A JSON Token-Based Authentication and Access Management Schema for Cloud SaaS Applications

Cloud computing is significantly reshaping the computing industry built around core concepts such as virtualization, processing power, connectivity and elasticity to store and share IT resources via a broad network. It has emerged as the key technology that unleashes the potency of Big Data, Internet of Things, Mobile and Web Applications, and other related technologies, but it also comes with its challenges - such as governance, security, and privacy. This paper is focused on the security and privacy challenges of cloud computing with specific reference to user authentication and access management for cloud SaaS applications. The suggested model uses a framework that harnesses the stateless and secure nature of JWT for client authentication and session management. Furthermore, authorized access to protected cloud SaaS resources have been efficiently managed. Accordingly, a Policy Match Gate (PMG) component and a Policy Activity Monitor (PAM) component have been introduced. In addition, other subcomponents such as a Policy Validation Unit (PVU) and a Policy Proxy DB (PPDB) have also been established for optimized service delivery. A theoretical analysis of the proposed model portrays a system that is secure, lightweight and highly scalable for improved cloud resource security and management.Comment: 6 Page

Design and evaluation of job scheduling strategies for grid computing

Grid computing is intended to offer an easy and seamless access to remote resources. The scheduling task of allocating these resources automatically to user jobs is an essential part of a grid environment. This work discusses the evaluation and design of different scheduling strategies. A concept for the design process of such a scheduling system is presented. The evaluation of scheduling algorithms for single parallel machines is done by theoretical analysis and by simulation experiments. The theoretical approach by competitive analysis lead to bounds for the worst-case scenarios. As there is great interest in the scheduling performance of a real system installation, simulations have been applied for further evaluation. In addition to the theoretical analysis, the presented preemptive scheduling algorithm is also effcient in terms of makespan and average response time in a real system scenario if compared to other scheduling algorithms. In some of the examined scenarios the algorithm could outperform other common algorithms such as backfilling. Based on these results, scheduling algorithms for the grid environment have been developed. On one hand, these methods base on modifications of the examined conventional scheduling strategies for single parallel machines. On the other hand, a scheduling strategy with a market economic approach is presented. As a proof of concept a possible architecture of a scheduling environment is presented, which has been used for the evaluation of the presented algorithms. The work ends with a brief conclusion on the discussed scheduling strategies and gives an outlook on future work

Hybrid Job-driven Scheduling for Virtual MapReduce Clusters

It is cost-efficient for a tenant with a limited budget to establish a virtual MapReduce cluster by renting multiple virtual private servers (VPSs) from a VPS provider. To provide an appropriate scheduling scheme for this type of computing environment, we propose in this paper a hybrid job-driven scheduling scheme (JoSS for short) from a tenant's perspective. JoSS provides not only job level scheduling, but also map-task level scheduling and reduce-task level scheduling. JoSS classifies MapReduce jobs based on job scale and job type and designs an appropriate scheduling policy to schedule each class of jobs. The goal is to improve data locality for both map tasks and reduce tasks, avoid job starvation, and improve job execution performance. Two variations of JoSS are further introduced to separately achieve a better map-data locality and a faster task assignment. We conduct extensive experiments to evaluate and compare the two variations with current scheduling algorithms supported by Hadoop. The results show that the two variations outperform the other tested algorithms in terms of map-data locality, reduce-data locality, and network overhead without incurring significant overhead. In addition, the two variations are separately suitable for different MapReduce-workload scenarios and provide the best job performance among all tested algorithms.Comment: 13 pages and 17 figure

A graph database for persistent identifiers

The Handle Software manages references to resources of information. However, it does not support a search functionality. A prior implementation with Elasticsearch could not efficiently capture the complex structure of our dataset, especially the relationships between handles. In this paper, we apply a graph database together with Elasticsearch to provide more search capabilities to users. In addition, the graph can efficiently store meta-data provided during handle creation. Further use cases for this graph include redundancy detection (two or more handles pointing to the same URL), or bibliographic network analysis

Cloud-Dienste für die Wissenschaft

Cloud-Dienste finden zunehmend Verwendung in der Wissenschaft und bieten dabei ihren Nutzern Vorteile wie dynamische Verfügbarkeit, Skalierbarkeit und Nutzungskontrolle. Allerdings bringt das wissenschaftliche Umfeld besondere Anforderungen mit sich, die von existierenden Cloud-Angeboten häufig nicht erfüllt werden. Daraus ergibt sich die Notwendigkeit, spezifische Dienste zu entwickeln und anzubieten. Eine Herausforderung, der sich momentan deutschlandweit Hochschulen und Forschungseinrichtungen stellen. In diesem Artikel werden beispielhaft Cloud-Lösungen für den Einsatz im wissenschaftlichen Alltag bei der Universität Göttingen und der Max-Planck-Gesellschaft gezeigt, die Datenaustausch und -synchronisation sowie eine Compute Cloud zur flexiblen Bereitstellung von virtuellen Servern und damit Rechenleistung erlauben