16,945 research outputs found
Recommended from our members
Towards Transparent and Trustworthy Cloud
Despite its immense benefits in terms of flexibility, resource consumption, and simplified management, cloud computing raises several concerns due to lack of trust and transparency. Like all computing paradigms based on outsourcing, the use of cloud computing is largely a matter of trust. There is an increasing pressure by cloud customers for solutions that would increase their confidence that a cloud service/application is behaving in a secure and correct manner. Cloud assurance techniques, developed to assess the trustworthiness of cloud services, can play a major role in building trust. In this paper, we start from the assumption that an opaque cloud does not fit security, and present a reliable evidence collection process and infrastructure extending existing assurance techniques towards the definition of a trustworthy cloud. The proposed process and infrastructure are applied to a case study on cloud certification showing their utility
Next challenges for adaptive learning systems
Learning from evolving streaming data has become a 'hot' research topic in the last decade and many adaptive learning algorithms have been developed. This research was stimulated by rapidly growing amounts of industrial, transactional, sensor and other business data that arrives in real time and needs to be mined in real time. Under such circumstances, constant manual adjustment of models is in-efficient and with increasing amounts of data is becoming infeasible. Nevertheless, adaptive learning models are still rarely employed in business applications in practice. In the light of rapidly growing structurally rich 'big data', new generation of parallel computing solutions and cloud computing services as well as recent advances in portable computing devices, this article aims to identify the current key research directions to be taken to bring the adaptive learning closer to application needs. We identify six forthcoming challenges in designing and building adaptive learning (pre-diction) systems: making adaptive systems scalable, dealing with realistic data, improving usability and trust, integrat-ing expert knowledge, taking into account various application needs, and moving from adaptive algorithms towards adaptive tools. Those challenges are critical for the evolving stream settings, as the process of model building needs to be fully automated and continuous.</jats:p
Viewpoint | Personal Data and the Internet of Things: It is time to care about digital provenance
The Internet of Things promises a connected environment reacting to and
addressing our every need, but based on the assumption that all of our
movements and words can be recorded and analysed to achieve this end.
Ubiquitous surveillance is also a precondition for most dystopian societies,
both real and fictional. How our personal data is processed and consumed in an
ever more connected world must imperatively be made transparent, and more
effective technical solutions than those currently on offer, to manage personal
data must urgently be investigated.Comment: 3 pages, 0 figures, preprint for Communication of the AC
The case for cloud service trustmarks and assurance-as-a-service
Cloud computing represents a significant economic opportunity for Europe. However, this growth is threatened by adoption barriers largely related to trust. This position paper examines trust and confidence issues in cloud computing and advances a case for addressing them through the implementation of a novel trustmark scheme for cloud service providers. The proposed trustmark would be both active and dynamic featuring multi-modal information about the performance of the underlying cloud service. The trustmarks would be informed by live performance data from the cloud service provider, or ideally an independent third-party accountability and assurance service that would communicate up-to-date information relating to service performance and dependability. By combining assurance measures with a remediation scheme, cloud service providers could both signal dependability to customers and the wider marketplace and provide customers, auditors and regulators with a mechanism for determining accountability in the event of failure or non-compliance. As a result, the trustmarks would convey to consumers of cloud services and other stakeholders that strong assurance and accountability measures are in place for the service in question and thereby address trust and confidence issues in cloud computing
Online privacy: towards informational self-determination on the internet : report from Dagstuhl Perspectives Workshop 11061
The Dagstuhl Perspectives Workshop "Online Privacy: Towards Informational Self-Determination on the Internet" (11061) has been held in February 6-11, 2011 at Schloss Dagstuhl. 30 participants from academia, public sector, and industry have identified the current status-of-the-art of and challenges for online privacy as well as derived recommendations for improving online privacy. Whereas the Dagstuhl Manifesto of this workshop concludes the results of the working groups and panel discussions, this article presents the talks of this workshop by their abstracts
SensorCloud: Towards the Interdisciplinary Development of a Trustworthy Platform for Globally Interconnected Sensors and Actuators
Although Cloud Computing promises to lower IT costs and increase users'
productivity in everyday life, the unattractive aspect of this new technology
is that the user no longer owns all the devices which process personal data. To
lower scepticism, the project SensorCloud investigates techniques to understand
and compensate these adoption barriers in a scenario consisting of cloud
