196 research outputs found
Secure data sharing and processing in heterogeneous clouds
The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors
Trusted Computing and Secure Virtualization in Cloud Computing
Large-scale deployment and use of cloud computing in industry
is accompanied and in the same time hampered by concerns regarding protection of
data handled by cloud computing providers. One of the consequences of moving
data processing and storage off company premises is that organizations have
less control over their infrastructure. As a result, cloud service (CS) clients
must trust that the CS provider is able to protect their data and
infrastructure from both external and internal attacks. Currently however, such
trust can only rely on organizational processes declared by the CS
provider and can not be remotely verified and validated by an external party.
Enabling the CS client to verify the integrity of the host where the
virtual machine instance will run, as well as to ensure that the virtual
machine image has not been tampered with, are some steps towards building
trust in the CS provider. Having the tools to perform such
verifications prior to the launch of the VM instance allows the CS
clients to decide in runtime whether certain data should be stored- or calculations
should be made on the VM instance offered by the CS provider.
This thesis combines three components -- trusted computing, virtualization technology
and cloud computing platforms -- to address issues of trust and
security in public cloud computing environments. Of the three components,
virtualization technology has had the longest evolution and is a cornerstone
for the realization of cloud computing. Trusted computing is a recent
industry initiative that aims to implement the root of trust in a hardware
component, the trusted platform module. The initiative has been formalized
in a set of specifications and is currently at version 1.2. Cloud computing
platforms pool virtualized computing, storage and network resources in
order to serve a large number of customers customers that use a multi-tenant
multiplexing model to offer on-demand self-service over broad network.
Open source cloud computing platforms are, similar to trusted computing, a
fairly recent technology in active development.
The issue of trust in public cloud environments is addressed
by examining the state of the art within cloud computing security and
subsequently addressing the issues of establishing trust in the launch of a
generic virtual machine in a public cloud environment. As a result, the thesis
proposes a trusted launch protocol that allows CS clients
to verify and ensure the integrity of the VM instance at launch time, as
well as the integrity of the host where the VM instance is launched. The protocol
relies on the use of Trusted Platform Module (TPM) for key generation and data protection.
The TPM also plays an essential part in the integrity attestation of the
VM instance host. Along with a theoretical, platform-agnostic protocol,
the thesis also describes a detailed implementation design of the protocol
using the OpenStack cloud computing platform.
In order the verify the implementability of the proposed protocol, a prototype
implementation has built using a distributed deployment of OpenStack.
While the protocol covers only the trusted launch procedure using generic
virtual machine images, it presents a step aimed to contribute towards
the creation of a secure and trusted public cloud computing environment
Serviços de imagem médica suportados na cloud
Mestrado em Engenharia de Computadores e TelemáticaHoje em dia, as instituições de cuidados de saúde, utilizam a telemedicina para
suportar ambientes colaborativos. Na área da imagem médica digital, a
quantidade de dados tem crescido substancialmente nos últimos anos,
requerendo mais infraestruturas para fornecer um serviço com a qualidade
desejada. Os computadores e dispositivos com acesso à Internet estão
acessíveis em qualquer altura e em qualquer lugar, criando oportunidades para
partilhar e utilizar recursos online. Uma enorme quantidade de processamento
computacional e armazenamento são utilizados como uma comodidade no
quotidiano. Esta dissertação apresenta uma plataforma para suportar serviços
de telemedicina sobre a cloud, permitindo que aplicações armazenem e
comuniquem facilmente, utilizando qualquer fornecedor de cloud. Deste modo,
os programadores não necessitam de se preocupar onde os recursos vão ser
instalados a as suas aplicações não ficam limitadas a um único fornecedor.
Foram desenvolvidas duas aplicações para tele-imagiologia com esta
plataforma: repositório de imagens médicas e uma infraestrutura de
comunicações entre centros hospitalares. Finalmente, a arquitetura
desenvolvida é genérica e flexível permitindo facilmente a sua expansão para
outras áreas aplicacionais e outros serviços de cloud.Healthcare institutions resort largely, nowadays, to telemedicine in order to
support collaborative environments. In the medical imaging area, the huge
amount of medical volume data has increased over the past few years,
requiring high-performance infrastructures to provide services with required
quality. Computing devices and Internet access are now available anywhere
and at anytime, creating new opportunities to share and use online resources.
