509 research outputs found

    Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

    Get PDF
    Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy

    An enhancement of toe model by investigating the influential factors of cloud adoption security objectives

    Get PDF
    Cloud computing (CC) is a future technological trend for technological infrastructure development. And it is growing strongly as the backbone of industrial future technological infrastructure. As CC service has a lot to offer, it also has some major downside that clients cannot ignore. For CC service adoption, the potential candidates are SMEs but due to lack of resources, experience, expertise and low financial structure scenario CC can be most helpful. CC faces a major issue in term of cloud security, an organization doesn’t understand the cloud security factors in the organization and data owner doubts about their data. In the research paper, an investigation on the cloud security objectives to find out the influential factors for cloud adoption in SMEs by proposing an enhancement of Technology-Organization-Environment (TOE) model with some positive influential factor like cloud security, relative advantages, cost saving, availability, SLA, capability, top management, organizational readiness, IS knowledge, malicious insiders, government regulatory support, competitive pressure, size and type. Some negative influencing factors like technological readiness, cloud trust and lack of standards in cloud security. Data were collected by questionnaires from a selected IT company based on SaaS and public cloud. Case study method has been used for validating the enhance TOE model. The IBM Statistics SPSS v22 tool was used for data analysis. The results of data analysis support the enhancement as well as all the proposed hypotheses. In summary, the results of the analysis show that all the enhancement factors were found to have a significant cloud security influence on adoption of cloud computing for SMEs

    Infrastructure-as-a-Service Usage Determinants in Enterprises

    Get PDF
    The thesis focuses on the research question, what the determinants of Infrastructure-as-a-Service usage of enterprises are. A wide range of IaaS determinants is collected for an IaaS adoption model of enterprises, which is evaluated in a Web survey. As the economical determinants are especially important, they are separately investigated using a cost-optimizing decision support model. This decision support model is then applied to a potential IaaS use case of a large automobile manufacturer

    Trust engineering framework for software services

    Get PDF
    La presente tesis presenta un marco de trabajo que abarca distintas fases del ciclo de vida de los servicios software y que permite a ingenieros de requisitos, diseñadores y desarrolladores la integración en dichos servicios de modelos de confianza y reputación. En la fase de planificación, proponemos una metodología para evaluar la confianza en proveedores de Cloud antes de decidir si el sistema, o parte de él, se traslada al mismo. En la fase de análisis, ofrecemos una notación para la captura y representación de requisitos de confianza y reputación. Asimismo en esta misma fase, desarrollamos una metodología que permite detectar amenazas internas en un sistema a través de análisis de relaciones de confianza. Para la fase de diseño, proponemos un perfil UML que permite la especificación de modelos de confianza y reputación, lo cual facilita la siguiente fase de implementación, para la que desarrollamos un marco de trabajo que los desarrolladores pueden usar para implementar una amplia variedad de modelos de confianza y reputación. Finalmente, para la fase de verificación en tiempo de ejecución, presentamos un marco de trabajo desarrollado sobre una plataforma de sistemas auto-adaptativos que implementa el paradigma de modelos en tiempo de ejecución. Con dicho marco de trabajo, hacemos posible que los desarrolladores puedan implementar modelos de confianza y reputación, y que puedan usar la información proporcionada por dichos modelos para especificar políticas de reconfiguración en tiempo de ejecución. Esto permite que el sistema se adapte de forma que se mantengan niveles tolerables de confianza y reputación en los componentes de los que consiste. Todo los trabajos anteriores se apoyan sobre un marco conceptual que captura y relaciona entre sí las nociones más relevantes en los dominios de la confianza y la reputación

    Towards Cognitive Self-Management of IoT-Edge-Cloud Continuum based on User Intents

    Get PDF
    Elasticity of the computing continuum with on demand availability allows for automated provisioning and release of computing resources as needed; however, this self management capability is severely limited due to the lack of knowledge on historical and timely resource utilisation and means for stakeholders to express their needs in a high-level manner. In this paper, we introduce and discuss a new concept – intent-based cognitive continuum for sustainable elasticity.acceptedVersio

    Developing a comprehensive information security framework for mHealth: a detailed analysis

