Secure Cloud-Edge Deployments, with Trust

Assessing the security level of IoT applications to be deployed to heterogeneous Cloud-Edge infrastructures operated by different providers is a non-trivial task. In this article, we present a methodology that permits to express security requirements for IoT applications, as well as infrastructure security capabilities, in a simple and declarative manner, and to automatically obtain an explainable assessment of the security level of the possible application deployments. The methodology also considers the impact of trust relations among different stakeholders using or managing Cloud-Edge infrastructures. A lifelike example is used to showcase the prototyped implementation of the methodology

Privacy-Preserving Outsourcing of Large-Scale Nonlinear Programming to the Cloud

The increasing massive data generated by various sources has given birth to big data analytics. Solving large-scale nonlinear programming problems (NLPs) is one important big data analytics task that has applications in many domains such as transport and logistics. However, NLPs are usually too computationally expensive for resource-constrained users. Fortunately, cloud computing provides an alternative and economical service for resource-constrained users to outsource their computation tasks to the cloud. However, one major concern with outsourcing NLPs is the leakage of user's private information contained in NLP formulations and results. Although much work has been done on privacy-preserving outsourcing of computation tasks, little attention has been paid to NLPs. In this paper, we for the first time investigate secure outsourcing of general large-scale NLPs with nonlinear constraints. A secure and efficient transformation scheme at the user side is proposed to protect user's private information; at the cloud side, generalized reduced gradient method is applied to effectively solve the transformed large-scale NLPs. The proposed protocol is implemented on a cloud computing testbed. Experimental evaluations demonstrate that significant time can be saved for users and the proposed mechanism has the potential for practical use.Comment: Ang Li and Wei Du equally contributed to this work. This work was done when Wei Du was at the University of Arkansas. 2018 EAI International Conference on Security and Privacy in Communication Networks (SecureComm

Optimization and Regulation of Performance for Computing Systems

The current demands of computing applications, the advent of technological advances related to hardware and software, the contractual relationship between users and cloud service providers and current ecological demands, require the re\ufb01nement of performance regulation on computing systems. Powerful mathematical tools such as control systems theory, discrete event systems (DES) and randomized algorithms (RAs) have o\ufb00ered improvements in e\ufb03ciency and performance in computer scenarios where the traditional approach has been the application of well founded common sense and heuristics. The comprehensive concept of computing systems is equally related to a microprocessor unit, a set of microprocessor units in a server, a set of servers interconnected in a data center or even a network of data centers forming a cloud of virtual resources. In this dissertation, we explore theoretical approaches in order to optimize and regulate performance measures in di\ufb00erent computing systems. In several cases, such as cloud services, this optimization would allow the fair negotiation of service level agreements (SLAs) between a user and a cloud service provider, that may be objectively measured for the bene\ufb01t of both negotiators. Although DES are known to be suitable for modeling computing systems, we still \ufb01nd that traditional control theory approaches, such as passivity analysis, may o\ufb00er solutions that are worth being explored. Moreover, as the size of the problem increases, so does its complexity. RAs o\ufb00er good alternatives to make decisions on the design of the solutions of such complex problems based on given values of con\ufb01dence and accuracy. In this dissertation, we propose the development of: a) a methodology to optimize performance on a many-core processor system, b) a methodology to optimize and regulate performance on a multitier server, c) some corrections to a previously proposed passivity analysis of a market-oriented cloud model, and d) a decentralized methodology to optimize cloud performance. In all the aforementioned systems, we are interested in developing optimization methods strongly supported on DES theory, speci\ufb01cally In\ufb01nitesimal Perturbation Analysis (IPA) and RAs based on sample complexity to guarantee that these computing systems will satisfy the required optimal performance on the average

Multipath Routing in Cloud Computing using Fuzzy based Multi-Objective Optimization System in Autonomous Networks