applications that utilize sensors and actuators placed in private places. This
work provides an interdisciplinary overview of the social and technical core
research challenges for the trustworthy integration of sensor and actuator
devices with the Cloud Computing paradigm. Most importantly, these challenges
include i) ease of development, ii) security and privacy, and iii) social
dimensions of a cloud-based system which integrates into private life. When
these challenges are tackled in the development of future cloud systems, the
attractiveness of new use cases in a sensor-enabled world will considerably be
increased for users who currently do not trust the Cloud.Comment: 14 pages, 3 figures, published as technical report of the Department
of Computer Science of RWTH Aachen Universit
SimGrid: a Sustained Effort for the Versatile Simulation of Large Scale Distributed Systems
In this paper we present Simgrid, a toolkit for the versatile simulation of
large scale distributed systems, whose development effort has been sustained
for the last fifteen years. Over this time period SimGrid has evolved from a
one-laboratory project in the U.S. into a scientific instrument developed by an
international collaboration. The keys to making this evolution possible have
been securing of funding, improving the quality of the software, and increasing
the user base. In this paper we describe how we have been able to make advances
on all three fronts, on which we plan to intensify our efforts over the
upcoming years.Comment: 4 pages, submission to WSSSPE'1
On Using Blockchains for Safety-Critical Systems
Innovation in the world of today is mainly driven by software. Companies need
to continuously rejuvenate their product portfolios with new features to stay
ahead of their competitors. For example, recent trends explore the application
of blockchains to domains other than finance. This paper analyzes the
state-of-the-art for safety-critical systems as found in modern vehicles like
self-driving cars, smart energy systems, and home automation focusing on
specific challenges where key ideas behind blockchains might be applicable.
Next, potential benefits unlocked by applying such ideas are presented and
discussed for the respective usage scenario. Finally, a research agenda is
outlined to summarize remaining challenges for successfully applying
blockchains to safety-critical cyber-physical systems
Trusted Computing and Secure Virtualization in Cloud Computing
Large-scale deployment and use of cloud computing in industry
is accompanied and in the same time hampered by concerns regarding protection of
data handled by cloud computing providers. One of the consequences of moving
data processing and storage off company premises is that organizations have
less control over their infrastructure. As a result, cloud service (CS) clients
must trust that the CS provider is able to protect their data and
infrastructure from both external and internal attacks. Currently however, such
trust can only rely on organizational processes declared by the CS
provider and can not be remotely verified and validated by an external party.
Enabling the CS client to verify the integrity of the host where the
virtual machine instance will run, as well as to ensure that the virtual
machine image has not been tampered with, are some steps towards building
trust in the CS provider. Having the tools to perform such
verifications prior to the launch of the VM instance allows the CS
clients to decide in runtime whether certain data should be stored- or calculations
should be made on the VM instance offered by the CS provider.
This thesis combines three components -- trusted computing, virtualization technology
and cloud computing platforms -- to address issues of trust and
security in public cloud computing environments. Of the three components,
virtualization technology has had the longest evolution and is a cornerstone
for the realization of cloud computing. Trusted computing is a recent
industry initiative that aims to implement the root of trust in a hardware
component, the trusted platform module. The initiative has been formalized
in a set of specifications and is currently at version 1.2. Cloud computing
platforms pool virtualized computing, storage and network resources in
order to serve a large number of customers customers that use a multi-tenant
multiplexing model to offer on-demand self-service over broad network.
Open source cloud computing platforms are, similar to trusted computing, a
fairly recent technology in active development.
The issue of trust in public cloud environments is addressed
by examining the state of the art within cloud computing security and
subsequently addressing the issues of establishing trust in the launch of a
generic virtual machine in a public cloud environment. As a result, the thesis
proposes a trusted launch protocol that allows CS clients
to verify and ensure the integrity of the VM instance at launch time, as
well as the integrity of the host where the VM instance is launched. The protocol
relies on the use of Trusted Platform Module (TPM) for key generation and data protection.
The TPM also plays an essential part in the integrity attestation of the
VM instance host. Along with a theoretical, platform-agnostic protocol,
the thesis also describes a detailed implementation design of the protocol
using the OpenStack cloud computing platform.
In order the verify the implementability of the proposed protocol, a prototype
implementation has built using a distributed deployment of OpenStack.
While the protocol covers only the trusted launch procedure using generic
virtual machine images, it presents a step aimed to contribute towards
the creation of a secure and trusted public cloud computing environment
- …