Managing identities in cloud computing environments

As cloud computing becomes a hot spot of research, the security issues of clouds raise concerns and attention from academic research community. A key area of cloud security is managing users’ identities, which is fundamental and important to other aspects of cloud computing. A number of identity management frameworks and systems are introduced and analysed. Issues remaining in them are discussed and potential solutions and countermeasures are proposed

Cloud computing adoption in enterprise: challenges and benefits

Loss of the business and downturn of economics are part of almost all types of business activities. There are also new concepts and technologies evolved and entrepreneurs need to keep update accordingly. Therefore, business people have to concentrate on keep exploring new ways to cut down expenses without compromising on the quality. One of the options is to go for the latest technologies. Taking into consideration these problems, the entrepreneurs always choose the right technology to minimise losses, increase efficiency and maximise their profit. In order to help out the entrepreneurs, the IT industries have developed platforms for businesses to use shared resources and online applications through cloud computing. The significant role played by cloud computing in providing a solution to the problems faced by business enterprises to increase business growth and help them to stay alive in a competitive environment. Cloud computing also brings efficiency in managing business resources and make improvements in traditional business practices. It also facilitates the enterprises to avoid unnecessary expenses of procedural and administrative nature, hardware and software costs. Apart from the advantages of cloud computing have certain drawbacks also. The main issue is the security in cloud computing considering the attacks on the cloud too. The primary objective of this paper is to highlight the benefits, challenges in adopting cloud computing and utilizing services offered by cloud computing. Recommendations have also been made to ease the adoption process and how to address security issues.The method has been used is the secondary research, that is collecting the respective data from published journal papers and conference papers.Published onlin

Continuous and transparent multimodal authentication: reviewing the state of the art

Individuals, businesses and governments undertake an ever-growing range of activities online and via various Internet-enabled digital devices. Unfortunately, these activities, services, information and devices are the targets of cybercrimes. Verifying the user legitimacy to use/access a digital device or service has become of the utmost importance. Authentication is the frontline countermeasure of ensuring only the authorized user is granted access; however, it has historically suffered from a range of issues related to the security and usability of the approaches. They are also still mostly functioning at the point of entry and those performing sort of re-authentication executing it in an intrusive manner. Thus, it is apparent that a more innovative, convenient and secure user authentication solution is vital. This paper reviews the authentication methods along with the current use of authentication technologies, aiming at developing a current state-of-the-art and identifying the open problems to be tackled and available solutions to be adopted. It also investigates whether these authentication technologies have the capability to fill the gap between high security and user satisfaction. This is followed by a literature review of the existing research on continuous and transparent multimodal authentication. It concludes that providing users with adequate protection and convenience requires innovative robust authentication mechanisms to be utilized in a universal level. Ultimately, a potential federated biometric authentication solution is presented; however it needs to be developed and extensively evaluated, thus operating in a transparent, continuous and user-friendly manner

Um modelo de processos de gestão de federações de provedores de serviços de software

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico, Programa de Pós-Graduação em Engenharia de Automação e Sistemas, Florianópolis, 2014.O desenvolvimento das TIs trouxe diversas mudanças na maneira como o software é desenvolvido e distribuído. A computação em nuvem é um dos motivos desta mudança, que propicia a distribuição de software não mais como produto e sim como serviço. Com isso, do ponto de vista de negócios, a necessidade de reuso e integração de serviços ampliou a adesão ao SOA, que facilita a interação dos serviços entre aplicações e empresas. Como grande parte da indústria deste ramo é movimentada pelas MPMEs, uma alternativa para busca do melhor aproveitamento das oportunidades de mercado é através das alianças estratégicas. Diversas abordagens são apresentadas na literatura, uma abordagem clássica bastante comum no contexto da cadeia de suprimentos são os arranjos produtivos locais (APL). Devido aos resultados trazidos pela globalização, as TICs impuseram profundas mudanças nos paradigmas organizacionais, favorecendo o estabelecimento de novas Redes Colaborativas, que são auxiliadas pela internet. Dentre as várias redes que existem com diferentes características e desdobramentos, o Ambiente de Criação de organizações Virtuais (ACV) busca facilitar o processo de criação de Organizações Virtuais (OVs) e sua finalidade é proporcionar uma aliança temporária para aproveitar uma oportunidade de negócios. Neste contexto é necessário tratar da gestão dessa colaboração, ou seja, saber o que fazer para colaborar e como manter essa colaboração. Para apoiar essa tarefa, nesta dissertação de mestrado foi desenvolvido um modelo de gestão de uma Federação de Provedores de Serviços de Software, para as empresas trabalharem colaborativamente a fim de prover serviços de software de maior valor agregado. Este modelo apresenta a gestão da Federação em diversos processos, de modo a enquadrar todos os requisitos necessários a sua manutenção. Os processos foram classificados conforme o ciclo de vida da Federação, e suas definições e objetivos foram também descritos. Para avaliar o modelo, houve uma interação com um grupo de especialistas através de um survey, cujo feedback atesta a relevância deste trabalho e a completude do modelo.Abstract : The IT development brought several changes in the way how software is developed and distributed. The cloud computing is one of the reasons of it by supporting the software distribution not as a product anymore, but as a service. In this way, at the business point of view, the need of software reuse and integration has increased the SOA adoption, which supports service interaction between applications and enterprises. Since most of the industry in this area is moved by SMEs, an alternative in order to better take the business opportunities is through strategic alliances. Several approaches are presented in the literature, a classical one very usual in the supply chain context are local productive arrangements. Due to the results brought by the globalization, the ICTs have imposed deeply changes into the organizational paradigms, it beneficiates the establishment of new Collaborative Networks, which is supported by the internet. Among various existent networks with distinct characteristics and endeavors, the Virtual Breeding Environment (VBE) seeks to assist the process of creation of Virtual Organizations (VOs) and your purpose is to provide a temporary alliance in order to take advantage of a business opportunity. In this regard it is necessary to deal with the management of collaboration, in other words, to know what to do to collaborate and how to maintain it. In order to support it, in this master?s thesis it was developed a model of management of a Federation of Software Service Providers, so that the enterprises work collaboratively to provide software service with higher value. This model presents the management of the Federation into processes, in a way to fit all the requirements needed to its maintenance. The processes were classified according to the Federation?s lifecycle, and its definitions and purposes were also described. To evaluate the model, there was an interaction with an expert group through a survey, whose feedback certifies the relevance of this work and the completeness of the model

Tunable Security for Deployable Data Outsourcing

Security mechanisms like encryption negatively affect other software quality characteristics like efficiency. To cope with such trade-offs, it is preferable to build approaches that allow to tune the trade-offs after the implementation and design phase. This book introduces a methodology that can be used to build such tunable approaches. The book shows how the proposed methodology can be applied in the domains of database outsourcing, identity management, and credential management