A scalable and dynamic application-level secure communication framework for inter-cloud services

Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualized computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud environment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the service owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms is built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offers a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and exibility of peer-to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results carried out on two commercial clouds

A low-overhead secure communication framework for an inter-cloud environment

Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualized computing resources as on-demand and dynamic services. Nevertheless, a single cloud provider may not have limitless resources to offer to its users, hence the notion of an Inter-Cloud environment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the service owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offers a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and flexibility of peer-to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results detailing the overheads of our solution carried out on two commercial clouds

Towards an efficient distributed cloud architecture

Cloud computing is an emerging field in computer science. Users are utilizing less of their own existing resources, while increasing usage of cloud resources. There are many advantages of distributed computing over centralized architecture. With increase in number of unused storage and computing resources and advantages of distributed computing resulted in distributed cloud computing. In the distributed cloud environment that we propose, resource providers (RP) compete to provide resources to the users. In the distributed cloud all the cloud computing and storage services are offered by distributed resources. In this architecture resources are used and provided by the users in a peer to peer fashion. We propose using multi-valued distributed hash tables for efficient resource discovery. Leveraging the fact that there are many users providing resources such as CPU and memory, we define these resources under one key to easily locate devices with equivalent resources. We then propose a new auction mechanism, using a reserve bid formulated rationally by each user for the optimal allocation of discovered resources. We have evaluated the performance of resource discovery mechanisms for the distributed cloud and distributed cloud storage and compared the results with existing DHTs, peer to peer clients such as VUZE and explored the feasibility and efficiency of the proposed schemes in terms of resource/service discovery and allocation. We use a simultaneous Auction mechanism and select a set of winners once we receive all contributions or bids. In a real world scenario, users request resources with multiple capabilities, and in order to find such resources we use a contribution mechanism where service providers will provide a contribution price to users for providing a resource. Users use our proposed auction mechanism to select the resources from the set of resource providers. We show that Nash equilibrium can be achieved and how we can avoid the problem of free riders in the distributed cloud. Network latency is an important factor when deciding which resource provider to select. We used treeple a secure latency estimation scheme to obtain network measurements in distributed systems. We developed a mobile application using distributed cloud which preserves privacy and provides security for a user. Distributed cloud is used for developing such an application where all the data needs to be close to the users and avoids single point of failure, which is the problem with existing cloud

Data storage security and privacy in cloud computing: A comprehensive survey

Cloud Computing is a form of distributed computing wherein resources and application platforms are distributed over the Internet through on demand and pay on utilization basis. Data Storage is main feature that cloud data centres are provided to the companies/organizations to preserve huge data. But still few organizations are not ready to use cloud technology due to lack of security. This paper describes the different techniques along with few security challenges, advantages and also disadvantages. It also provides the analysis of data security issues and privacy protection affairs related to cloud computing by preventing data access from unauthorized users, managing sensitive data, providing accuracy and consistency of data store

A service broker for Intercloud computing

This thesis aims at assisting users in finding the most suitable Cloud resources taking into account their functional and non-functional SLA requirements. A key feature of the work is a Cloud service broker acting as mediator between consumers and Clouds. The research involves the implementation and evaluation of two SLA-aware match-making algorithms by use of a simulation environment. The work investigates also the optimal deployment of Multi-Cloud workflows on Intercloud environments