A tremendous amount of ubiquitous computational power and an
unprecedented number of Internet resources and services are used every day
as a normal commodity. This thesis presents a telemedicine service platform
over the Cloud that allows applications to store information and to communicate
easier, using any Internet cloud provider. With this platform, developers do not
concern where the resources will be deployed and the applications will not be
restricted to a specific cloud vendor. Two tele-imagiologic applications were
developed along with this platform: a medical imaging repository and an interinstitutional
communications infrastructure. Lastly, the architecture developed is
generic and flexible to expand to other application areas and cloud services
Security-oriented cloud computing platform for critical infrastructures
The rise of virtualisation and cloud computing is one of the most significant features of computing in the last 10 years. However, despite its popularity, there are still a number of technical barriers that prevent it from becoming the truly ubiquitous service it has the potential to be. Central to this are the issues of data security and the lack of trust that users have in relying on cloud services to provide the foundation of their IT infrastructure. This is a highly complex issue, which covers multiple inter-related factors such as platform integrity, robust service guarantees, data and network security, and many others that have yet to be overcome in a meaningful way.
This paper presents a concept for an innovative integrated platform to reinforce the integrity and security of cloud services and we apply this in the context of Critical Infrastructures to identify the core requirements, components and features of this infrastructure
TSKY: a dependable middleware solution for data privacy using public storage clouds
Dissertação para obtenção do Grau de Mestre em Engenharia InformáticaThis dissertation aims to take advantage of the virtues offered by data storage cloud based systems on the Internet, proposing a solution that avoids security issues by combining different providers’ solutions in a vision of a cloud-of-clouds storage and computing. The solution, TSKY System (or Trusted Sky), is implemented as a middleware system, featuring a set of components designed to establish and to enhance conditions for security, privacy, reliability and availability of data, with these conditions being secured and verifiable by the end-user, independently of each provider. These components, implement cryptographic tools, including threshold and homomorphic cryptographic schemes, combined with encryption, replication, and dynamic indexing mecha-nisms. The solution allows data management and distribution functions over data kept in different storage clouds, not necessarily trusted, improving and ensuring resilience and security guarantees against Byzantine faults and at-tacks. The generic approach of the TSKY system model and its implemented services are evaluated in the context of a Trusted Email Repository System (TSKY-TMS System). The TSKY-TMS system is a prototype that uses the base TSKY middleware services to store mailboxes and email Messages in a cloud-of-clouds
Emerging Technology in Business and Finance
In the globalized scenario where technologies are developing continuously with time, these novel methods are affecting the business and finance in the significant way. In this chapter we are going to discuss about the major emerging technologies in the field of entrepreneurship, application development, finance, and business.
The authors are going to start with the introduction about the business, finance, entrepreneurship and application development, and the effect of the emerging technologies on these fields and the way in which technologies are developing from time to time, about adoption of these technologies by industries. The changes in the technologies with special reference to developed and developing country will also be the part of this chapter.
Moving ahead we are discussing about these technologies in prevailing businesses as well as upcoming business. Some of the technologies we are going to discuss are Embedded Business Intelligence, Amplified Visual Presentation, Augmented Analytics, Cloud Management.
Beside these technologies, we are going to cover about the growing automation in the finance sector such as Cloud banking, Robotic process automation, Blockchain, Internet of things, etc.
This chapter will cover all the technologies while getting the complete knowledge about what, why, where, when and how it is changing in the present finance and business scenario. Just like the two opposite faces of the coin, one side these emerging technologies are boon for the business and finances then on the other side there are certain risks involved in these technologies, which can be a great threat to our business as well as in our routine life. So, we also discuss about the potential risks associated with these technologies.
We will end our chapter by giving our conclusion, precautions, and suggestions on these technologies
An analysis about the relationship between the cloud computing model and ITIL v3 2011
Cloud Computing is widely recognized as a recent computing paradigm of digital transformation in which scalable and elastic computational resources are delivered as a service through Internet technologies. Its characteristics made this business model increasingly adopted by organizations reaching business goals. Besides its benefits, some risks may impact organizations internally and, in the way they deliver their services to their clients. Therefore, it became important to understand the impacts of the Cloud model on the way companies organize their processes.
The goal of this work is to investigate which are the main impacts arising from the Cloud Computing model currently impacting Information Technology Infrastructure Library framework processes. The methodology selected will be through semi-structured interviews with knowledgeable professionals to effectively collect practical information that, according to the Systematic Literature Review performed, could not be collected by the traditional literature.