Intelligent houses and buildings, autonomous automobiles, drones, robots, and other items that are successfully incorporated into daily life are examples of autonomous systems and the Internet of Things (IoT) that have advanced as research areas. Secured data transfer in untrusted cloud applications has been one of the most significant requirements in the cloud in recent times. In order to safeguard user data from unauthorised users, encrypted data is stored on cloud servers. Existing techniques offer either security or efficiency for data transformation. They fail to retain complete security while undergoing significant changes. This research proposes novel technique in multipath routing based energy optimization of autonomous networks. The main goal of this research is to enhance the secure data transmission in cloud computing with network energy optimization. The secure data transmission is carried out using multi-authentication attribute based encryption with multipath routing protocol. Then the network energy has been optimized using multi-objective fuzzy based reinforcement learning. The experimental analysis has been carried out based on secure data transmission and energy optimization of the network. The parameters analysed in terms of scalability of 79%, QoS of 75%, encryption time of 42%, latency of 96%, energy efficiency of 98%, end-end delay of 45%

Probabilistic QoS-aware Placement of VNF chains at the Edge

Deploying IoT-enabled Virtual Network Function (VNF) chains to Cloud-Edge infrastructures requires determining a placement for each VNF that satisfies all set deployment requirements as well as a software-defined routing of traffic flows between consecutive functions that meets all set communication requirements. In this article, we present a declarative solution, EdgeUsher, to the problem of how to best place VNF chains to Cloud-Edge infrastructures. EdgeUsher can determine all eligible placements for a set of VNF chains to a Cloud-Edge infrastructure so to satisfy all of their hardware, IoT, security, bandwidth, and latency requirements. It exploits probability distributions to model the dynamic variations in the available Cloud-Edge infrastructure, and to assess output eligible placements against those variations

Optimized Pricing Scheme in Cloud Environment Using Dedupication

IAAS environment is referred as resources with VM instanSces. Customers can?t utilize all resource, but provide full charge for allocated storage.And in server side, storage are not utilized, so scalability become degraded. Implement best billing cycle for access and utilize the resources. Data Deduplication is becoming increasingly popular in storage systems as a space-efficient approach to data backup. Present SiLo, a near-exact deduplication system.That effectively and complementarily exploits similarity and locality to achieve high duplicate elimination. The data secure storing and sharing of the files

Secure Data Management and Transmission Infrastructure for the Future Smart Grid

Power grid has played a crucial role since its inception in the Industrial Age. It has evolved from a wide network supplying energy for incorporated multiple areas to the largest cyber-physical system. Its security and reliability are crucial to any country’s economy and stability [1]. With the emergence of the new technologies and the growing pressure of the global warming, the aging power grid can no longer meet the requirements of the modern industry, which leads to the proposal of ‘smart grid’. In smart grid, both electricity and control information communicate in a massively distributed power network. It is essential for smart grid to deliver real-time data by communication network. By using smart meter, AMI can measure energy consumption, monitor loads, collect data and forward information to collectors. Smart grid is an intelligent network consists of many technologies in not only power but also information, telecommunications and control. The most famous structure of smart grid is the three-layer structure. It divides smart grid into three different layers, each layer has its own duty. All these three layers work together, providing us a smart grid that monitor and optimize the operations of all functional units from power generation to all the end-customers [2]. To enhance the security level of future smart grid, deploying a high secure level data transmission scheme on critical nodes is an effective and practical approach. A critical node is a communication node in a cyber-physical network which can be developed to meet certain requirements. It also has firewalls and capability of intrusion detection, so it is useful for a time-critical network system, in other words, it is suitable for future smart grid. The deployment of such a scheme can be tricky regarding to different network topologies. A simple and general way is to install it on every node in the network, that is to say all nodes in this network are critical nodes, but this way takes time, energy and money. Obviously, it is not the best way to do so. Thus, we propose a multi-objective evolutionary algorithm for the searching of critical nodes. A new scheme should be proposed for smart grid. Also, an optimal planning in power grid for embedding large system can effectively ensure every power station and substation to operate safely and detect anomalies in time. Using such a new method is a reliable method to meet increasing security challenges. The evolutionary frame helps in getting optimum without calculating the gradient of the objective function. In the meanwhile, a means of decomposition is useful for exploring solutions evenly in decision space. Furthermore, constraints handling technologies can place critical nodes on optimal locations so as to enhance system security even with several constraints of limited resources and/or hardware. The high-quality experimental results have validated the efficiency and applicability of the proposed approach. It has good reason to believe that the new algorithm has a promising space over the real-world multi-objective optimization problems extracted from power grid security domain. In this thesis, a cloud-based information infrastructure is proposed to deal with the big data storage and computation problems for the future smart grid, some challenges and limitations are addressed, and a new secure data management and transmission strategy regarding increasing security challenges of future smart grid are given as well