Enhancing healthcare services through cloud service: a systematic review

Although cloud-based healthcare services are booming, in-depth research has not yet been conducted in this field. This study aims to address the shortcomings of previous research by analyzing all journal articles from the last five years using the preferred reporting items for systematic reviews and meta-analyses (PRISMA) systematic literature review methodology. The findings of this study highlight the benefits of cloud-based healthcare services for healthcare providers and patients, including enhanced healthcare services, data security, privacy issues, and innovative information technology (IT) service delivery models. However, this study also identifies challenges associated with using cloud services in healthcare, such as security and privacy concerns, and proposes solutions to address these issues. This study concludes by discussing future research directions and the need for a complete solution that addresses the conflicting requirements of the security, privacy, efficiency, and scalability of cloud technologies in healthcare

Trust-Based Service Selection

Service Oriented Architecture (SOA) is an architectural style that builds enterprise solutions based on services. In SOA, the lack of trust between different parties affects the adoption of such architecture. Trust is as significant a factor for successful online interactions as it is in real life communities, and consequently, it is an important factor that is used as a criterion for service selection. In the context of online services and SOA, the literature shows that the field of trust is not mature. Trust definition and the consideration of the essentials of trust aspects do not reflect the true nature of trust online. This thesis proposes a trust-based service selection solution, which requires establishing trust for services and supporting service selection based on trust. This work considers building trust for service providers besides rating services, an area that is neglected in the literature. This work follows progressive steps to arrive at a solution. First, this work develops a trust definition and identifies trust principles, which cover different aspects of trust. Next, SOA is extended to build a trust-based SOA that supports trust-based service selection. In particular, a new component, the trust mediator, which is responsible for trust establishment is added to the architecture. Accordingly, a trust mediator framework is built according to the trust definition and principles to identify its main components. Subsequently, this work identifies the trust information, or metrics, for services and service providers. Accordingly, trust models are built to evaluate trust rates for the applicable metrics, services, and service providers. Moreover, this work addresses the trust bootstrapping challenge. The proposed trust bootstrapping approach addresses different challenges in the literature such as whitewashing and cold start. This approach is implemented through experiments, evaluations, and scenarios

Game-Theoretic Foundations for Forming Trusted Coalitions of Multi-Cloud Services in the Presence of Active and Passive Attacks

The prominence of cloud computing as a common paradigm for offering Web-based services has led to an unprecedented proliferation in the number of services that are deployed in cloud data centers. In parallel, services' communities and cloud federations have gained an increasing interest in the recent past years due to their ability to facilitate the discovery, composition, and resource scaling issues in large-scale services' markets. The problem is that the existing community and federation formation solutions deal with services as traditional software systems and overlook the fact that these services are often being offered as part of the cloud computing technology, which poses additional challenges at the architectural, business, and security levels. The motivation of this thesis stems from four main observations/research gaps that we have drawn through our literature reviews and/or experiments, which are: (1) leading cloud services such as Google and Amazon do not have incentives to group themselves into communities/federations using the existing community/federation formation solutions; (2) it is quite difficult to find a central entity that can manage the community/federation formation process in a multi-cloud environment; (3) if we allow services to rationally select their communities/federations without considering their trust relationships, these services might have incentives to structure themselves into communities/federations consisting of a large number of malicious services; and (4) the existing intrusion detection solutions in the domain of cloud computing are still ineffective in capturing advanced multi-type distributed attacks initiated by communities/federations of attackers since they overlook the attacker's strategies in their design and ignore the cloud system's resource constraints. This thesis aims to address these gaps by (1) proposing a business-oriented community formation model that accounts for the business potential of the services in the formation process to motivate the participation of services of all business capabilities, (2) introducing an inter-cloud trust framework that allows services deployed in one or disparate cloud centers to build credible trust relationships toward each other, while overcoming the collusion attacks that occur to mislead trust results even in extreme cases wherein attackers form the majority, (3) designing a trust-based game theoretical model that enables services to distributively form trustworthy multi-cloud communities wherein the number of malicious services is minimal, (4) proposing an intra-cloud trust framework that allows the cloud system to build credible trust relationships toward the guest Virtual Machines (VMs) running cloud-based services using objective and subjective trust sources, (5) designing and solving a trust-based maxmin game theoretical model that allows the cloud system to optimally distribute the detection load among VMs within a limited budget of resources, while considering Distributed Denial of Service (DDoS) attacks as a practical scenario, and (6) putting forward a resource-aware comprehensive detection and prevention system that is able to capture and prevent advanced simultaneous multi-type attacks within a limited amount of resources. We conclude the thesis by uncovering some persisting research gaps that need further study and investigation in the future

