Cloud Computing Trace Characterization and Synthetic Workload Generation

This thesis researches cloud computing workload characteristics and synthetic workload generation. A heuristic presented in the work guides the process of workload trace characterization and synthetic workload generation. Analysis of a cloud trace provides insight into client request behaviors and statistical parameters. A versatile workload generation tool creates client connections, controls request rates, defines number of jobs, produces tasks within each job, and manages task durations. The test system consists of multiple clients creating workloads and a server receiving request, all contained within a virtual machine environment. Statistical analysis verifies the synthetic workload experimental results are consistent with real workload behaviors and characteristics

Evaluating the Impact of Security Measures on Performance of Secure Web Applications Hosted on Virtualised Platforms

The use of web applications has drastically increased over the years, and so has the need to secure these applications with effective security measures to ensure security and regulatory compliance. The problem arises when the impact and overheads associated with these security measures are not adequately quantified and factored into the design process of these applications. Organizations often resort to trading-off security compliance in order to achieve the required system performance. The aim of this research work is to quantify the impact of security measures on system performance of web applications and improve design decision-making in web application design process. This research work examines the implications of compliance and security measures on web applications and explores the possibility of extending the existing Queueing Network (QN) based models to predict the performance impact of security on web applications. The intention is that the results of this research work will assist system and web application designers in specifying adequate system capacity for secure web applications, hence ensuring acceptable system performance and security compliance. This research work comprises three quantitative studies organized in a sequential flow. The first study is an exploratory survey designed to understand the extent and importance of the security measures on system performance in organizations. The survey data was analyzed using descriptive statistics and Factor Analysis. The second study is an experimental study with a focus on causation. The study provided empirical data through sets of experiments proving the implications of security measures on a multi-tiered state-of-the-art web application - Microsoft SharePoint 2013. The experimental data were analyzed using the ANCOVA model. The third study is essentially a modeling-based study aimed at using the insights on the security implications provided by the second study. In the third study, using a well-established QN result - Mean Value Analysis (MVA) for closed networks, the study demonstrated how security measures could be incorporated into a QN model in an elegant manner with limited calculations. The results in this thesis indicated significant impact of security measures on web application with respect to response time, disk queue length, SQL latches and SQL database wait times. In a secure three-tiered web application the results indicated greater impacts on the web tier and database tier primarily due to encryption requirements dictated by several compliance standards, with smaller impact seen at the application tier. The modeling component of this thesis indicated a potential benefit in extending QN models to predict secure web application performance, although more work is needed to enhance the accuracy of the model. Overall, this research work contributes to professional practice by providing performance evaluation and predictive techniques for secure web applications that could be used in system design. From performance evaluations and QN modeling perspective, although three-tiered web application modeling has been widely studied, the view in this thesis is that this is the first attempt to look at security compliance in a three-tiered web application modeling on virtualized platforms

Protection of Personal Data in sub-Saharan Africa

Africa is by far the least developed continent in terms of protection of personal data. At present there are 11 countries out of 54 which have implemented comprehensive data privacy legislation. Nine of them namely, Angola, Benin, Burkina Faso, Cape Verde, Gabon, Ghana, Mauritius, Senegal and Seychelles belong to sub-Saharan Africa. The other two countries, Morocco and Tunisia, belong to North Africa. Yet, there are seven countries in sub-Saharan Africa with either Bills or drafts on data privacy pending before their respective legislative or executive bodies. These include Ivory Coast (Cote d Ivoire), Kenya, Madagascar, Mali, Niger, Nigeria and South Africa. The rest of African countries have neither Bills nor drafts of such laws. The dominant discourse on privacy and data protection advances the culture of collectivism as the reason for the state of privacy and regulation in Africa. Founded on the normative assumptions of the old debates engraved in universalism and cultural relativism, the main argument held in this discourse is that Africa s collectivism denies an individual a space to advance claims for privacy. The present study sought to interrogate this dominant discourse and in particular investigating the emerging trends of adopting comprehensive data privacy legislation in Africa. To avert from the inherent pitfalls of normative assumptions, this study engaged a hybrid methodology. It triangulated the doctrinal, empirical and international comparative law methodologies. Moreover, in order to gain in-depth insights of the state of privacy, the study delimited to three sub-Saharan African countries: Mauritius, South Africa and Tanzania as cases. Based on documents collected and interviews held, this study has found that although collectivist culture is an important factor in explaining the limited state of privacy in Africa, it is not a catch-all phenomenon. Instead, technological, economic, political and social processes have significantly affected privacy consciousness and consequently the systems of privacy and data protection in the continent