is lacking when it comes to current use of virtual assistants and user organization’s considerations related to it. A qualitative, semi-systematic literature review method is used to analyse progression of research related to virtual assistants, aiming to identify major trends. Several fields of research that cover virtual assistants from different perspectives are explored, focusing primarily on Human-Computer Interaction and Natural Language Processing. Additionally, a case study of a Finnish insurance company’s use of virtual assistants supports the literature review and helps understand the user organization’s perspective. This thesis describes how key technologies have progressed, gives insight on current issues that affect organizations and points out opportunities related to virtual assistants in the future. Interviews related to the case study give a limited understanding as to what challenges are currently at the forefront when it comes to using this new technology in the insurance industry. The case study and literature review clearly point out that use of virtual assistants is hindered my various practical challenges. Some practical challenges related to making a virtual assistant useful for an organization seem to be industry-specific, for example issues related to giving advice about insurance products. Other challenges are more general, for example unreliability of customer feedback. Different customer segments have different attitudes towards interacting with virtual assistants, from positive to negative, making the technology a clearly polarizing issue. However, customers in general seem to be becoming more accepting towards the technology in the long term. More research is needed to understand future potential of virtual assistants in customer interactions and customer relationship management.Tämä tutkielma tutkii virtuaaliassistenttien käyttöä käyttäjäorganisaation perspektiivistä, antaen käsityksen mitä haasteita ja mahdollisuuksia liittyy virtuaaliassistenttien käyttöönottoon organisaation asiakasrajapinnassa. Virtuaaliassistentteihin liittyvä tutkimus jakautuu monien eri tutkimusalojen alaisuuteen ja useiden vuosikymmenien ajalle. Laajamittainen virtuaaliassistenttien käyttö asiakasrajapinnassa on kuitenkin verrattain uusi ja jatkuvasti kehittyvä ilmiö. Tieteellinen tutkimus joka liittyy virtuaaliassistenttien nykyiseen käyttöön ja käyttäjäorganisaation huomioon otetaviin asioihin on puutteellista. Tämä tutkielma käyttää kvalitatiivista, puolisystemaattista kirjallisuusanalyysimetodia tutkiakseen virtuaaliassistentteihin liittyviä kehityskulkuja, tarkoituksena tunnistaa merkittäviä trendejä. Tutkimus kattaa useita tutkimusaloja jotka käsittelevät virtuaaliassistentteja eri näkökulmista, keskittyen pääasiassa Human-Computer Interaction- sekä Natural Language Processing -tutkimusaloihin. Lisäksi tutkielmassa on tapaustutkimus suomalaisen vakuutusyhtiön virtuaaliassistenttien käytöstä, joka tukee kirjallisuusanalyysiä ja auttaa ymmärtämään käyttäjäorganisaation perspektiiviä. Tutkielma kuvailee kuinka keskeiset teknologiat ovat kehittyneet, auttaa ymmärtämään tämänhetkisiä ongelmia jotka koskettavat organisaatioita sekä esittelee virtuaaliassistentteihin liittyviä mahdollisuuksia tulevaisuudessa. Tapaustutkimukseen liittyvät haastattelut antavat rajoitetun kuvan kyseisen uuden teknologian käyttöön liittyvistä haasteista vakuutusalalla. Tapaustutkimus ja kirjallisuusanalyysi osoittavat että virtuaaliassistenttien käyttöönottoon liittyy erilaisia käytännön haasteita. Jotkut haasteet vaikuttavat olevan toimialakohtaisia, liittyen esimerkiksi vakuutustuotteita koskeviin neuvoihin. Toiset haasteet taas ovat yleisempiä, liittyen esimerkiksi asiakaspalautteen epäluotettavuuteen. Eri asiakassegmenteillä on erilaisia asenteita virtuaaliassistentteja kohtaan, vaihdellen positiivisesta negatiiviseen, joten kyseinen teknologia on selvästi polarisoiva aihe. Pitkällä aikavälillä asiakkaiden asenteet teknologiaa kohtaan vaikuttavat kuitenkin muuttuvan hyväksyvämpään suuntaan. Lisää tutkimusta tarvitaan jotta voidaan ymmärtää virtuaaliassistenttien tulevaisuuden potentiaalia asiakaskohtaamisissa ja asiakkuudenhallinnassa

Cloud Technology Selection: A structured framework for decision making

Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Information Systems and Technologies ManagementThis study aims to get organizations to improve their decision making during the selection of cloud technology process. As the technology evolves alongside an ever-increasing abundance in market offer, it may be challenging to choose the desirable service that encompasses several business approaches. For the purpose of this study to be attained, the reader must first comprehend the definition of Cloud Technology: it is the delivery of IT resources over the Internet, being applications, software, storage, among other services. Furthermore, understanding the current main technologies/architectures and their capabilities/limitations will play an important role in designing and developing the prospected solution. A thoroughly research will be produced to better define the criteria used in the process. Despite the fact that technology is able to be tailored up to a certain level for the organization needs, a higher level of participation will encourage vendors and architecture designers to develop a better knowledge on the companies’ desires, thus delivering more appropriate features to their unique needs