836 research outputs found
Security risk assessment in cloud computing domains
Cyber security is one of the primary concerns persistent across any computing platform. While addressing the apprehensions about security risks, an infinite amount of resources cannot be invested in mitigation measures since organizations operate under budgetary constraints. Therefore the task of performing security risk assessment is imperative to designing optimal mitigation measures, as it provides insight about the strengths and weaknesses of different assets affiliated to a computing platform.
The objective of the research presented in this dissertation is to improve upon existing risk assessment frameworks and guidelines associated to different key assets of Cloud computing domains - infrastructure, applications, and users. The dissertation presents various informal approaches of performing security risk assessment which will help to identify the security risks confronted by the aforementioned assets, and utilize the results to carry out the required cost-benefit tradeoff analyses. This will be beneficial to organizations by aiding them in better comprehending the security risks their assets are exposed to and thereafter secure them by designing cost-optimal mitigation measures --Abstract, page iv
Resource Allocation in Networking and Computing Systems: A Security and Dependability Perspective
In recent years, there has been a trend to integrate networking and computing systems, whose management is getting increasingly complex. Resource allocation is one of the crucial aspects of managing such systems and is affected by this increased complexity. Resource allocation strategies aim to effectively maximize performance, system utilization, and profit by considering virtualization technologies, heterogeneous resources, context awareness, and other features. In such complex scenario, security and dependability are vital concerns that need to be considered in future computing and networking systems in order to provide the future advanced services, such as mission-critical applications. This paper provides a comprehensive survey of existing literature that considers security and dependability for resource allocation in computing and networking systems. The current research works are categorized by considering the allocated type of resources for different technologies, scenarios, issues, attributes, and solutions. The paper presents the research works on resource allocation that includes security and dependability, both singularly and jointly. The future research directions on resource allocation are also discussed. The paper shows how there are only a few works that, even singularly, consider security and dependability in resource allocation in the future computing and networking systems and highlights the importance of jointly considering security and dependability and the need for intelligent, adaptive and robust solutions. This paper aims to help the researchers effectively consider security and dependability in future networking and computing systems.publishedVersio
Microservices-based IoT Applications Scheduling in Edge and Fog Computing: A Taxonomy and Future Directions
Edge and Fog computing paradigms utilise distributed, heterogeneous and
resource-constrained devices at the edge of the network for efficient
deployment of latency-critical and bandwidth-hungry IoT application services.
Moreover, MicroService Architecture (MSA) is increasingly adopted to keep up
with the rapid development and deployment needs of the fast-evolving IoT
applications. Due to the fine-grained modularity of the microservices along
with their independently deployable and scalable nature, MSA exhibits great
potential in harnessing both Fog and Cloud resources to meet diverse QoS
requirements of the IoT application services, thus giving rise to novel
paradigms like Osmotic computing. However, efficient and scalable scheduling
algorithms are required to utilise the said characteristics of the MSA while
overcoming novel challenges introduced by the architecture. To this end, we
present a comprehensive taxonomy of recent literature on microservices-based
IoT applications scheduling in Edge and Fog computing environments.
Furthermore, we organise multiple taxonomies to capture the main aspects of the
scheduling problem, analyse and classify related works, identify research gaps
within each category, and discuss future research directions.Comment: 35 pages, 10 figures, submitted to ACM Computing Survey
A Game-Theoretic Approach to Strategic Resource Allocation Mechanisms in Edge and Fog Computing
With the rapid growth of Internet of Things (IoT), cloud-centric application management raises
questions related to quality of service for real-time applications. Fog and edge computing
(FEC) provide a complement to the cloud by filling the gap between cloud and IoT. Resource
management on multiple resources from distributed and administrative FEC nodes is a key
challenge to ensure the quality of end-user’s experience. To improve resource utilisation and
system performance, researchers have been proposed many fair allocation mechanisms for
resource management. Dominant Resource Fairness (DRF), a resource allocation policy for
multiple resource types, meets most of the required fair allocation characteristics. However,
DRF is suitable for centralised resource allocation without considering the effects (or
feedbacks) of large-scale distributed environments like multi-controller software defined
networking (SDN). Nash bargaining from micro-economic theory or competitive equilibrium
equal incomes (CEEI) are well suited to solving dynamic optimisation problems proposing to
‘proportionately’ share resources among distributed participants. Although CEEI’s
decentralised policy guarantees load balancing for performance isolation, they are not faultproof
for computation offloading.
The thesis aims to propose a hybrid and fair allocation mechanism for rejuvenation of
decentralised SDN controller deployment. We apply multi-agent reinforcement learning
(MARL) with robustness against adversarial controllers to enable efficient priority scheduling
for FEC. Motivated by software cybernetics and homeostasis, weighted DRF is generalised by
applying the principles of feedback (positive or/and negative network effects) in reverse game
theory (GT) to design hybrid scheduling schemes for joint multi-resource and multitask
offloading/forwarding in FEC environments.
