Datacenter Traffic Control: Understanding Techniques and Trade-offs

Datacenters provide cost-effective and flexible access to scalable compute and storage resources necessary for today's cloud computing needs. A typical datacenter is made up of thousands of servers connected with a large network and usually managed by one operator. To provide quality access to the variety of applications and services hosted on datacenters and maximize performance, it deems necessary to use datacenter networks effectively and efficiently. Datacenter traffic is often a mix of several classes with different priorities and requirements. This includes user-generated interactive traffic, traffic with deadlines, and long-running traffic. To this end, custom transport protocols and traffic management techniques have been developed to improve datacenter network performance. In this tutorial paper, we review the general architecture of datacenter networks, various topologies proposed for them, their traffic properties, general traffic control challenges in datacenters and general traffic control objectives. The purpose of this paper is to bring out the important characteristics of traffic control in datacenters and not to survey all existing solutions (as it is virtually impossible due to massive body of existing research). We hope to provide readers with a wide range of options and factors while considering a variety of traffic control mechanisms. We discuss various characteristics of datacenter traffic control including management schemes, transmission control, traffic shaping, prioritization, load balancing, multipathing, and traffic scheduling. Next, we point to several open challenges as well as new and interesting networking paradigms. At the end of this paper, we briefly review inter-datacenter networks that connect geographically dispersed datacenters which have been receiving increasing attention recently and pose interesting and novel research problems.Comment: Accepted for Publication in IEEE Communications Surveys and Tutorial

Trusted cloud computing framework for healthcare sector

Cloud computing is rapidly evolving due to its efficient characteristics such as cost-effectiveness, availability and elasticity. Healthcare organizations and consumers lose control when they outsource their sensitive data and computing resources to a third party Cloud Service Provider (CSP), which may raise security and privacy concerns related to data loss and misuse appealing threats. Lack of consumers' knowledge about their data storage location may lead to violating rules and regulations of Health Insurance Portability and Accountability Act (HIPAA) that can cost them huge penalty. Fear of data breach by internal or external hackers may decrease consumers' trust in adopting cloud computing and benefiting from its promising features. We designed a HealthcareTrusted Cloud Computing (HTCC) framework that maintains security, privacy and considers HIPAA regulations. HTCC framework deploys Trusted Computing Group (TCG) technologies such as Trusted Platform Module (TPM), Trusted Software Stack (TSS), virtual Trusted Platform Module (vTPM), Trusted Network Connect (TNC) and Self Encrypting Drives (SEDs). We emphasize on using strong multi-factor authentication access control mechanisms and strict security controls, as well as encryption for data at storage, in-transit and while process. We contributed in customizing a cloud Service Level Agreement (SLA) by considering healthcare requirements. HTCC was evaluated by comparing with previous researchers' work and conducting survey from experts. Results were satisfactory and showed acceptance of the framework. We aim that our proposed framework will assist in optimizing trust on cloud computing to be adopted in healthcare sector

Providing security and fault tolerance in P2P connections between clouds for mHealth services

