Framework for Security Transparency in Cloud Computing

The migration of sensitive data and applications from the on-premise data centre to a cloud environment increases cyber risks to users, mainly because the cloud environment is managed and maintained by a third-party. In particular, the partial surrender of sensitive data and application to a cloud environment creates numerous concerns that are related to a lack of security transparency. Security transparency involves the disclosure of information by cloud service providers about the security measures being put in place to protect assets and meet the expectations of customers. It establishes trust in service relationship between cloud service providers and customers, and without evidence of continuous transparency, trust and confidence are affected and are likely to hinder extensive usage of cloud services. Also, insufficient security transparency is considered as an added level of risk and increases the difficulty of demonstrating conformance to customer requirements and ensuring that the cloud service providers adequately implement security obligations. The research community have acknowledged the pressing need to address security transparency concerns, and although technical aspects for ensuring security and privacy have been researched widely, the focus on security transparency is still scarce. The relatively few literature mostly approach the issue of security transparency from cloud providers’ perspective, while other works have contributed feasible techniques for comparison and selection of cloud service providers using metrics such as transparency and trustworthiness. However, there is still a shortage of research that focuses on improving security transparency from cloud users’ point of view. In particular, there is still a gap in the literature that (i) dissects security transparency from the lens of conceptual knowledge up to implementation from organizational and technical perspectives and; (ii) support continuous transparency by enabling the vetting and probing of cloud service providers’ conformity to specific customer requirements. The significant growth in moving business to the cloud – due to its scalability and perceived effectiveness – underlines the dire need for research in this area. This thesis presents a framework that comprises the core conceptual elements that constitute security transparency in cloud computing. It contributes to the knowledge domain of security transparency in cloud computing by proposing the following. Firstly, the research analyses the basics of cloud security transparency by exploring the notion and foundational concepts that constitute security transparency. Secondly, it proposes a framework which integrates various concepts from requirement engineering domain and an accompanying process that could be followed to implement the framework. The framework and its process provide an essential set of conceptual ideas, activities and steps that can be followed at an organizational level to attain security transparency, which are based on the principles of industry standards and best practices. Thirdly, for ensuring continuous transparency, the thesis proposes an essential tool that supports the collection and assessment of evidence from cloud providers, including the establishment of remedial actions for redressing deficiencies in cloud provider practices. The tool serves as a supplementary component of the proposed framework that enables continuous inspection of how predefined customer requirements are being satisfied. The thesis also validates the proposed security transparency framework and tool in terms of validity, applicability, adaptability, and acceptability using two different case studies. Feedbacks are collected from stakeholders and analysed using essential criteria such as ease of use, relevance, usability, etc. The result of the analysis illustrates the validity and acceptability of both the framework and tool in enhancing security transparency in a real-world environment

The Conundrum of Security in Modern Cloud Computing

In today’s economic climate organizations are seeking greater cost-saving measures, increased agility, and scalability that responds to the rapid changes in technology and business. Cloud computing, with its low cost pay-as-you-go business model, is helping organizations manage these changes while transforming information technology (IT) into an engine that drives business. Benefits from on-demand clouds provide users greater portability and the ability to access information from virtually anywhere: at home, a client location, when traveling, or at the office. The reduced costs and increased flexibility, however, associated with cloud computing also come with complex security issues and increased overall risk. When cloud services are moved beyond organizational boundaries, outside the border firewall, security is heightened for most organizations and navigating the complexity of these environments can be daunting. In this research paper we seek to help organizations make pragmatic decisions about where and when to use cloud solutions by outlining specific security issues that enterprises should address. We use external research sources and explore current security trends within cloud computing in order to provide background information, related research, and conclusions. We make use of colleagues, textbooks, peer reviewed journal articles, and Internet websites related to information technology and information security. Each section of our research is formatted similarly and presents pertinent security information, techniques, and tools that organizations would need in order to make relevant decisions when utilizing Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS)