    Get PDF
    It has been clearly shown that mHealth solutions, which is the use of mobile devices and other wireless technology to provide healthcare services, deliver more patient-focused healthcare, and improve the overall efficiency of healthcare systems. In addition, these solutions can potentially reduce the cost of providing healthcare in the context of the increasing demands of the aging populations in advanced economies. These solutions can also play an important part in intelligent environments, facilitating real-time data collection and input to enable various functionalities. However, there are several challenges regarding the development of mHealth solutions: the most important of these being privacy and data security. Furthermore, the use of cloud computing is becoming an option for the healthcare sector to store healthcare data; but storing data in the cloud raises serious concerns. This paper investigates how data are managed both on mHealth devices as well as in the cloud. Firstly, a detailed analysis of the entire mHealth domain is undertaken to determine domain-specific features and a taxonomy for mHealth, from which a set of security requirements are identified in order to develop a new information security framework. It then examines individual information security frameworks for mHealth devices and the cloud, noting similarities and differences. Furthermore, key mechanisms to implement the new framework are discussed and the new framework is then presented. Finally, the paper presents how the new framework could be implemented in order to develop an Advanced Digital Medical Platform

    Kostnadsanalys av en molnbaserad konvergerad IT arkitektur för ett litet företag

    Get PDF
    The purpose of this thesis is to study the dispersed IT architecture of a small sized enterprise versus a converged cloud based IT architecture. Cloud computing enables moving to a pay-as-you-go model with low up-front investment making it attractive to small sized enterprises. Other traits that appeal to small sized enterprises are flexibility, modularity and ease of use. However, an important factor to be aware of when investing in a cloud solution is hidden costs, such as extra fees and premium support costs. The two scenarios (dispersed versus converged) are studied in terms of Total Cost of Ownership (TCO) and Customer-Provider Strategic Alignment Maturity (CPSAM) as the IT services are outsourced in both scenarios. The TCO provides cost information on both scenarios indicating where savings could be made and exposes excess expenditures. Whilst the CPSAM studies the outsourcing strategies and unveils vendor management issues. Based on the analysis the main differences in TCO related to operational costs, which includes maintenance and support costs. These can vary, however taking in consideration a margin of error there was still a clear difference between the two scenarios and the converged architecture showed a decrease in operational costs. The CPSAM analysis showed issues in communication, articulation of processes and lacking knowledge of the whole value network. Some of the risks could be minimized by choosing scenario 2 as vendor management would be centralized and less complex. However, many of the recommended actions concern both scenarios, such as formalizing a collaboration blueprint, re-assessing contracts for suitability, defining and communicating roles and responsibilities and defining and articulating communication practices.Syftet med detta diplomarbete är att undersöka ett litet företags icke-centrerade IT arkitektur i jämförelse med en centrerad molnbaserad IT arkitektur. Molntjänster är attraktiva för små företag eftersom startavgiften för investeringen är låg och kostnadsmodellen ändras till så kallad ”pay-as-you-go” modell där man endast betalar för de tjänster som används. Andra egenskaper som mindre företag uppskattar är flexibilitet, modularitet och användarvänlighet. Dock är det viktigt att ta i beaktande så kallade gömda kostnader som till exempel kan bestå av extra utgifter eller premium support kostnader. Studien undersöker de två scenarierna (dispergerad och konvergerad) både ur ett Total ägandekostnads perspektiv (TCO) och ur ett maturitets perspektiv (CPSAM) där kundens och leverantörens strategiska positionering analyseras. Analysen på Total ägandekostnader ger kostnadsinformation för båda scenarierna och utgående från den information kan man identifiera besparingsmöjligheter och eventuella överskott i utgifter. CPSAM analysen studerar outsourcing strategier och avslöjar problem i leverantörhanteringen. Utgående från Total ägandekostnads analysen härstammar de största kostnadsskillnaderna från operativa kostnader så som underhåll och support. Dessa kostnader kan variera men även då en felmarginal tas i beaktande är skillnaden i kostnader tydlig. Den konvergerade IT arkitekturen leder till lägre operativa kostnader. Baserat på maturitets analysen kunde det konstateras att problemen relaterar till kommunikation, processartikulation, och bristande helhetskunskap. En del risker kunde minimeras med en konvergerad IT arkitektur, scenario 2, eftersom leverantörhanteringen skulle centraliseras och därmed bli mindre komplex. Däremot är de flesta rekommendationerna aktuella för båda scenarier, såsom formalisering och standardisering av samarbetspraxis, omvärdering av kontrakt för att möta dagens krav, definiering och kommunikation av roller och ansvarsområden, och definiering och artikulation av kommunikations praxis
    corecore