[EN] The mobile health (mHealth) and electronic health (eHealth) systems are useful to maintain a correct administration of health information and services. However, it is mandatory to ensure a secure data transmission and in case of a node failure, the system should not fall down. This fact is important because several vital systems could depend on this infrastructure. On the other hand, a cloud does not have infinite computational and storage resources in its infrastructure or would not provide all type of services. For this reason, it is important to establish an interrelation between clouds using communication protocols in order to provide scalability, efficiency, higher service availability and flexibility which allow the use of services, computing and storage resources of other clouds. In this paper, we propose the architecture and its secure protocol that allows exchanging information, data, services, computing and storage resources between all interconnected mHealth clouds. The system is based on a hierarchic architecture of two layers composed by nodes with different roles. The routing algorithm used to establish the connectivity between the nodes is the shortest path first (SPF), but it can be easily changed by any other one. Our architecture is highly scalable and allows adding new nodes and mHealth clouds easily, while it tries to maintain the load of the cloud balanced. Our protocol design includes node discovery, authentication and fault tolerance. We show the protocol operation and the secure system design. Finally we provide the performance results in a controlled test bench.Lloret, J.; Sendra, S.; Jimenez, JM.; Parra-Boronat, L. (2016). Providing security and fault tolerance in P2P connections between clouds for mHealth services. Peer-to-Peer Networking and Applications. 9(5):876-893. doi:10.1007/s12083-015-0378-3S87689395The Fifty-eighth World Health Assembly, Resolutions and Decisions. Document: A58/21. Available at: http://www.who.int/healthacademy/media/WHA58-28-en.pdf . [Last access: Dec. 30, 2014]World Health organization. Topics of eHealth. In WHO website. Available at: http://www.who.int/topics/eHealth/en/ . [Last access: Dec. 30, 2014]Pickup JC, Freeman SC, Sutton AJ (2011) Glycaemic control in type 1 diabetes during real time continuous glucose monitoring compared with self monitoring of blood glucose: meta-analysis of randomised controlled trials using individual patient data. BMJ 343:d3805Promotional Material Digital health: working in partnership. Department of Health. UK. (2014) Available at: https://www.gov.uk/government/publications/digital-health-working-in-partnership/digital-health-working-in-partnerships#digital-health---harnessing-technology-for-patient-benefit . [Last access: Dec. 30, 2014]eHealth for a Healthier Europe!– opportunities for a better use of healthcare resources. Available at: https://joinup.ec.europa.eu/sites/default/files/files_epractice/sites/eHealth%20for%20a%20Healthier%20Europe %20-%20Opportunities%20for%20a%20better%20use%20of%20healthcare%20resources.pdf. [Last access: Dec. 30, 2014]Adibi S (2012) Link technologies and BlackBerry mobile health (mHealth) solutions: a review. IEEE Trans Inf Technol Biomed 16(4):586–597Chiarini G, Ray P, Akter S, Masella C, Ganz A (2013) mHealth technologies for chronic diseases and elders: a systematic review. IEEE J Sel Areas Commun 31(9):6–18Lopes IM, Silva BM, Rodrigues JJ, Lloret J, Proenca ML (2011) A mobile health monitoring solution for weight control. In proceedings of the 2011 International Conference on Wireless Communications and Signal Processing (WCSP 2011), Nanjing, pp 1–5Lopes IM, Silva BM, Rodrigues JJPC, Lloret J (2012) Performance evaluation of cooperation mechanisms for m-health applications. In proceedings of the 2012 I.E. Global Communications Conference (GLOBECOM 2012), AnaheimKyriacou EC, Pattichis CS, Pattichis MS (2009) An overview of recent health care support systems for eEmergency and mHealth applications. In proceedings of the 31st Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC 2009), Hilton Minneapolis, pp 1246–1249Nkosi MT, Mekuria F (2010) Cloud computing for enhanced mobile health applications. In proceedings of the 2010 I.E. Second International Conference on Cloud Computing Technology and Science (CloudCom 2010), Indianapolis, pp 629–633Sultan N (2014) Making use of cloud computing for healthcare provision: opportunities and challenges. Int J Inf Manag 34(2):177–184Pandey S, Voorsluys W, Niu S, Khandoker A, Buyya R (2012) An autonomic cloud environment for hosting ECG data analysis services. Futur Gener Comput Syst 28(1):147–154Xia H, Asif I, Zhao X (2013) Cloud-ECG for real time ECG monitoring and analysis. Comput Methods Prog Biomed 110(3):253–259Bourouis A, Feham M, Bouchachia A (2012) A new architecture of a ubiquitous health monitoring system: a prototype of cloud mobile health monitoring system. arXiv preprint. Reference: arXiv:1205.6910Chen KR, Lin YL, Huang MS (2011) A mobile biomedical device by novel antenna technology for cloud computing resource toward pervasive healthcare. In proceedings of the 11th International Conference on Bioinformatics and Bioengineering (BIBE 2011), Taichung, pp 133–136Lacuesta R, Lloret J, Sendra S, Peñalver L (2014), Spontaneous ad hoc mobile cloud computing network. Sci World J (Article ID 232419): 1–19Ghafoor KZ, Bakar KA, Mohammed MA, Lloret J (2013) Vehicular cloud computing: trends and challenges (Chapter 14). In Mobile Networks and Cloud computing Convergence for Progressive Services and Applications. IGI Global. pp. 262–274. DOI: 10.4018/978-1-4666-4781-7.ch014Wan J, Zhang D, Zhao S, Yang LT, Lloret J (2014) Context-aware vehicular cyber-physical systems