Issues in a Scalable Inter Cloud Environment with Unified Brokering Approach

Cloud Computing providers are currently serving customers throughout the world. Inter- Cloud Computing, where a number of providers come together, has already paved its way, It is meant to address the growing challenges of load balancing and optimal utilization of resources. At the same time, its objectives also include QoS and SLA accomplishment. A centralized Federation of clouds is a confederacy of cloud providers attached to and dependent upon a single unified broker entity. This unified broker acts as a linchpin for the entire system. This paper envisions and elaborates upon the idea of centralized Inter-cloud federation environment. We propose issues open to centralized Inter-Clouds at two levels namely unified broker and the cloud providers

Calm before the storm: the challenges of cloud computing in digital forensics

Cloud computing is a rapidly evolving information technology (IT) phenomenon. Rather than procure, deploy and manage a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. This development has significant implications for digital forensic investigators, equipment vendors, law enforcement, as well as corporate compliance and audit departments (among others). Much of digital forensic practice assumes careful control and management of IT assets (particularly data storage) during the conduct of an investigation. This paper summarises the key aspects of cloud computing and analyses how established digital forensic procedures will be invalidated in this new environment. Several new research challenges addressing this changing context are also identified and discussed

Grounded Ontology Methodology – Illustrating the Seed Ontology Creation

This paper is an extension of a paper that suggested Grounded Ontology (GO) as a new methodology of ontology engineering. It adds an example of application of first two stages of GO Methodology to create an initial (seed) ontology to a summarized discussion from another paper on Grounded Ontology (GO) Methodology. Its efficacy in deriving entities and their relationships directly from the data along with ontologization is illustrated through a step-by-step example. The GO Methodology proposes that ‘a domain ontology developed using text-coding technique contributes in conceptualizing and representing state-of-the-art as given by published research in a particular domain.’ The motivation behind GO Methodology is to make the state-of-the art available to the researchers of a particular domain and help them come to common understanding through an ontology. Ontology developer are given a leading role by the existing ontology engineering methods. This has led to a general observation regarding dominating influence of personal perspective of ontology developer and/or expert on the resultant ontology. However, if coding of data is done such that entities and their relationships are directly obtained from and are closely linked to the text of the published research, the resultant ontology stands a better chance of being unbiased. Therefore, a new methodology (Grounded Ontology - GO) was proposed for deriving an ontology directly from text of published research. Such and ontology will not only help in bringing forth the research already done by other but can also help in highlighting areas where new research efforts are needed

An efficient PHR service system supporting fuzzy keyword search and fine-grained access control

Outsourcing of personal health record (PHR) has attracted considerable interest recently. It can not only bring much convenience to patients, it also allows efficient sharing of medical information among researchers. As the medical data in PHR is sensitive, it has to be encrypted before outsourcing. To achieve fine-grained access control over the encrypted PHR data becomes a challenging problem. In this paper, we provide an affirmative solution to this problem. We propose a novel PHR service system which supports efficient searching and fine-grained access control for PHR data in a hybrid cloud environment, where a private cloud is used to assist the user to interact with the public cloud for processing PHR data. In our proposed solution, we make use of attribute-based encryption (ABE) technique to obtain fine-grained access control for PHR data. In order to protect the privacy of PHR owners, our ABE is anonymous. That is, it can hide the access policy information in ciphertexts. Meanwhile, our solution can also allow efficient fuzzy search over PHR data, which can greatly improve the system usability. We also provide security analysis to show that the proposed solution is secure and privacy-preserving. The experimental results demonstrate the efficiency of the proposed scheme.Peer ReviewedPostprint (author's final draft

Efficient searchble technique to retrive ranked documents in cloud

A secure searchable encryption system is presented to allow searching of encrypted user data in the cloud. The system concurrently supports fuzzy keyword searching and matched results ranking, which are two important factors in facilitating practical searchable encryption. A chaotic fuzzy conversion technique is proposed to support secure fuzzy keyword indexing, storage and query. A secure posting list is also created to rank the matched results while maintaining the privacy and confidentiality of the user data, and saving the resources of the user mobile device

A generic database forensic investigation process model

Database Forensic investigation is a domain which deals with database contents and their metadata to reveal malicious activities on database systems. Even though it is still new, but due to the overwhelming challenges and issues in the domain, this makes database forensic become a fast growing and much sought after research area. Based on observations made, we found that database forensic suffers from having a common standard which could unify knowledge of the domain. Therefore, through this paper, we present the use of Design Science Research (DSR) as a research methodology to develop a Generic Database Forensic Investigation Process Model (DBFIPM). From the creation of DBFIPM, five common forensic investigation processes have been proposed namely, the i) identification, ii) collection, iii) preservation, iv) analysis and v) presentation process. From the DBFIPM, it allows the reconciliation of concepts and terminologies of all common databases forensic investigation processes. Thus, this will potentially facilitate the sharing of knowledge on database forensic investigation among domain stakeholders

Usage control in SIP-based multimedia delivery

The Session Initiation Protocol (SIP) is an application layer signaling protocol for the creation, modification and termination of multimedia sessions and VoIP calls with one or more participants.SIP is widely accepted as the protocol that will dominate multimedia communications in the future and one of the reasons is that it can inherently support multidomain heterogeneous networks.While SIP operates in highly dynamic environments, in the current version its authorization support is based on traditional access control models.The main problem these models face is that they were designed many years ago, and under some circumstances tend to be inadequate in modern highly dynamic environments.Usage Control (UCON), instead, is a model that supports the same operations as traditional access control models do, but it further enhances them with novel ones.In previous work, an architecture supporting continuous authorizations on SIP, based on the UCON model, was presented.In this paper, an authorization support implementing the whole UCON model, including authorizations, obligations and conditions, has been integrated in a SIP system.Moreover, a testbed has been set up to experimentally evaluate the performance of the proposed security mechanism