By analyzing the Systematic Literature Review results, several processes of this framework were affected, which may lead to a need for reframing it. Although the organization’s approach to this model must be enhanced and adapted to a new reality, the empirical insights collected from semi-structured interviews, suggest that the framework does not need to be reframed, and ITIL v3 2011 most impacted processes by the introduction of the Cloud-based model, are Change Management and Incident Management.A computação em nuvem é amplamente reconhecida como um paradigma de computação recente da transformação digital, no qual recursos computacionais escaláveis e elásticos são fornecidos como um serviço através de tecnologias na Internet. As suas características fizeram com que esse modelo de negócio fosse cada vez mais adotado por organizações que na prossecução dos seus objetivos de negócio. Além dos benefícios, também existem os riscos podem impactar as organizações internamente e na forma como entregam os seus serviços aos clientes. Portanto, tornou-se importante entender os impactos do modelo de Cloud na forma como as empresas organizam seus próprios processos e práticas. O objetivo deste trabalho é investigar quais são os principais impactos decorrentes do modelo de Cloud que impactam atualmente os processos da Information Technology Infrastructure Library. A metodologia selecionada será por meio de entrevistas semiestruturadas a profissionais capacitados para recolher informações decorrentes de experiências na prática que, de acordo com a Revisão Sistemática da Literatura realizada, não poderiam ser obtidas pela literatura tradicional. Ao analisar os resultados da Revisão Sistemática da Literatura, diversos processos desta framework foram afetados, o que pode levar à necessidade de reformulá-la. As considerações empíricas recolhidas nas entrevistas semiestruturadas, sugerem que a framework não necessita de ser reformulada e que os processos do ITIL v3 2011 mais impactados no modelo Cloud são o de Gestão de Incidentes e de Gestão da Mudança
Foundations and Technological Landscape of Cloud Computing
The cloud computing paradigm has brought the benefits of utility computing to a global scale. It has gained paramount attention in recent years. Companies are seriously considering to adopt this new paradigm and expecting to receive significant benefits. In fact, the concept of cloud computing is not a revolution in terms of technology; it has been established based on the solid ground of virtualization, distributed system, and web services. To comprehend cloud computing, its foundations and technological landscape need to be adequately understood. This paper provides a comprehensive review on the building blocks of cloud computing and relevant technological aspects. It focuses on four key areas including architecture, virtualization, data management, and security issues
Privacy-preserving efficient searchable encryption
Data storage and computation outsourcing to third-party managed data centers,
in environments such as Cloud Computing, is increasingly being adopted
by individuals, organizations, and governments. However, as cloud-based outsourcing
models expand to society-critical data and services, the lack of effective
and independent control over security and privacy conditions in such settings
presents significant challenges.
An interesting solution to these issues is to perform computations on encrypted
data, directly in the outsourcing servers. Such an approach benefits
from not requiring major data transfers and decryptions, increasing performance
and scalability of operations. Searching operations, an important application
case when cloud-backed repositories increase in number and size, are good examples
where security, efficiency, and precision are relevant requisites. Yet existing
proposals for searching encrypted data are still limited from multiple perspectives,
including usability, query expressiveness, and client-side performance and
scalability.
This thesis focuses on the design and evaluation of mechanisms for searching
encrypted data with improved efficiency, scalability, and usability. There are
two particular concerns addressed in the thesis: on one hand, the thesis aims at
supporting multiple media formats, especially text, images, and multimodal data
(i.e. data with multiple media formats simultaneously); on the other hand the
thesis addresses client-side overhead, and how it can be minimized in order to
support client applications executing in both high-performance desktop devices
and resource-constrained mobile devices.
From the research performed to address these issues, three core contributions
were developed and are presented in the thesis: (i) CloudCryptoSearch, a middleware
system for storing and searching text documents with privacy guarantees,
while supporting multiple modes of deployment (user device, local proxy, or computational cloud) and exploring different tradeoffs between security, usability, and performance; (ii) a novel framework for efficiently searching encrypted images
based on IES-CBIR, an Image Encryption Scheme with Content-Based Image
Retrieval properties that we also propose and evaluate; (iii) MIE, a Multimodal
Indexable Encryption distributed middleware that allows storing, sharing, and
searching encrypted multimodal data while minimizing client-side overhead and
supporting both desktop and mobile devices
- …