with cloud support: architecture, challenges and solutions. IEEE Commun Mag 52(8):106–113. doi: 10.1109/MCOM.2014.6871677Rodrigues JJPC, Zhou L, Mendes LDP, Lin K, Lloret J (2012) Distributed media-aware flow scheduling in cloud computing environment. Comput Commun 35(15):1819–1827Dutta R, Annappa B (2014) Protection of data in unsecured public cloud environment with open, vulnerable networks using threshold-based secret sharing. Netw Protoc Algoritm 6(1):58–75Modares H, Lloret J, Moravejosharieh A, Salleh R (2013) Security in mobile cloud computing (Chapter 5). In Mobile Networks and Cloud computing Convergence for Progressive Services and Applications. IGI Global. pp. 79–91Mehmood A, Song H, Lloret J (2014) Multi-agent based framework for secure and reliable communication among open clouds. Netw Protoc Algoritm 6(4):60–76Mendes LDP, Rodrigues JJPC, Lloret J, Sendra S (2014) Cross-layer dynamic admission control for cloud-based multimedia sensor networks. IEEE Syst J 8(1):235–246Xiong J, Li F, Ma J, Liu X, Yao Z, Chen PS (2014) A full lifecycle privacy protection scheme for sensitive data in cloud computing. Peer-to-Peer Netw Appl 1–13Yang H, Kim H, Mtonga K (2014) An efficient privacy-preserving authentication scheme with adaptive key evolution in remote health monitoring system. Peer-to-Peer Netw Appl 1–11Silva BM, Rodrigues JJ, Canelo F, Lopes IM, Lloret J (2014) Towards a cooperative security system for mobile-health applications. Electron Commer Re 1–27Flynn D, Gregory P, Makki H, Gabbay M (2009) Expectations and experiences of eHealth in primary care: a qualitative practice-based investigation. Int J Med Inform 78(9):588–604Thampi SM (2010) Survey of search and replication schemes in unstructured P2P networks. Netw Protoc Algoritm 2(1):93–131Khan SM, Mallesh N, Nambiar A, Wright M (2010) The dynamics of salsa: a robust structured P2P system. Netw Protoc Algoritm 2(4):40–60Garcia M, Hammoumi M, Canovas A, Lloret J (2011) Controlling P2P file-sharing networks’ traffic. Netw Protoc Algoritm 3(4):54–92Lloret J, Garcia M, Tomas J, Rodrigues JJPC (2014) Architecture and protocol for InterCloud communication. Inf Sci 258:434–451Chowdhury CR (2014) A survey of cloud based health care system. Int J Innov Res Comput Commun Eng 2(8):5477–5481Ghosh R, Papapanagiotou I, Boloor KA (2014) Survey on research initiatives for healthcare clouds. Cloud Computing Applications for Quality Health Care Delivery. IGI Global 1–18Donahue S (2010) Can cloud computing help fix health care? Cloudbook J 1(6):1–6Deng M, Petkovic M, Nalin M, Baroni IA (2011) Home healthcare system in the cloud--addressing security and privacy challenges. In proceedings of the 2011 I.E. International Conference on Cloud Computing (CLOUD 2011), Washington, pp 549–556Wang X, Gui Q, Liu B, Chen Y, Jin Z (2013) Leveraging mobile cloud for telemedicine: a performance study in medical monitoring. In proceedings of the 39th Annual Northeast Bioengineering Conference (NEBEC 2013), Syracuse, pp 49–50Alamri A (2012) Cloud-based e-health multimedia framework for heterogeneous network. In proceedings of the 2012 I.E. International Conference on Multimedia and Expo Workshops (ICMEW 2012), Melbourne, pp 447–452Constantinescu L, Kim J, Feng DD (2012) Sparkmed: a framework for dynamic integration of multimedia medical data into distributed m-health systems. IEEE Trans Inf Technol Biomed 16(1):40–52Botts N, Thoms B, Noamani A, Horan TA (2010) Cloud computing architectures for the underserved: public health cyberinfrastructures through a network of healthatms. In proceedings of the 43rd Hawaii International Conference on System Sciences (HICSS 2010), Honolulu, pp 1–10Fan L, Buchanan W, Thummler C, Lo O, Khedim A, Uthmani O, Lawson A, Bell D (2011) DACAR platform for eHealth services cloud. In proceedings of the 2011 I.E. International Conference on Cloud Computing (CLOUD 2011), Washington, pp 219–226Ruiz-Zafra A, Benghazi K, Noguera M, Garrido JL (2013) Zappa: An Open Mobile Platform to Build Cloud-Based m-Health Systems. In proceedings of the 4th International Symposium on Ambient Intelligence (ISAmI 2013), Salamanca, pp 87–94Nijon S, Dickerson RF, Asare P, Li Q, Hong D, Stankovic JA, Hu P, Shen G, Jiang X (2013) Auditeur: a mobile-cloud service platform for acoustic event detection on smartphones. In Proceeding of the 11th annual international conference on Mobile systems, applications, and services. ACM, Taipei, pp 403–416Lloret J, Diaz JR, Boronat F, Jiménez JM (2006) A fault-tolerant P2P-based protocol for logical networks interconnection. In proceedings of the International Conference on Networking and Services (ICNS’06), Silicon ValleyLloret J, Palau C, Boronat F, Tomas J (2008) Improving networks using group-based topologies. Comput Commun 31(14):3438–3450Lloret J, Boronat Segui F, Palau C, Esteve M (2005) Two levels SPF-based system to interconnect partially decentralized P2P file sharing networks. In proceedings of the Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services.(ICAS-ICNS 2005), Papeete, p 39Cramer C, Kutzner K, Fuhrmann T (2004) Bootstrapping locality-aware P2P networkS. In proceedings of the 12th IEEE International Conference on Networks (ICON 2004), Singapore, pp 357–361FIPS 180-1 - Secure Hash Standard, SHA-1. National Institute of Standards and Technology. http://www.itl.nist.gov/fipspubs/fip180-1.htm [Last access: Dec. 30, 2014]Eastlake D., Jones P., US Secure Hash Algorithm 1 (SHA1),(2001). In IETF website, Available at: http://www.ietf.org/rfc/rfc3174.txt [Last access: March 20, 2015]Lacuesta R, Lloret J, Garcia M, Peñalver L (2011) Two secure and energy-saving spontaneous Ad-Hoc protocol for wireless mesh client networks. J Netw Comput Appl 3(2):492–50

