11,889 research outputs found
Recommended from our members
Secure communication using dynamic VPN provisioning in an Inter-Cloud environment
Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualised computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud enviroment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the srevice owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offer a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and flexibility of peer- to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results carried out on two commercial clouds
Fog Computing: A Taxonomy, Survey and Future Directions
In recent years, the number of Internet of Things (IoT) devices/sensors has
increased to a great extent. To support the computational demand of real-time
latency-sensitive applications of largely geo-distributed IoT devices/sensors,
a new computing paradigm named "Fog computing" has been introduced. Generally,
Fog computing resides closer to the IoT devices/sensors and extends the
Cloud-based computing, storage and networking facilities. In this chapter, we
comprehensively analyse the challenges in Fogs acting as an intermediate layer
between IoT devices/ sensors and Cloud datacentres and review the current
developments in this field. We present a taxonomy of Fog computing according to
the identified challenges and its key features.We also map the existing works
to the taxonomy in order to identify current research gaps in the area of Fog
computing. Moreover, based on the observations, we propose future directions
for research
SDN based Network Function Parallelism in Cloud
Network function virtualization (NFV) based service function chaining (SFC)
allows the provisioning of various security and traffic engineering
applications in a cloud network. Inefficient deployment of network functions
can lead to security violations and performance overhead. In an OpenFlow
enabled cloud, the key problem with current mechanisms is that several packet
field match and flow rule action sets associated with the network functions are
non-overlapping and can be parallelized for performance enhancement. We
introduce Network Function Parallelism (NFP) SFC-NFP for OpenFlow network. Our
solution utilizes network function parallelism over the OpenFlow rules to
improve SFC performance in the cloud network. We have utilized the DPDK
platform with an OpenFlow switch (OVS) for experimental analysis. Our solution
achieves a 1.40-1.90x reduction in latency for SFC in an OpenStack cloud
network managed by the SDN framework.Comment: 5 page
Identity and Access Management System: a Web-Based Approach for an Enterprise
Managing digital identities and access control for enterprise users and applications remains one of the greatest challenges facing computing today. An attempt to address this issue led to the proposed security paradigm called Identity and Access Management (IAM) service based on IAM standards. Current approaches such as Lightweight Directory Access Protocol (LDAP), Central Authentication Service (CAS) and Security Assertion Markup Language (SAML) lack comprehensive analysis from conception to physical implementation to incorporate these solutions thereby resulting in impractical and fractured solutions. In this paper, we have implemented Identity and Access Management System (IAMSys) using the Lightweight Directory Access Protocol (LDAP) which focuses on authentication, authorization, administration of identities and audit reporting. Its primary concern is verification of the identity of the entity and granting correct level of access for resources which are protected in either the cloud environment or on-premise systems. A phased approach methodology was used in the research where it requires any enterprise or organization willing to adopt this must carry out a careful planning and demonstrated a good understanding of the technologies involved. The results of the experimental evaluation indicated that the average rating score is 72.0 % for the participants involved in this study. This implies that the idea of IAMSys is a way to mitigating security challenges associated with authentication, authorization, data protection and accountability if properly deployed
- …