In the first piece of study, monotonic scheduling for joint offloading at the federated edge is
addressed by proposing truthful mechanism (algorithmic) to neutralise harmful negative and
positive distributive bargain externalities respectively. The IP-DRF scheme is a MARL
approach applying partition form game (PFG) to guarantee second-best Pareto optimality
viii | P a g e
(SBPO) in allocation of multi-resources from deterministic policy in both population and
resource non-monotonicity settings. In the second study, we propose DFog-DRF scheme to
address truthful fog scheduling with bottleneck fairness in fault-probable wireless hierarchical
networks by applying constrained coalition formation (CCF) games to implement MARL. The
multi-objective optimisation problem for fog throughput maximisation is solved via a
constraint dimensionality reduction methodology using fairness constraints for efficient
gateway and low-level controller’s placement.
For evaluation, we develop an agent-based framework to implement fair allocation policies in
distributed data centre environments. In empirical results, the deterministic policy of IP-DRF
scheme provides SBPO and reduces the average execution and turnaround time by 19% and
11.52% as compared to the Nash bargaining or CEEI deterministic policy for 57,445 cloudlets
in population non-monotonic settings. The processing cost of tasks shows significant
improvement (6.89% and 9.03% for fixed and variable pricing) for the resource non-monotonic
setting - using 38,000 cloudlets. The DFog-DRF scheme when benchmarked against asset fair
(MIP) policy shows superior performance (less than 1% in time complexity) for up to 30 FEC
nodes. Furthermore, empirical results using 210 mobiles and 420 applications prove the
efficacy of our hybrid scheduling scheme for hierarchical clustering considering latency and
network usage for throughput maximisation.Abubakar Tafawa Balewa University, Bauchi (Tetfund, Nigeria
A comparison of resource allocation process in grid and cloud technologies
Grid Computing and Cloud Computing are two different technologies that have emerged to validate the long-held dream of computing as utilities which led to an important revolution in IT industry. These technologies came with several challenges in terms of middleware, programming model, resources management and business models. These challenges are seriously considered by Distributed System research. Resources allocation is a key challenge in both technologies as it causes the possible resource wastage and service degradation. This paper is addressing a comprehensive study of the resources allocation processes in both technologies. It provides the researchers with an in-depth understanding of all resources allocation related aspects and associative challenges, including: load balancing, performance, energy consumption, scheduling algorithms, resources consolidation and migration. The comparison also contributes an informal definition of the Cloud resource allocation process. Resources in the Cloud are being shared by all users in a time and space sharing manner, in contrast to dedicated resources that governed by a queuing system in Grid resource management. Cloud Resource allocation suffers from extra challenges abbreviated by achieving good load balancing and making right consolidation decision
Partitioning workflow applications over federated clouds to meet non-functional requirements
PhD ThesisWith cloud computing, users can acquire computer resources when they need them
on a pay-as-you-go business model. Because of this, many applications are now being
deployed in the cloud, and there are many di erent cloud providers worldwide. Importantly,
all these various infrastructure providers o er services with di erent levels
of quality. For example, cloud data centres are governed by the privacy and security
policies of the country where the centre is located, while many organisations have
created their own internal \private cloud" to meet security needs.
With all this varieties and uncertainties, application developers who decide to host their
system in the cloud face the issue of which cloud to choose to get the best operational
conditions in terms of price, reliability and security. And the decision becomes even
more complicated if their application consists of a number of distributed components,
each with slightly di erent requirements.
Rather than trying to identify the single best cloud for an application, this thesis
considers an alternative approach, that is, combining di erent clouds to meet users'
non-functional requirements. Cloud federation o ers the ability to distribute a single
application across two or more clouds, so that the application can bene t from the
advantages of each one of them. The key challenge for this approach is how to nd the
distribution (or deployment) of application components, which can yield the greatest
bene ts. In this thesis, we tackle this problem and propose a set of algorithms, and a
framework, to partition a work
ow-based application over federated clouds in order to
exploit the strengths of each cloud. The speci c goal is to split a distributed application
structured as a work
ow such that the security and reliability requirements of each
component are met, whilst the overall cost of execution is minimised.
To achieve this, we propose and evaluate a cloud broker for partitioning a work
ow
application over federated clouds. The broker integrates with the e-Science Central
cloud platform to automatically deploy a work
ow over public and private clouds.
We developed a deployment planning algorithm to partition a large work
ow appli-
- i -
cation across federated clouds so as to meet security requirements and minimise the
monetary cost.
A more generic framework is then proposed to model, quantify and guide the partitioning
and deployment of work
ows over federated clouds. This framework considers
the situation where changes in cloud availability (including cloud failure) arise during
work
ow execution
- …