Designing Human-Centered Collective Intelligence

Human-Centered Collective Intelligence (HCCI) is an emergent research area that seeks to bring together major research areas like machine learning, statistical modeling, information retrieval, market research, and software engineering to address challenges pertaining to deriving intelligent insights and solutions through the collaboration of several intelligent sensors, devices and data sources. An archetypal contextual CI scenario might be concerned with deriving affect-driven intelligence through multimodal emotion detection sources in a bid to determine the likability of one movie trailer over another. On the other hand, the key tenets to designing robust and evolutionary software and infrastructure architecture models to address cross-cutting quality concerns is of keen interest in the “Cloud” age of today. Some of the key quality concerns of interest in CI scenarios span the gamut of security and privacy, scalability, performance, fault-tolerance, and reliability. I present recent advances in CI system design with a focus on highlighting optimal solutions for the aforementioned cross-cutting concerns. I also describe a number of design challenges and a framework that I have determined to be critical to designing CI systems. With inspiration from machine learning, computational advertising, ubiquitous computing, and sociable robotics, this literature incorporates theories and concepts from various viewpoints to empower the collective intelligence engine, ZOEI, to discover affective state and emotional intent across multiple mediums. The discerned affective state is used in recommender systems among others to support content personalization. I dive into the design of optimal architectures that allow humans and intelligent systems to work collectively to solve complex problems. I present an evaluation of various studies that leverage the ZOEI framework to design collective intelligence

Contribución a la estimulación del uso de soluciones Cloud Computing: Diseño de un intermediador de servicios Cloud para fomentar el uso de ecosistemas distribuidos digitales confiables, interoperables y de acuerdo a la legalidad. Aplicación en entornos multi-cloud.

184 p.El objetivo del trabajo de investigación presentado en esta tesis es facilitar a los desarrolladores y operadores de aplicaciones desplegadas en múltiples Nubes el descubrimiento y la gestión de los diferentes servicios de Computación, soportando su reutilización y combinación, para generar una red de servicios interoperables, que cumplen con las leyes y cuyos acuerdos de nivel de servicio pueden ser evaluados de manera continua. Una de las contribuciones de esta tesis es el diseño y desarrollo de un bróker de servicios de Computación llamado ACSmI (Advanced Cloud Services meta-Intermediator). ACSmI permite evaluar el cumplimiento de los acuerdos de nivel de servicio incluyendo la legislación. ACSmI también proporciona una capa de abstracción intermedia para los servicios de Computación donde los desarrolladores pueden acceder fácilmente a un catálogo de servicios acreditados y compatibles con los requisitos no funcionales establecidos.Además, este trabajo de investigación propone la caracterización de las aplicaciones nativas multiNube y el concepto de "DevOps extendido" especialmente pensado para este tipo de aplicaciones. El concepto "DevOps extendido" pretende resolver algunos de los problemas actuales del diseño, desarrollo, implementación y adaptación de aplicaciones multiNube, proporcionando un enfoque DevOps novedoso y extendido para la adaptación de las prácticas actuales de DevOps al paradigma multiNube

Mapping the Path to a Health Data Marketplace in Norway: An Exploratory Case Study

This Master's thesis explores the complex dynamics of health data in the digital age, focusing on its secure and efficient management and ethical considerations. It investigates the potential of implementing a Health Data Marketplace (HDM) in the Norwegian e-health sector, aiming to construct a seamless health data exchange platform. This study proposes the integration of an existing health data gateway, the Egde Health Gateway (EHG), with the HDM. The research offers an in-depth analysis of existing limitations in health data exchange systems in Norway. It addresses current research gaps in Data Marketplace, Business Models, Gateways, and the Norwegian e-health context. Guided by two central research questions, this thesis delves into identifying essential components required to successfully implement an HDM in Norway and how this marketplace could be established using an existing data platform. Significantly, the thesis underscores the pivotal role of primary stakeholders in the HDM - Platform Operators, Platform Users, and Legal Authorities. The exploration reveals that Platform Operators are vital influencers, fostering collaboration and innovation within the ecosystem, while Platform Users and Legal Authorities ensure the marketplace's innovative and compliance aspects. Additionally, this study identifies essential components for successfully integrating an HDM into an existing health data platform, including Data Standardization, Interoperability, Integration, Security, Trust, and Legal Frameworks, among others. The thesis marks a significant step towards realizing an HDM in the Norwegian e-health sector. It invites future research to broaden stakeholder perspectives, examine economic aspects of the HDM, and delve into ethical considerations and technological innovations. The findings from this exploration serve as a catalyst for leveraging health data effectively, securely, and ethically, contributing to improved healthcare outcomes, research, and innovation in Norway and beyond