Security and trust in a Network Functions Virtualisation Infrastructure

L'abstract è presente nell'allegato / the abstract is in the attachmen

Exploiting relational tag expansion for dynamic user profile in a tag-aware ranking recommender system

A tag-aware recommender system (TRS) presents the challenge of tag sparsity in a user profile. Previous work focuses on expanding similar tags and does not link the tags with corresponding resources, therefore leading to a static user profile in the recommendation. In this article, we have proposed a new social tag expansion model (STEM) to generate a dynamic user profile to improve the recommendation performance. Instead of simply including most relevant tags, the new model focuses on the completeness of a user profile through expanding tags by exploiting their relations and includes a sufficient set of tags to alleviate the tag sparsity problem. The novel STEM-based TRS contains three operations: (1) Tag cloud generation discovers potentially relevant tags in an application domain; (2) Tag expansion finds a sufficient set of tags upon original tags; and (3) User profile refactoring builds a dynamic user profile and determines the weights of the extended tags in the profile. We analysed the STEM property in terms of recommendation accuracy and demonstrated its performance through extensive experiments over multiple datasets. The analysis and experimental results showed that the new STEM technique was able to correctly find a sufficient set of tags and to improve the recommendation accuracy by solving the tag sparsity problem. At this point, this technique has consistently outperformed state-of-art tag-aware recommendation methods in these extensive experiments

Blockchain-based Trust and Reputation Management for Securing IoT

The Internet of Things (IoT) brings connectivity to a large number of heterogeneous devices, many of which may not be trustworthy. Classical authorisation schemes can protect the network from adversaries. However, these schemes could not ascertain in situ reliability and trustworthiness of authorised nodes, as these schemes do not monitor nodes’ behaviour over the operational period. IoT nodes can be compromised post-authentication, which could impede the resiliency of the network. Trust and Reputation Managements (TRM) have the potential to overcome these issues. However, conventional centralised TRM have poor transparency and suffer from sin gle point of failures. In recent years, blockchains show promise in addressing these issues, due to the salient features, such as decentralisation, auditability and transparency. This thesis presents decentralised TRM frameworks to address specific trust issues and challenges in three core IoT functionalities. First, a TRM framework for IoT access control is proposed to address issues in conventional authorisation schemes, in which static predefined access policies are continuously enforced. The enforcements of static access policies assume that the access requestors always exhibit benign behaviour. However, in practice some requestors may actually be malicious and attempt to deceive the access policies, which raises an urgency in building an adaptive access control. In this framework, the nodes’ behaviour are progressively evaluated based on their adherence to the access control policies, and quantified into trust and reputation scores, which are then incorporated in the access control to achieve dynamic access control policies. The framework is implemented on a public Ethereum test-network interconnected with a private lab-scale network of Raspberry Pi computers. The experimental results show that the framework achieves consistent processing latencies and is feasible for implementing effective access control in decentralised IoT networks. Second, a TRM framework for blockchain-based Collaborative Intrusion Detection Systems (CIDS) is presented with an emphasis on the importance of building end-to-end trust between CIDS nodes. In a CIDS, each node contributes detection rules aiming to build collective knowledge of new attacks. Here, the TRM framework assigns trust scores to each contribution from various nodes, using which the trust- worthiness of each node is determined. These scores help protect the CIDS network from invalid detection rules, which may degrade the accuracy of attack detection. A proof-of-concept implementation of the framework is developed on a private labscale Ethereum network. The experimental results show that the solution is feasible and performs within the expected benchmarks of the Ethereum platform. Third, a TRM framework for decentralised resource sharing in 6G-enabled IoT networks is proposed, aiming to remove the inherent risks of sharing scarce resources, especially when most nodes in the network are unknown or untrusted. The proposed TRM framework helps manage the matching of resource supply and demand; and evaluates the trustworthiness of each node after the completion of the resource sharing task. The experimental results on a lab-scale proof-of-concept implementation demonstrate the feasibility of the framework as it only incurs insignificant overheads with regards to gas consumption and overall latency