A gap analysis of Internet-of-Things platforms

We are experiencing an abundance of Internet-of-Things (IoT) middleware solutions that provide connectivity for sensors and actuators to the Internet. To gain a widespread adoption, these middleware solutions, referred to as platforms, have to meet the expectations of different players in the IoT ecosystem, including device providers, application developers, and end-users, among others. In this article, we evaluate a representative sample of these platforms, both proprietary and open-source, on the basis of their ability to meet the expectations of different IoT users. The evaluation is thus more focused on how ready and usable these platforms are for IoT ecosystem players, rather than on the peculiarities of the underlying technological layers. The evaluation is carried out as a gap analysis of the current IoT landscape with respect to (i) the support for heterogeneous sensing and actuating technologies, (ii) the data ownership and its implications for security and privacy, (iii) data processing and data sharing capabilities, (iv) the support offered to application developers, (v) the completeness of an IoT ecosystem, and (vi) the availability of dedicated IoT marketplaces. The gap analysis aims to highlight the deficiencies of today's solutions to improve their integration to tomorrow's ecosystems. In order to strengthen the finding of our analysis, we conducted a survey among the partners of the Finnish IoT program, counting over 350 experts, to evaluate the most critical issues for the development of future IoT platforms. Based on the results of our analysis and our survey, we conclude this article with a list of recommendations for extending these IoT platforms in order to fill in the gaps.Comment: 15 pages, 4 figures, 3 tables, Accepted for publication in Computer Communications, special issue on the Internet of Things: Research challenges and solution

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view

Addressing the Challenges in Federating Edge Resources

This book chapter considers how Edge deployments can be brought to bear in a global context by federating them across multiple geographic regions to create a global Edge-based fabric that decentralizes data center computation. This is currently impractical, not only because of technical challenges, but is also shrouded by social, legal and geopolitical issues. In this chapter, we discuss two key challenges - networking and management in federating Edge deployments. Additionally, we consider resource and modeling challenges that will need to be addressed for a federated Edge.Comment: Book Chapter accepted to the Fog and Edge Computing: Principles and Paradigms; Editors Buyya, Sriram