4,758 research outputs found
Decision Support Tools for Cloud Migration in the Enterprise
This paper describes two tools that aim to support decision making during the
migration of IT systems to the cloud. The first is a modeling tool that
produces cost estimates of using public IaaS clouds. The tool enables IT
architects to model their applications, data and infrastructure requirements in
addition to their computational resource usage patterns. The tool can be used
to compare the cost of different cloud providers, deployment options and usage
scenarios. The second tool is a spreadsheet that outlines the benefits and
risks of using IaaS clouds from an enterprise perspective; this tool provides a
starting point for risk assessment. Two case studies were used to evaluate the
tools. The tools were useful as they informed decision makers about the costs,
benefits and risks of using the cloud.Comment: To appear in IEEE CLOUD 201
Security and Privacy Issues in Cloud Computing
Cloud computing transforming the way of information technology (IT) for consuming and managing, promising improving cost efficiencies, accelerate innovations, faster time-to-market and the ability to scale applications on demand (Leighton, 2009). According to Gartner, while the hype grew ex-ponentially during 2008 and continued since, it is clear that there is a major shift towards the cloud computing model and that the benefits may be substantial (Gartner Hype-Cycle, 2012). However, as the shape of the cloud computing is emerging and developing rapidly both conceptually and in reality, the legal/contractual, economic, service quality, interoperability, security and privacy issues still pose significant challenges. In this chapter, we describe various service and deployment models of cloud computing and identify major challenges. In particular, we discuss three critical challenges: regulatory, security and privacy issues in cloud computing. Some solutions to mitigate these challenges are also proposed along with a brief presentation on the future trends in cloud computing deployment
Biometrics-as-a-Service: A Framework to Promote Innovative Biometric Recognition in the Cloud
Biometric recognition, or simply biometrics, is the use of biological
attributes such as face, fingerprints or iris in order to recognize an
individual in an automated manner. A key application of biometrics is
authentication; i.e., using said biological attributes to provide access by
verifying the claimed identity of an individual. This paper presents a
framework for Biometrics-as-a-Service (BaaS) that performs biometric matching
operations in the cloud, while relying on simple and ubiquitous consumer
devices such as smartphones. Further, the framework promotes innovation by
providing interfaces for a plurality of software developers to upload their
matching algorithms to the cloud. When a biometric authentication request is
submitted, the system uses a criteria to automatically select an appropriate
matching algorithm. Every time a particular algorithm is selected, the
corresponding developer is rendered a micropayment. This creates an innovative
and competitive ecosystem that benefits both software developers and the
consumers. As a case study, we have implemented the following: (a) an ocular
recognition system using a mobile web interface providing user access to a
biometric authentication service, and (b) a Linux-based virtual machine
environment used by software developers for algorithm development and
submission
Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification
The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification model
A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view
- …