Opening Up OpenStack’s Identity Service

OpenStack is a relatively new open source cloud computing project. It has rapidly become very popular since its first release on 21st October 2010. It has thousands of members, comprising technologists, developers, researchers, and cloud computing experts from 87 countries and more than 140 organisations. Despite is openness until the University of Kent started to work with OpenStack, its Keystone identity service had no federated identity management capabilities, and all user accounts and passwords had to be stored in Keystone, usually in a backend LDAP directory. This talk will describe the way that protocol independent federated access has been integrated into the core release of Keystone

Using Open Stack for an Open Cloud Exchange(OCX)

We are developing a new public cloud, the Massachusetts Open Cloud (MOC) based on the model of an Open Cloud eXchange (OCX). We discuss in this paper the vision of an OCX and how we intend to realize it using the OpenStack open-source cloud platform in the MOC. A limited form of an OCX can be achieved today by layering new services on top of OpenStack. We have performed an analysis of OpenStack to determine the changes needed in order to fully realize the OCX model. We describe these proposed changes, which although significant and requiring broad community involvement will provide functionality of value to both existing single-provider clouds as well as future multi-provider ones

Attack vectors against social networking systems : the Facebook example

Social networking systems (SNS&rsquo;s) such as Facebook are an ever evolving and developing means of social interaction, which is not only being used to disseminate information to family, friends and colleagues but as a way of meeting and interacting with &quot;strangers&quot; through the advent of a large number of social applications. The attractiveness of such software has meant a dramatic increase in the number of frequent users of SNS&rsquo;s and the threats which were once common to the Internet have now been magnified, intensified and altered as the potential for criminal behaviour on SNS&rsquo;s increases. Social networking sites including Facebook contain a vast amount of personal information, that if obtained could be used for other purposes or to carry out other crimes such as identity theft. This paper will focus on the security threats posed to social networking sites and gain an understanding of these risks by using a security approach known as &ldquo;attack trees&rdquo;. This will allow for a greater understanding of the complexity associated with protecting Social Networking systems with a particular focus on Facebook.<br /

SoK: A Systematic Review of TEE Usage for Developing Trusted Applications

Trusted Execution Environments (TEEs) are a feature of modern central processing units (CPUs) that aim to provide a high assurance, isolated environment in which to run workloads that demand both confidentiality and integrity. Hardware and software components in the CPU isolate workloads, commonly referred to as Trusted Applications (TAs), from the main operating system (OS). This article aims to analyse the TEE ecosystem, determine its usability, and suggest improvements where necessary to make adoption easier. To better understand TEE usage, we gathered academic and practical examples from a total of 223 references. We summarise the literature and provide a publication timeline, along with insights into the evolution of TEE research and deployment. We categorise TAs into major groups and analyse the tools available to developers. Lastly, we evaluate trusted container projects, test performance, and identify the requirements for migrating applications inside them.Comment: In The 18th International Conference on Availability, Reliability and Security (ARES 2023), August 29 -- September 01, 2023, Benevento, Italy. 15 page

Phenomenology Tools on Cloud Infrastructures using OpenStack

We present a new environment for computations in particle physics phenomenology employing recent developments in cloud computing. On this environment users can create and manage "virtual" machines on which the phenomenology codes/tools can be deployed easily in an automated way. We analyze the performance of this environment based on "virtual" machines versus the utilization of "real" physical hardware. In this way we provide a qualitative result for the influence of the host operating system on the performance of a representative set of applications for phenomenology calculations.Comment: 25 pages, 12 figures; information on memory usage included, as well as minor modifications. Version to appear in EPJ

New Paradigms for Evaluating Performance and Performance Persistency of Domestic and Globally Diversified Portfolios

This manuscript reexamines performance evaluation of managed portfolios. Past measures of portfolio evaluation such as the Sharpe, Treynor, and Jensen measures are subject either to the inability to rank performance based on statistical significance, or are dependent on both a single factor CAPM return generating process and the selected market portfolio. Recent studies show performance ranking is sensitive to the selection of the market proxy when the security market line is used to evaluate performance. Additionally, CAPM based measures that appeared to work well in the 1960\u27s no longer appear to function effectively. Many anomalies to CAPM have been documented since the 1970\u27s and recently, Fama and French (1992) declared the CAPM beta to be dead. To date, no agreement among scholars has been reached on the appropriate return generating process or the appropriate market proxy. Therefore, performance evaluation of managed portfolios is laden with ambiguity. What is needed is a measure that can rank performance on a statistically significant basis, is applicable to a variety of return generation processes, is free of the requirement to observe the market portfolio or the true risk free proxy, and can bridge the gap between theory and practice. This manuscript provides such a measure. The economic and legal rationale for portfolio manager behavior is reviewed, a method to detect if the differences in performance are statistically significant is provided, and a method to rank portfolios with statistically significant performance differences is provided. The proposed methodology is tested empirically on open-end mutual funds for the period September 1981-94 and results of the new measure are compared with those of the traditional measures. Further, tests of performance persistency are conducted to detect if past relative performance can be a guide for predicting future relative performance. Finally, persistency test results for the four methods of evaluating performance are compared. Results indicate that while performance and performance persistency exists for traditional measures, it is not evident with the proposed procedure. This supports the efficient market hypothesis and suggests that performance detected with traditional measures is merely a CAPM anomaly, not true differential performance