1,293 research outputs found
A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view
Dynamic deployment of web services on the internet or grid
PhD ThesisThis thesis focuses on the area of dynamic Web Service deployment for grid and
Internet applications. It presents a new Dynamic Service Oriented Architecture
(DynaSOAr) that enables the deployment of Web Services at run-time in response to
consumer requests.
The service-oriented approach to grid and Internet computing is centred on two
parties: the service provider and the service consumer. This thesis investigates the
introduction of mobility into this service-oriented approach allowing for better use of
resources and improved quality of service. To this end, it examines the role of the
service provider and makes the case for a clear separation of its concerns into two
distinct roles: that of a Web Service Provider, whose responsibility is to receive and
direct consumer requests and supply service implementations, and a Host Provider,
whose role is to deploy services and process consumers' requests on available
resources. This separation of concerns breaks the implicit bond between a published
Web Service endpoint (network address) and the resource upon which the service is
deployed. It also allows the architecture to respond dynamically to changes in service
demand and the quality of service requirements. Clearly defined interfaces for each
role are presented, which form the infrastructure of DynaSOAr. The approach taken
is wholly based on Web Services.
The dynamic deployment of service code between separate roles, potentially running
in different administrative domains, raises a number of security issues which are
addressed. A DynaSOAr service invocation involves three parties: the requesting
Consumer, a Web Service Provider and a Host Provider; this tripartite relationship
requires a security model that allows the concerns of each party to be enforced for a
given invocation. This thesis, therefore, presents a Tripartite Security Model and an
architecture that allows the representation, propagation and enforcement of three
separate sets of constraints.
A prototype implementation of DynaSOAr is used to evaluate the claims made, and
the results show that a significant benefit in terms of round-trip execution time for
data-intensive applications is achieved. Additional benefits in terms of parallel
deployments to satisfy multiple concurrent requests are also shown
A Survey on the Evolution of Stream Processing Systems
Stream processing has been an active research field for more than 20 years,
but it is now witnessing its prime time due to recent successful efforts by the
research community and numerous worldwide open-source communities. This survey
provides a comprehensive overview of fundamental aspects of stream processing
systems and their evolution in the functional areas of out-of-order data
management, state management, fault tolerance, high availability, load
management, elasticity, and reconfiguration. We review noteworthy past research
findings, outline the similarities and differences between early ('00-'10) and
modern ('11-'18) streaming systems, and discuss recent trends and open
problems.Comment: 34 pages, 15 figures, 5 table
STRETCH: Virtual Shared-Nothing Parallelism for Scalable and Elastic Stream Processing
Stream processing applications extract value from raw data through Directed
Acyclic Graphs of data analysis tasks. Shared-nothing (SN) parallelism is the
de-facto standard to scale stream processing applications. Given an
application, SN parallelism instantiates several copies of each analysis task,
making each instance responsible for a dedicated portion of the overall
analysis, and relies on dedicated queues to exchange data among connected
instances. On the one hand, SN parallelism can scale the execution of
applications both up and out since threads can run task instances within and
across processes/nodes. On the other hand, its lack of sharing can cause
unnecessary overheads and hinder the scaling up when threads operate on data
that could be jointly accessed in shared memory. This trade-off motivated us in
studying a way for stream processing applications to leverage shared memory and
boost the scale up (before the scale out) while adhering to the widely-adopted
and SN-based APIs for stream processing applications.
We introduce STRETCH, a framework that maximizes the scale up and offers
instantaneous elastic reconfigurations (without state transfer) for stream
processing applications. We propose the concept of Virtual Shared-Nothing (VSN)
parallelism and elasticity and provide formal definitions and correctness
proofs for the semantics of the analysis tasks supported by STRETCH, showing
they extend the ones found in common Stream Processing Engines. We also provide
a fully implemented prototype and show that STRETCH's performance exceeds that
of state-of-the-art frameworks such as Apache Flink and offers, to the best of
our knowledge, unprecedented ultra-fast reconfigurations, taking less than 40
ms even when provisioning tens of new task instances
- …