1,664 research outputs found

    Next generation, secure cloud-based pan-European information system for enhanced disaster awareness

    Get PDF
    Information management in disaster situations is challenging, yet critical for efficient response and recovery. Today information flows are difficult to establish, partial, redundant, overly complex or insecure, besides the interoperability between heterogeneous organisations is limited. This paper presents a novel system architecture that enables combining of several communication technologies in a secure manner. This supports creation of a pan-European 'Common Information Space' by rescue organizations that can enable more efficient and effective information management in disaster response. Moreover, this technology can be used for disaster preparedness (e.g., training, tutorials). The modular architecture is designed to consider future evolutions of technology by defining interfaces for the integration of new technologies and services

    Cyber Supply Chain Risks in Cloud Computing - Bridging the Risk Assessment Gap

    Get PDF
    Cloud computing represents a significant paradigm shift in the delivery of information technology (IT) services. The rapid growth of the cloud and the increasing security concerns associated with the delivery of cloud services has led many researchers to study cloud risks and risk assessments. Some of these studies highlight the inability of current risk assessments to cope with the dynamic nature of the cloud, a gap we believe is as a result of the lack of consideration for the inherent risk of the supply chain. This paper, therefore, describes the cloud supply chain and investigates the effect of supply chain transparency in conducting a comprehensive risk assessment. We conducted an industry survey to gauge stakeholder awareness of supply chain risks, seeking to find out the risk assessment methods commonly used, factors that hindered a comprehensive evaluation and how the current state-of-the-art can be improved. The analysis of the survey dataset showed the lack of flexibility of the popular qualitative assessment methods in coping with the risks associated with the dynamic supply chain of cloud services, typically made up of an average of eight suppliers. To address these gaps, we propose a Cloud Supply Chain Cyber Risk Assessment (CSCCRA) model, a quantitative risk assessment model which is supported by decision support analysis and supply chain mapping in the identification, analysis and evaluation of cloud risks

    Online Admission Control and Embedding of Service Chains

    Full text link
    The virtualization and softwarization of modern computer networks enables the definition and fast deployment of novel network services called service chains: sequences of virtualized network functions (e.g., firewalls, caches, traffic optimizers) through which traffic is routed between source and destination. This paper attends to the problem of admitting and embedding a maximum number of service chains, i.e., a maximum number of source-destination pairs which are routed via a sequence of to-be-allocated, capacitated network functions. We consider an Online variant of this maximum Service Chain Embedding Problem, short OSCEP, where requests arrive over time, in a worst-case manner. Our main contribution is a deterministic O(log L)-competitive online algorithm, under the assumption that capacities are at least logarithmic in L. We show that this is asymptotically optimal within the class of deterministic and randomized online algorithms. We also explore lower bounds for offline approximation algorithms, and prove that the offline problem is APX-hard for unit capacities and small L > 2, and even Poly-APX-hard in general, when there is no bound on L. These approximation lower bounds may be of independent interest, as they also extend to other problems such as Virtual Circuit Routing. Finally, we present an exact algorithm based on 0-1 programming, implying that the general offline SCEP is in NP and by the above hardness results it is NP-complete for constant L.Comment: early version of SIROCCO 2015 pape

    A Reference Model to Support Risk Identification in Cloud Networks

    Get PDF
    The rising adoption of cloud computing and increasing interconnections among its actors lead to the emergence of network-like structures and new associated risks. A major obstacle for addressing these risks is the lack of transparency concerning the underlying network structure and the dissemination of risks therein. Existing research does not consider the risk perspective in a cloud network’s context. We address this research gap with the construction of a reference model that can display such networks and therefore supports risk identification. We evaluate the reference model through real-world examples and interviews with industry experts and demonstrate its applicability. The model provides a better understanding of cloud networks and causalities between related risks. These insights can be used to develop appropriate risk management strategies in cloud networks. The reference model sets a basis for future risk quantification approaches as well as for the design of (IT) tools for risk analysis
    • …
    corecore