112,764 research outputs found
Computing on Masked Data to improve the Security of Big Data
Organizations that make use of large quantities of information require the
ability to store and process data from central locations so that the product
can be shared or distributed across a heterogeneous group of users. However,
recent events underscore the need for improving the security of data stored in
such untrusted servers or databases. Advances in cryptographic techniques and
database technologies provide the necessary security functionality but rely on
a computational model in which the cloud is used solely for storage and
retrieval. Much of big data computation and analytics make use of signal
processing fundamentals for computation. As the trend of moving data storage
and computation to the cloud increases, homeland security missions should
understand the impact of security on key signal processing kernels such as
correlation or thresholding. In this article, we propose a tool called
Computing on Masked Data (CMD), which combines advances in database
technologies and cryptographic tools to provide a low overhead mechanism to
offload certain mathematical operations securely to the cloud. This article
describes the design and development of the CMD tool.Comment: 6 pages, Accepted to IEEE HST Conferenc
BRACELET: Hierarchical Edge-Cloud Microservice Infrastructure for Scientific Instruments’ Lifetime Connectivity
Recent advances in cyber-infrastructure have enabled digital data sharing and ubiquitous network connectivity between scientific instruments and cloud-based storage infrastructure for uploading, storing, curating, and correlating of large amounts of materials and semiconductor fabrication data and metadata. However, there is still a significant number of scientific instruments running on old operating systems that are taken offline and cannot connect to the cloud infrastructure, due to security and performance concerns. In this paper, we propose BRACELET - an edge-cloud infrastructure that augments the existing cloud-based infrastructure with edge devices and helps to tackle the unique performance and security challenges that scientific instruments face when they are connected to the cloud through public network. With BRACELET, we put a networked edge device, called cloudlet, in between the scientific instruments and the cloud as the middle tier of a three-tier hierarchy. The cloudlet will shape and protect the data traffic from scientific instruments to the cloud, and will play a foundational role in keeping the instruments connected throughout its lifetime, and continuously providing the otherwise missing performance and security features for the instrument as its operating system ages.NSF Award Number 1659293NSF Award Number 1443013Ope
Leveraging the Cloud for Software Security Services.
This thesis seeks to leverage the advances in cloud computing in order to address modern
security threats, allowing for completely novel architectures that provide dramatic
improvements and asymmetric gains beyond what is possible using current approaches.
Indeed, many of the critical security problems facing the Internet and its users are inadequately
addressed by current security technologies. Current security measures often are deployed
in an exclusively network-based or host-based model, limiting their efficacy against
modern threats. However, recent advancements in the past decade in cloud computing and
high-speed networking have ushered in a new era of software services. Software services
that were previously deployed on-premise in organizations and enterprises are now being
outsourced to the cloud, leading to fundamentally new models in how software services are
sold, consumed, and managed.
This thesis focuses on how novel software security services can be deployed that leverage
the cloud to scale elegantly in their capabilities, performance, and management. First,
we introduce a novel architecture for malware detection in the cloud. Next, we propose
a cloud service to protect modern mobile devices, an ever-increasing target for malicious
attackers. Then, we discuss and demonstrate the ability for attackers to leverage the same
benefits of cloud-centric services for malicious purposes. Next, we present new techniques
for the large-scale analysis and classification of malicious software. Lastly, to demonstrate
the benefits of cloud-centric architectures outside the realm of malicious software,
we present a threshold signature scheme that leverages the cloud for robustness and resiliency.Ph.D.Computer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/91385/1/jonojono_1.pd
Security and privacy issues in cloud computing
International audienceCloud computing is a state-of-the-art technological innovation providing an extensive list of benefits for almost every business and governmental, small or medium-sized organizations. It has truly revolutionized the computational era by cutting down cost and reducing complexities of infrastructural configurations for computational platforms. This state-of-the-art technology is rapidly being adapted by various large organizations from healthcare to critical infrastructure to carry out their business processes that, otherwise, would require large storage capacity, huge computational power, and expensive hardware. The purpose of this special issue was to arrange a venue for cloud researchers around the world to share their state-of-the-art research and development that could benefit the cloud community. This helped collect high-quality articles that reported recent research advances regarding security and privacy issues in cloud computing, covering various topics of interest
GA-Par: Dependable Microservice Orchestration Framework for Geo-Distributed Clouds
Recent advances in composing Cloud applications have been driven by deployments of inter-networking heterogeneous microservices across multiple Cloud datacenters. System dependability has been of the upmost importance and criticality to both service vendors and customers. Security, a measurable attribute, is increasingly regarded as the representative example of dependability. Literally, with the increment of microservice types and dynamicity, applications are exposed to aggravated internal security threats and externally environmental uncertainties. Existing work mainly focuses on the QoS-aware composition of native VM-based Cloud application components, while ignoring uncertainties and security risks among interactive and interdependent container-based microservices. Still, orchestrating a set of microservices across datacenters under those constraints remains computationally intractable. This paper describes a new dependable microservice orchestration framework GA-Par to effectively select and deploy microservices whilst reducing the discrepancy between user security requirements and actual service provision. We adopt a hybrid (both whitebox and blackbox based) approach to measure the satisfaction of security requirement and the environmental impact of network QoS on system dependability. Due to the exponential grow of solution space, we develop a parallel Genetic Algorithm framework based on Spark to accelerate the operations for calculating the optimal or near-optimal solution. Large-scale real world datasets are utilized to validate models and orchestration approach. Experiments show that our solution outperforms the greedy-based security aware method with 42.34 percent improvement. GA-Par is roughly 4Ă— faster than a Hadoop-based genetic algorithm solver and the effectiveness can be constantly guaranteed under different application scales
A Component-Based Approach for Securing Indoor Home Care Applications
eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public's confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home.This work was financed under project DPI2015-68602-R (MINECO/FEDER, UE), UPV/EHU under project PPG17/56 and GV/EJ under recognized research group IT914-16
Cloud Computing in VANETs: Architecture, Taxonomy, and Challenges
Cloud Computing in VANETs (CC-V) has been investigated into two major themes of research including Vehicular Cloud Computing (VCC) and Vehicle using Cloud (VuC). VCC is the realization of autonomous cloud among vehicles to share their abundant resources. VuC is the efficient usage of conventional cloud by on-road vehicles via a reliable Internet connection. Recently, number of advancements have been made to address the issues and challenges in VCC and VuC. This paper qualitatively reviews CC-V with the emphasis on layered architecture, network component, taxonomy, and future challenges. Specifically, a four-layered architecture for CC-V is proposed including perception, co-ordination, artificial intelligence and smart application layers. Three network component of CC-V namely, vehicle, connection and computation are explored with their cooperative roles. A taxonomy for CC-V is presented considering major themes of research in the area including design of architecture, data dissemination, security, and applications. Related literature on each theme are critically investigated with comparative assessment of recent advances. Finally, some open research challenges are identified as future issues. The challenges are the outcome of the critical and qualitative assessment of literature on CC-V
- …