State of The Art and Hot Aspects in Cloud Data Storage Security

Along with the evolution of cloud computing and cloud storage towards matu- rity, researchers have analyzed an increasing range of cloud computing security aspects, data security being an important topic in this area. In this paper, we examine the state of the art in cloud storage security through an overview of selected peer reviewed publications. We address the question of defining cloud storage security and its different aspects, as well as enumerate the main vec- tors of attack on cloud storage. The reviewed papers present techniques for key management and controlled disclosure of encrypted data in cloud storage, while novel ideas regarding secure operations on encrypted data and methods for pro- tection of data in fully virtualized environments provide a glimpse of the toolbox available for securing cloud storage. Finally, new challenges such as emergent government regulation call for solutions to problems that did not receive enough attention in earlier stages of cloud computing, such as for example geographical location of data. The methods presented in the papers selected for this review represent only a small fraction of the wide research effort within cloud storage security. Nevertheless, they serve as an indication of the diversity of problems that are being addressed

Understanding Cloud Requirements - A Supply Chain Lifecycle Approach

Cloud Computing is offering competitive advantages to companies through flexible and, scalable access to computing resources. More and more companies are moving to cloud environments; therefore understanding the requirements for this process is both important and beneficial. The requirements for migrating from a traditional computing environment to a cloud hosting environment are discussed in this paper, considering this migration from a supply chain lifecycle perspective. The cloud supply chain is examined from a lifecycle perspective for the management of the migration project. This paper illustrates the requirements that need to be considered when adopting a cloud migration strategy and the steps to take in order to manage this process

Cloud computing : developing a cost estimation model for customers

Cloud computing is an essential part of the digital transformation journey. It offers many benefits to organisations, including the advantages of scalability and agility. Cloud customers see cloud computing as a moving train that every organisation needs to catch. This means that adoption decisions are made quickly in order to keep up with the new trend. Such quick decisions have led to many disappointments for cloud customers and have questioned the cost of the cloud. This is also because there is a lack of criteria or guidelines to help cloud customers get a complete picture of what is required of them before they go to the cloud. From another perspective, as new technologies force changes to the organizational structure and business processes, it is important to understand how cloud computing changes the IT and non-IT departments and how can this be translated into costs. Accordingly, this research uses the total cost of ownership approach and transaction cost theory to develop a customer-centric model to estimate the cost of cloud computing. The Research methodology used the Design Science Research approach. Expert interviews were used to develop the model. The model was then validated using four case studies. The model, named Sunny, identifies many costs that need to be estimated, which will help to make the cloud-based digital transformation journey less cloudy. The costs include Meta Services, Continuous Contract management, Monitoring and ITSM Adjustment. From an academic perspective, this research highlights the management efforts required for cloud computing and how misleading the rapid provision potential of the cloud resources can be. From a business perspective, proper estimation of these costs would help customers make informed decisions and vendors make realistic promises.Cloud Computing ist ein wesentlicher Bestandteil der Digitalisierung. Es bietet Unternehmen viele Vorteile, wie Skalierbarkeit und Agilität. Cloud-Kunden sehen Cloud Computing als einen Zug, auf den jedes Unternehmen aufspringen muss. Das bedeutet, dass Einführungsentscheidungen schnell getroffen werden, um mit dem neuen Trend Schritt zu halten. Solche Schnellschüsse haben zu vielen Enttäuschungen bei Cloud-Kunden geführt und die Kosten der Cloud in Frage gestellt. Dies ist auch darauf zurückzuführen, dass es keine Kriterien oder Leitlinien gibt, die den Cloud-Kunden helfen, sich ein vollständiges Bild davon zu machen, was von ihnen erwartet wird, bevor sie in die Cloud gehen. Aus einem anderen Blickwinkel ist es wichtig zu verstehen, wie Cloud Computing IT- und Nicht-IT-Abteilungen verändert und wie sich dies auf die Kosten auswirkt, da neue Technologien Veränderungen in der Organisationsstruktur und den Geschäftsprozessen erzwingen. Dementsprechend werden in dieser Forschungsarbeit der Total Cost of Ownership-Ansatz und die Transaktionskostentheorie verwendet, um ein kundenorientiertes Modell zur Schätzung der Kosten von Cloud Computing zu entwickeln. Die Forschungsmethodik basiert auf dem Design Science Research Ansatz. Zur Entwicklung des Modells wurden Experteninterviews durchgeführt. Anschließend wurde das Modell anhand von vier Fallstudien validiert. Das Modell mit dem Namen Sunny identifiziert viele Kosten, die geschätzt werden müssen, um die Reise zur digitalen Transformation in der Cloud weniger wolkig zu gestalten. Zu diesen Kosten gehören Meta-Services, kontinuierliches Vertragsmanagement, Überwachung und ITSM-Anpassung. Aus akademischer Sicht verdeutlicht diese Forschung, welcher Verwaltungsaufwand für Cloud Computing erforderlich ist und wie irreführend das schnelle Bereitstellungspotenzial von Cloud-Ressourcen sein kann. Aus Unternehmenssicht würde eine korrekte Einschätzung dieser Kosten den Kunden helfen, fundierte Entscheidungen zu treffen, und den Anbietern, realistische Versprechungen zu machen

Review of the environmental and organisational implications of cloud computing: final report.