Performance modelling and optimization for video-analytic algorithms in a cloud-like environment using machine learning

CCTV cameras produce a large amount of video surveillance data per day, and analysing them require the use of significant computing resources that often need to be scalable. The emergence of the Hadoop distributed processing framework has had a significant impact on various data intensive applications as the distributed computed based processing enables an increase of the processing capability of applications it serves. Hadoop is an open source implementation of the MapReduce programming model. It automates the operation of creating tasks for each function, distribute data, parallelize executions and handles machine failures that reliefs users from the complexity of having to manage the underlying processing and only focus on building their application. It is noted that in a practical deployment the challenge of Hadoop based architecture is that it requires several scalable machines for effective processing, which in turn adds hardware investment cost to the infrastructure. Although using a cloud infrastructure offers scalable and elastic utilization of resources where users can scale up or scale down the number of Virtual Machines (VM) upon requirements, a user such as a CCTV system operator intending to use a public cloud would aspire to know what cloud resources (i.e. number of VMs) need to be deployed so that the processing can be done in the fastest (or within a known time constraint) and the most cost effective manner. Often such resources will also have to satisfy practical, procedural and legal requirements. The capability to model a distributed processing architecture where the resource requirements can be effectively and optimally predicted will thus be a useful tool, if available. In literature there is no clear and comprehensive modelling framework that provides proactive resource allocation mechanisms to satisfy a user's target requirements, especially for a processing intensive application such as video analytic. In this thesis, with the hope of closing the above research gap, novel research is first initiated by understanding the current legal practices and requirements of implementing video surveillance system within a distributed processing and data storage environment, since the legal validity of data gathered or processed within such a system is vital for a distributed system's applicability in such domains. Subsequently the thesis presents a comprehensive framework for the performance ii modelling and optimization of resource allocation in deploying a scalable distributed video analytic application in a Hadoop based framework, running on virtualized cluster of machines. The proposed modelling framework investigates the use of several machine learning algorithms such as, decision trees (M5P, RepTree), Linear Regression, Multi Layer Perceptron(MLP) and the Ensemble Classifier Bagging model, to model and predict the execution time of video analytic jobs, based on infrastructure level as well as job level parameters. Further in order to propose a novel framework for the allocate resources under constraints to obtain optimal performance in terms of job execution time, we propose a Genetic Algorithms (GAs) based optimization technique. Experimental results are provided to demonstrate the proposed framework's capability to successfully predict the job execution time of a given video analytic task based on infrastructure and input data related parameters and its ability determine the minimum job execution time, given constraints of these parameters. Given the above, the thesis contributes to the state-of-art in distributed video analytics, design, implementation, performance analysis and optimisation

Mapping the Path to a Health Data Marketplace in Norway: An Exploratory Case Study

This Master's thesis explores the complex dynamics of health data in the digital age, focusing on its secure and efficient management and ethical considerations. It investigates the potential of implementing a Health Data Marketplace (HDM) in the Norwegian e-health sector, aiming to construct a seamless health data exchange platform. This study proposes the integration of an existing health data gateway, the Egde Health Gateway (EHG), with the HDM. The research offers an in-depth analysis of existing limitations in health data exchange systems in Norway. It addresses current research gaps in Data Marketplace, Business Models, Gateways, and the Norwegian e-health context. Guided by two central research questions, this thesis delves into identifying essential components required to successfully implement an HDM in Norway and how this marketplace could be established using an existing data platform. Significantly, the thesis underscores the pivotal role of primary stakeholders in the HDM - Platform Operators, Platform Users, and Legal Authorities. The exploration reveals that Platform Operators are vital influencers, fostering collaboration and innovation within the ecosystem, while Platform Users and Legal Authorities ensure the marketplace's innovative and compliance aspects. Additionally, this study identifies essential components for successfully integrating an HDM into an existing health data platform, including Data Standardization, Interoperability, Integration, Security, Trust, and Legal Frameworks, among others. The thesis marks a significant step towards realizing an HDM in the Norwegian e-health sector. It invites future research to broaden stakeholder perspectives, examine economic aspects of the HDM, and delve into ethical considerations and technological innovations. The findings from this exploration serve as a catalyst for leveraging health data effectively, securely, and ethically, contributing to improved healthcare outcomes, research, and innovation in Norway and beyon