On the Effective Use of Data Dependency for Reliable Cloud Service Monitoring

Cloud computing is a large-scale distributed computing paradigm that aims at providing powerful computing and storage capability by dynamically sharing a pool of system resources (e.g., network bandwidth, storage space, or virtualized devices) in a multi-tenant environment. With the support of the computing technology, a plethora of cloud services have been developed for meeting the different requirements of cloud service customers (CSCs). While cloud service has many attractive advantages (e.g., rapid service deployment, reliable service availability, elastic service reconfiguration, or economic service billing), the security assurance of cloud services is a key concern for the service customers. Cloud monitoring is an essential mechanism for managing the security assurance of cloud services. Over the last few years, a large number of monitoring mechanisms have been proposed. The mechanisms are developed for monitoring varied security problems in the cloud with the common assumption that all the monitoring information is directly available. These mechanisms can achieve satisfactory monitoring performance only if the assumption can be satisfied (e.g., protecting cloud services from distributed denial of service (DDoS) attacks by checking the traffic information collected from network monitors). However, the existing mechanisms are unfortunately incapable of dealing with the security threats that are subtly crafted by malicious attackers without producing evident attack traces. Due to that the useful information related to the attacks is difficult to collect, the attacks can silently bypass the existing monitoring mechanisms and secretly undermine the victim services. As a result, to develop an effective monitoring mechanism for securing cloud services becomes a compelling demand. For motivating the issue, this thesis initially investigates a typical cloud security attack that can gradually drain system resources in a target cloud without triggering any alarms for highlighting the realistic demand of performing effective security monitoring in cloud systems. To combat the attack, a pragmatic security countermeasure is proposed for securing the cloud. To meet the demand, the thesis focuses on achieving effective security assurance management of cloud services by addressing the common shortcoming of existing monitoring mechanisms. Using the data relation (i.e., data dependency) existing in the collected monitoring data sets, the thesis demonstrates the possibility of leveraging the available information and the existing data relation to indirectly monitor cloud security problems with a novel inference-based security mechanism. Furthermore, the thesis also demonstrates the feasibility of taking advantage of data dependency to obtain the input information for running the inference mechanism by developing a practical data ascertaining technique. Finally, this thesis targets addressing potential data errors that can undermine the reliability of the proposed monitoring mechanism. Consequently, a reliability assessment mechanism is developed to select suitable data used by the proposed mechanism for generating reliable monitoring results

On-Cloud Motherhood Clinic: A Healthcare Management Solution for Rural Communities in Developing Countries

Background: Modern telecommunication infrastructure enables bridging of the digital divide between rural and urban healthcare services, promoting the provision of suitable medical care and support. Thus far, there has been some positive impacts to applying mobile health (m-Health) solutions, but their full potential in relation to cloud computing has is yet to be realised. It is imperative to develop an innovative approach for addressing the digital divide in a context of developing country. Method: Adopting a design science research approach (DSR), this study describes an innovative m-Health solution utilising cloud computing that enables healthcare professionals and women in rural areas to achieve comprehensive maternal healthcare support. We developed the solution framework through iterative prototyping with stakeholders’ participation, and evaluated the design using focus groups. Results: The cloud-based solution was positively evaluated as supporting healthcare professionals and service providers. It was perceived to help provide a virtual presence for evaluating and diagnosing expectant mothers’ critical healthcare data, medical history, and in providing necessary service support in a virtual clinic environment. Conclusions: The new application offers benefits to target stakeholders enabling a new practice-based paradigm applicable in other healthcare management. We demonstrated utilities to address target problems as well as the mechanism propositions for meeting the information exchange demand for better realisation of practical needs of the end users. Available at: https://aisel.aisnet.org/pajais/vol12/iss1/3

HiTrust: building cross-organizational trust relationship based on a hybrid negotiation tree

Small-world phenomena have been observed in existing peer-to-peer (P2P) networks which has proved useful in the design of P2P file-sharing systems. Most studies of constructing small world behaviours on P2P are based on the concept of clustering peer nodes into groups, communities, or clusters. However, managing additional multilayer topology increases maintenance overhead, especially in highly dynamic environments. In this paper, we present Social-like P2P systems (Social-P2Ps) for object discovery by self-managing P2P topology with human tactics in social networks. In Social-P2Ps, queries are routed intelligently even with limited cached knowledge and node connections. Unlike community-based P2P file-sharing systems, we do not intend to create and maintain peer groups or communities consciously. In contrast, each node connects to other peer nodes with the same interests spontaneously by the result of daily searches

Trust Management Model for Cloud Computing Environment

Software as a service or (SaaS) is a new software development and deployment paradigm over the cloud and offers Information Technology services dynamically as "on-demand" basis over the internet. Trust is one of the fundamental security concepts on storing and delivering such services. In general, trust factors are integrated into such existent security frameworks in order to add a security level to entities collaborations through the trust relationship. However, deploying trust factor in the secured cloud environment are more complex engineering task due to the existence of heterogeneous types of service providers and consumers. In this paper, a formal trust management model has been introduced to manage the trust and its properties for SaaS in cloud computing environment. The model is capable to represent the direct trust, recommended trust, reputation etc. formally. For the analysis of the trust properties in the cloud environment, the proposed approach estimates the trust value and uncertainty of each peer by computing decay function, number of positive interactions, reputation factor and satisfaction level for the collected information.Comment: 5 Pages, 2 Figures, Conferenc

CREOLE: a Universal Language for Creating, Requesting, Updating and Deleting Resources

In the context of Service-Oriented Computing, applications can be developed following the REST (Representation State Transfer) architectural style. This style corresponds to a resource-oriented model, where resources are manipulated via CRUD (Create, Request, Update, Delete) interfaces. The diversity of CRUD languages due to the absence of a standard leads to composition problems related to adaptation, integration and coordination of services. To overcome these problems, we propose a pivot architecture built around a universal language to manipulate resources, called CREOLE, a CRUD Language for Resource Edition. In this architecture, scripts written in existing CRUD languages, like SQL, are compiled into Creole and then executed over different CRUD interfaces. After stating the requirements for a universal language for manipulating resources, we formally describe the language and informally motivate its definition with respect to the requirements. We then concretely show how the architecture solves adaptation, integration and coordination problems in the case of photo management in Flickr and Picasa, two well-known service-oriented applications. Finally, we propose a roadmap for future work.Comment: In Proceedings FOCLASA 2010, arXiv:1007.499

A Generic Agent Organisation Framework For Autonomic Systems

Autonomic computing is being advocated as a tool for managing large, complex computing systems. Specifically, self-organisation provides a suitable approach for developing such autonomic systems by incorporating self-management and adaptation properties into large-scale distributed systems. To aid in this development, this paper details a generic problem-solving agent organisation framework that can act as a modelling and simulation platform for autonomic systems. Our framework describes a set of service-providing agents accomplishing tasks through social interactions in dynamically changing organisations. We particularly focus on the organisational structure as it can be used as the basis for the design, development and evaluation of generic algorithms for self-organisation and other approaches towards autonomic systems