Cloud computing – where elastic computing resources are delivered over the Internet by external service providers – is generating significant interest within HE and FE. In the cloud computing business model, organisations or individuals contract with a cloud computing service provider on a pay-per-use basis to access data centres, application software or web services from any location. This provides an elasticity of provision which the customer can scale up or down to meet demand. This form of utility computing potentially opens up a new paradigm in the provision of IT to support administrative and educational functions within HE and FE. Further, the economies of scale and increasingly energy efficient data centre technologies which underpin cloud services means that cloud solutions may also have a positive impact on carbon footprints. In response to the growing interest in cloud computing within UK HE and FE, JISC commissioned the University of Strathclyde to undertake a Review of the Environmental and Organisational Implications of Cloud Computing in Higher and Further Education [19]

Infrastructure-as-a-Service Usage Determinants in Enterprises

The thesis focuses on the research question, what the determinants of Infrastructure-as-a-Service usage of enterprises are. A wide range of IaaS determinants is collected for an IaaS adoption model of enterprises, which is evaluated in a Web survey. As the economical determinants are especially important, they are separately investigated using a cost-optimizing decision support model. This decision support model is then applied to a potential IaaS use case of a large automobile manufacturer

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view

Quantum surveillance and 'shared secrets'. A biometric step too far? CEPS Liberty and Security in Europe, July 2010

It is no longer sensible to regard biometrics as having neutral socio-economic, legal and political impacts. Newer generation biometrics are fluid and include behavioural and emotional data that can be combined with other data. Therefore, a range of issues needs to be reviewed in light of the increasing privatisation of ‘security’ that escapes effective, democratic parliamentary and regulatory control and oversight at national, international and EU levels, argues Juliet Lodge, Professor and co-Director of the Jean Monnet European Centre of Excellence at the University of Leeds, U

Planning and Optimization During the Life-Cycle of Service Level Agreements for Cloud Computing

Ein Service Level Agreement (SLA) ist ein elektronischer Vertrag zwischen dem Kunden und dem Anbieter eines Services. Die beteiligten Partner kl aren ihre Erwartungen und Verp ichtungen in Bezug auf den Dienst und dessen Qualit at. SLAs werden bereits f ur die Beschreibung von Cloud-Computing-Diensten eingesetzt. Der Diensteanbieter stellt sicher, dass die Dienstqualit at erf ullt wird und mit den Anforderungen des Kunden bis zum Ende der vereinbarten Laufzeit ubereinstimmt. Die Durchf uhrung der SLAs erfordert einen erheblichen Aufwand, um Autonomie, Wirtschaftlichkeit und E zienz zu erreichen. Der gegenw artige Stand der Technik im SLA-Management begegnet Herausforderungen wie SLA-Darstellung f ur Cloud- Dienste, gesch aftsbezogene SLA-Optimierungen, Dienste-Outsourcing und Ressourcenmanagement. Diese Gebiete scha en zentrale und aktuelle Forschungsthemen. Das Management von SLAs in unterschiedlichen Phasen w ahrend ihrer Laufzeit erfordert eine daf ur entwickelte Methodik. Dadurch wird die Realisierung von Cloud SLAManagement vereinfacht. Ich pr asentiere ein breit gef achertes Modell im SLA-Laufzeitmanagement, das die genannten Herausforderungen adressiert. Diese Herangehensweise erm oglicht eine automatische Dienstemodellierung, sowie Aushandlung, Bereitstellung und Monitoring von SLAs. W ahrend der Erstellungsphase skizziere ich, wie die Modellierungsstrukturen verbessert und vereinfacht werden k onnen. Ein weiteres Ziel von meinem Ansatz ist die Minimierung von Implementierungs- und Outsourcingkosten zugunsten von Wettbewerbsf ahigkeit. In der SLA-Monitoringphase entwickle ich Strategien f ur die Auswahl und Zuweisung von virtuellen Cloud Ressourcen in Migrationsphasen. Anschlie end pr ufe ich mittels Monitoring eine gr o ere Zusammenstellung von SLAs, ob die vereinbarten Fehlertoleranzen eingehalten werden. Die vorliegende Arbeit leistet einen Beitrag zu einem Entwurf der GWDG und deren wissenschaftlichen Communities. Die Forschung, die zu dieser Doktorarbeit gef uhrt hat, wurde als Teil von dem SLA@SOI EU/FP7 integriertem Projekt durchgef uhrt (contract No. 216556)

Data centre optimisation enhanced by software defined networking

Contemporary Cloud Computing infrastructures are being challenged by an increasing demand for evolved cloud services characterised by heterogeneous performance requirements including real-time, data-intensive and highly dynamic workloads. The classical way to deal with dynamicity is to scale computing and network resources horizontally. However, these techniques must be coupled effectively with advanced routing and switching in a multi-path environment, mixed with a high degree of flexibility to support dynamic adaptation and live-migration of virtual machines (VMs). We propose a management strategy to jointly optimise computing and networking resources in cloud infrastructures, where Software Defined Networking (SDN) plays a key enabling role