MPSM: Multi-prospective PaaS Security Model

Cloud computing has brought a revolution in the field of information technology and improving the efficiency of computational resources. It offers computing as a service enabling huge cost and resource efficiency. Despite its advantages, certain security issues still hinder organizations and enterprises from it being adopted. This study mainly focused on the security of Platform-as-a-Service (PaaS) as well as the most critical security issues that were documented regarding PaaS infrastructure. The prime outcome of this study was a security model proposed to mitigate security vulnerabilities of PaaS. This security model consists of a number of tools, techniques and guidelines to mitigate and neutralize security issues of PaaS. The security vulnerabilities along with mitigation strategies were discussed to offer a deep insight into PaaS security for both vendor and client that may facilitate future design to implement secure PaaS platforms

Programming Cloud Resource Orchestration Framework: Operations and Research Challenges

The emergence of cloud computing over the past five years is potentially one of the breakthrough advances in the history of computing. It delivers hardware and software resources as virtualization-enabled services and in which administrators are free from the burden of worrying about the low level implementation or system administration details. Although cloud computing offers considerable opportunities for the users (e.g. application developers, governments, new startups, administrators, consultants, scientists, business analyst, etc.) such as no up-front investment, lowering operating cost, and infinite scalability, it has many unique research challenges that need to be carefully addressed in the future. In this paper, we present a survey on key cloud computing concepts, resource abstractions, and programming operations for orchestrating resources and associated research challenges, wherever applicable.Comment: 19 page

A Security Framework for Cloud Data Storage(CDS) Based on Agent

The Cloud has become a new Information Technology(IT) model for delivering resources such as computing and storage to customers on demand, it provides both high flexibility and resources use. However we are gaining these advantages at the cost of high security threats, which presents the major brake for the migration towards Cloud Computing. Cloud Data Storage(CDS) is one of the Cloud services, it allows users to store their data in the Cloud, this service is very useful for companies and individuals, but data security remains the problem which makes customers worried about their data that reside in the Cloud. In this paper, we propose a framework of security to ensure the CDS, which is based on agents, it contains three layers: Cloud Provider layer, Customer layer and Trusted Third Party(TTP) layer.Comment: 12 pages,7 figues, Computational Methods in Systems and Software (CoMeSySo 2017

Recent Developments in Cloud Based Systems: State of Art

Cloud computing is the new buzzword in the head of the techies round the clock these days. The importance and the different applications of cloud computing are overwhelming and thus, it is a topic of huge significance. It provides several astounding features like Multitenancy, on demand service, pay per use etc. This manuscript presents an exhaustive survey on cloud computing technology and potential research issues in cloud computing that needs to be addressed

A Comparative Taxonomy and Survey of Public Cloud Infrastructure Vendors

An increasing number of technology enterprises are adopting cloud-native architectures to offer their web-based products, by moving away from privately-owned data-centers and relying exclusively on cloud service providers. As a result, cloud vendors have lately increased, along with the estimated annual revenue they share. However, in the process of selecting a provider's cloud service over the competition, we observe a lack of universal common ground in terms of terminology, functionality of services and billing models. This is an important gap especially under the new reality of the industry where each cloud provider has moved towards his own service taxonomy, while the number of specialized services has grown exponentially. This work discusses cloud services offered by four dominant, in terms of their current market share, cloud vendors. We provide a taxonomy of their services and sub-services that designates major service families namely computing, storage, databases, analytics, data pipelines, machine learning, and networking. The aim of such clustering is to indicate similarities, common design approaches and functional differences of the offered services. The outcomes are essential both for individual researchers, and bigger enterprises in their attempt to identify the set of cloud services that will utterly meet their needs without compromises. While we acknowledge the fact that this is a dynamic industry, where new services arise constantly, and old ones experience important updates, this study paints a solid image of the current offerings and gives prominence to the directions that cloud service providers are following

