214,531 research outputs found

    A Secure and Fair Resource Sharing Model for Community Clouds

    Get PDF
    Cloud computing has gained a lot of importance and has been one of the most discussed segment of today\u27s IT industry. As enterprises explore the idea of using clouds, concerns have emerged related to cloud security and standardization. This thesis explores whether the Community Cloud Deployment Model can provide solutions to some of the concerns associated with cloud computing. A secure framework based on trust negotiations for resource sharing within the community is developed as a means to provide standardization and security while building trust during resource sharing within the community. Additionally, a model for fair sharing of resources is developed which makes the resource availability and usage transparent to the community so that members can make informed decisions about their own resource requirements based on the resource usage and availability within the community. Furthermore, the fair-share model discusses methods that can be employed to address situations when the demand for a resource is higher than the resource availability in the resource pool. Various methods that include reduction in the requested amount of resource, early release of the resources and taxing members have been studied, Based on comparisons of these methods along with the advantages and disadvantages of each model outlined, a hybrid method that only taxes members for unused resources is developed. All these methods have been studied through simulations

    Privacy In The Smart Grid: An Information Flow Analysis

    Get PDF
    Project Final Report prepared for CIEE and California Energy Commissio

    Business roles and negotiation models for Web service based provision

    No full text
    The emergence of XML as the lingua franca for communication among applications over the Web, the recent advances in service oriented computing and in web service architectures and the applicability of these technologies in the area of eCommerce necessitates the conceptualisation of business roles and negotiation models for web service based provision. According to the web service paradigm it is envisaged that services will be provided to customers based on dynamic web service composition. This places additional requirements to SLA negotiation in comparison to the traditional service provision paradigm where negotiation for service was performed with a single service provider system. This paper addresses the research challenges with regard to SLA negotiation for web service based provision and outlines business roles and a negotiation model for establishing SLAs with multiple web service providers in order to offer combined web service functionality to match user needs

    Future consumer mobile phone security: a case study using the data centric security model

    Get PDF
    In the interconnected world that we live in, traditional security barriers are\ud broken down. Developments such as outsourcing, increased usage of mobile\ud devices and wireless networks each cause new security problems.\ud To address the new security threats, a number of solutions have been suggested,\ud mostly aiming at securing data rather than whole systems or networks.\ud However, these visions (such as proposed by the Jericho Forum [9] and IBM\ud [4]) are mostly concerned with large (inter-) enterprise systems. Until now, it is\ud unclear what data-centric security could mean for other systems and environments.\ud One particular category of systems that has been neglected is that of\ud consumer mobile phones. Currently, data security is usually limited to a PIN\ud number on startup and the option to disable wireless connections. The lack of\ud protection does not seem justified, as these devices have steadily increased in\ud capabilities and capacity; they can connect wirelessly to the Internet and have\ud a high risk of being lost or stolen [8]. This not only puts end users at risk, but\ud also their contacts, as phones can contain privacy sensitive data of many others.\ud For example, if birth dates and addresses are kept with the contact records, in\ud many cases a thief will have enough information to impersonate a contact and\ud steal his identity.\ud Could consumer mobile phones benefit from data-centric security? How\ud useful is data-centric security in this context? These are the core questions we\ud will try to address here

    Cloud Security : A Review of Recent Threats and Solution Models

    Get PDF
    The most significant barrier to the wide adoption of cloud services has been attributed to perceived cloud insecurity (Smitha, Anna and Dan, 2012). In an attempt to review this subject, this paper will explore some of the major security threats to the cloud and the security models employed in tackling them. Access control violations, message integrity violations, data leakages, inability to guarantee complete data deletion, code injection, malwares and lack of expertise in cloud technology rank the major threats. The European Union invested €3m in City University London to research into the certification of Cloud security services. This and more recent developments are significant in addressing increasing public concerns regarding the confidentiality, integrity and privacy of data held in cloud environments. Some of the current cloud security models adopted in addressing cloud security threats were – Encryption of all data at storage and during transmission. The Cisco IronPort S-Series web security appliance was among security solutions to solve cloud access control issues. 2-factor Authentication with RSA SecurID and close monitoring appeared to be the most popular solutions to authentication and access control issues in the cloud. Database Active Monitoring, File Active Monitoring, URL Filters and Data Loss Prevention were solutions for detecting and preventing unauthorised data migration into and within clouds. There is yet no guarantee for a complete deletion of data by cloud providers on client requests however; FADE may be a solution (Yang et al., 2012)
    • 

    corecore