Security and Privacy Issues in Cloud Computing

Cloud computing transforms the way information technology (IT) is consumed and managed, promising improved cost efficiencies, accelerated innovation, faster time-to-market, and the ability to scale applications on demand (Leighton, 2009). According to Gartner, while the hype grew exponentially during 2008 and continued since, it is clear that there is a major shift towards the cloud computing model and that the benefits may be substantial (Gartner Hype-Cycle, 2012). However, as the shape of the cloud computing is emerging and developing rapidly both conceptually and in reality, the legal/contractual, economic, service quality, interoperability, security and privacy issues still pose significant challenges. In this chapter, we describe various service and deployment models of cloud computing and identify major challenges. In particular, we discuss three critical challenges: regulatory, security and privacy issues in cloud computing. Some solutions to mitigate these challenges are also proposed along with a brief presentation on the future trends in cloud computing deployment.Comment: 42 pages, 2 Figures, and 5 Tables. The book chapter is accepted for publication and is expected to be published in the second half of 201

IoTChain: A Three-Tier Blockchain-based IoT Security Architecture

There has been increasing interest in the potential of blockchain in enhancing the security of devices and systems, such as Internet of Things (IoT). In this paper, we present a blockchain-based IoT security architecture, IoTchain. The three-tier architecture comprises an authentication layer, a blockchain layer and an application layer, and is designed to achieve identity authentication, access control, privacy protection, lightweight feature, regional node fault tolerance, denial-of-service resilience, and storage integrity. We also evaluate the performance of IoTchain to demonstrate its utility in an IoT deployment.Comment: 23 pages,11 figure

Data Security and Privacy Protection Data Security and Privacy Protection in Public Cloud

This paper discusses about the challenges, advantages and shortcomings of existing solutions in data security and privacy in public cloud computing. As in cloud computing, oceans of data will be stored. Data stored in public cloud would face both outside attacks and inside attacks since public cloud provider themselves are untrusted. Conventional encryption could be used for storage, however most data in cloud needs further computation. Decryption before computation will cause large overheads for data operation and lots of inconvenience. Thus, efficient methods to protect data security as well as privacy for large amount of data in cloud are necessary. In the paper, different mechanisms to protect data security and privacy in public cloud are discussed. A data security and privacy enabled multi-cloud architecture is proposed.Comment: Accepted version in Big-Cyber Workshop in 2018 Big Data Conferenc

All One Needs to Know about Fog Computing and Related Edge Computing Paradigms: A Complete Survey

With the Internet of Things (IoT) becoming part of our daily life and our environment, we expect rapid growth in the number of connected devices. IoT is expected to connect billions of devices and humans to bring promising advantages for us. With this growth, fog computing, along with its related edge computing paradigms, such as multi-access edge computing (MEC) and cloudlet, are seen as promising solutions for handling the large volume of security-critical and time-sensitive data that is being produced by the IoT. In this paper, we first provide a tutorial on fog computing and its related computing paradigms, including their similarities and differences. Next, we provide a taxonomy of research topics in fog computing, and through a comprehensive survey, we summarize and categorize the efforts on fog computing and its related computing paradigms. Finally, we provide challenges and future directions for research in fog computing.Comment: 48 pages, 7 tables, 11 figures, 450 references. The data (categories and features/objectives of the papers) of this survey are now available publicly. Accepted by Elsevier Journal of Systems Architectur

Fogbanks: Future Dynamic Vehicular Fog Banks for Processing, Sensing and Storage in 6G

Fixed edge processing has become a key feature of 5G networks, while playing a key role in reducing latency, improving energy efficiency and introducing flexible compute resource utilization on-demand with added cost savings. Autonomous vehicles are expected to possess significantly more on-board processing capabilities and with improved connectivity. Vehicles continue to be used for a fraction of the day, and as such there is a potential to increase processing capacity by utilizing these resources while vehicles are in short-term and long-term car parks, in roads and at road intersections. Such car parks and road segments can be transformed, through 6G networks, into vehicular fog clusters, or Fogbanks, that can provide processing, storage and sensing capabilities, making use of underutilized vehicular resources. We introduce the Fogbanks concept, outline current research efforts underway in vehicular clouds, and suggest promising directions for 6G in a world where autonomous driving will become commonplace. Moreover, we study the processing allocation problem in cloud-based Fogbank architecture. We solve this problem using Mixed Integer Programming (MILP) to minimize the total power consumption of the proposed architecture, taking into account two allocation strategies, single allocation of tasks and distributed allocation. Finally, we describe additional future directions needed to establish reliability, security, virtualisation, energy efficiency, business models and standardization