Security Dynamics of Cloud Computing

This paper explores various dimensions of cloud computing security. It argues that security concerns of cloud computing need to be addressed from the perspective of individual stakeholder. Security focuses of cloud computing are essentially different in terms of its characteristics and business model. Conventional way of viewing as well as addressing security such as ‘bolting-in’ on the top of cloud computing may not work well. The paper attempts to portray the security spectrum necessary for enterprizes to understand the dynamics of cloud computing security, the relationships between security requirements of different stakeholders at different levels of abstraction, and the challenges it poses. The paper is expected to shed some lights on concerns as well as dynamics of cloud computing security

Robust Heterogeneous Network to Support Multitasking

Due to emerging technology, efficient multitasking approach is highly demanded. But it is hard to accomplish in heterogeneous wireless networks, where diverse networks have dissimilar geometric features in service and traffic models. Multitasking loss examination based on Markov chain becomes inflexible in these networks owing to rigorous computations is obligatory. This paper emphases on the performance of heterogeneous wireless networks based on multitasking. A method based on multitasking of the interrelated traffic is used to attain an approximate performance in heterogeneous wireless networks with congested traffic. The accuracy of the robust heterogeneous network with multitasking is verified by using ns2 simulations.http://arxiv.org/abs/1309.451

Opioids Delay Healing of Spinal Fusion: A Rabbit Posterolateral Lumbar Fusion Model

Background Context Opioid use is prevalent in the management of pre- and postoperative pain in patients undergoing spinal fusion. There is evidence that opioids downregulate osteoblasts in vitro, and a previous study found that morphine delays the maturation and remodeling of callus in a rat femur fracture model. However, the effect of opioids on healing of spinal fusion has not been investigated before. Isolating the effect of opioid exposure in humans would be limited by the numerous confounding factors that affect fusion healing. Therefore, we have used a well-established rabbit model to study the process of spinal fusion healing that closely mimics humans. Purpose The objective of this work was to study the effect of systemic opioids on the process of healing of spinal fusion in a rabbit posterolateral spinal fusion model. Study Design/Setting This is a preclinical animal study. Materials and Methods Twenty-four adult New Zealand white rabbits were studied in two groups after approval from the Institutional Animal Care and Use Committee (IACUC). The opioid group (n=12) received 4 weeks\u27 preoperative and 6 weeks\u27 postoperative transdermal fentanyl. Serum fentanyl levels were measured just before surgery and 4 weeks postoperatively to ensure adequate levels. The control group (n=12) received only perioperative pain control as necessary. All animals underwent a bilateral L5–L6 posterolateral spinal fusion using iliac crest autograft. Animals were euthanized at the 6-week postoperative time point, and assessment of fusion was done by manual palpation, plain radiographs, microcomputed tomography (microCT), and histology. Results Twelve animals in the control group and 11 animals in the opioid group were available for analysis at the end of 6 weeks. The fusion scores on manual palpation, radiographs, and microCT were not statistically different. Three-dimensional microCT morphometry found that the fusion mass in the opioid group had a lower bone volume (p=.09), a lower trabecular number (p=.02), and a higher trabecular separation (p=.02) compared with the control group. Histologic analysis found areas of incorporation of autograft and unincorporated graft fragments in both groups. In the control group, there was remodeling of de novo woven bone to lamellar organization with incorporation of osteocytes, formation of mature marrow, and relative paucity of hypertrophied osteoblasts lining new bone. Sections from the opioid group showed formation of de novo woven bone, and hypertrophied osteoblasts were seen lining the new bone. There were no sections showing lamellar organization and development of mature marrow elements in the opioid group. Less dense trabeculae on microCT correlated with histologic findings of relatively immature fusion mass in the opioid group. Conclusions Systemic opioids led to an inferior quality fusion mass with delay in maturation and remodeling at 6 weeks in this rabbit spinal fusion model. These preliminary results lay the foundation for further research to investigate underlying cellular mechanisms, the temporal fusion process, and the dose-duration relationship of opioids responsible for our findings

Determinants of Users’ Satisfaction Regarding Mobile Operators in Bangladesh: An Exploratory Factor Analysis Approach on University Students

Customer satisfaction is an important issue in current marketing field. This paper basically prepared based on 444 respondents (University Students) to understand which factors make them most satisfied toward their using cell phone operator’s service. Five major cell phone operators (Grameenphone, Banglalink, Robi, Airtel, and Teletalk) have been picked up along with 28 service items (Such as call charge rate, network facility, various offers, balance transfer system etc.) The study is conducted by factor analysis to identify the major factors that influencing users’ satisfaction. The study attained 7 factors as-Various Offers, Charge Rate, Digital Services, Internet Services, Recharge Facilities, Network Coverage and Customer Care Services. The study reveals that users (University Students) have more emphasis on various offers. The findings confirmed that Various Offers, Charge Rate, Digital Services, Internet Services, Recharge Facilities, Network Coverage and customer Care Services contribute strongly to generating customer satisfaction. From the study cell phone operators of Bangladesh can get a specific view about the factors that directly influence customer satisfaction especially the University students’ demands. Keywords: Users’ Satisfaction, Cell Phone Operators, Factor Analysis, Banglades

“Why can’t I do that?”: tracing adaptive security decisions

One of the challenges of any adaptive system is to ensure that users can understand how and why the behaviour of the system changes at runtime. This is particularly important for adaptive security behaviours which are essential for applications that are used in many different contexts, such as those hosted in the cloud. In this paper, we propose an approach for using traceability information, enriched with causality relations and contextual attributes of the deployment environment, when providing feedback to the users. We demonstrate, using a cloud storage-as-a-service environment, how our approach provides users of cloud applications better information, explanations and assurances about the security decisions made by the system. This enables the user to understand why a certain security adaptation has occurred, how the adaptation is related to current context of use of the application, and a guarantee that the application still satisfies its security requirements after an adaptation

Machine Learning Based Network Vulnerability Analysis of Industrial Internet of Things

It is critical to secure the Industrial Internet of Things (IIoT) devices because of potentially devastating consequences in case of an attack. Machine learning and big data analytics are the two powerful leverages for analyzing and securing the Internet of Things (IoT) technology. By extension, these techniques can help improve the security of the IIoT systems as well. In this paper, we first present common IIoT protocols and their associated vulnerabilities. Then, we run a cyber-vulnerability assessment and discuss the utilization of machine learning in countering these susceptibilities. Following that, a literature review of the available intrusion detection solutions using machine learning models is presented. Finally, we discuss our case study, which includes details of a real-world testbed that we have built to conduct cyber-attacks and to design an intrusion detection system (IDS). We deploy backdoor, command injection, and Structured Query Language (SQL) injection attacks against the system and demonstrate how a machine learning based anomaly detection system can perform well in detecting these attacks. We have evaluated the performance through representative metrics to have a fair point of view on the effectiveness of the methods

Enabling Efficient Secure Multiparty Computation Development in ANSI C

Secure Multi-Party Computation (SMPC) enables parties to compute a pub- lic function over private inputs. A classical example is the millionaires problem, where two millionaires want to figure out who is wealthier without revealing their actual wealth to each other. The insight gained from the secure computa- tion is nothing more than what is revealed by the output (in this case, who was wealthier but not the actual value of the wealth). Other applications of secure computation include secure voting, on-line bidding and privacy-preserving cloud computations, to name a few. Technological advancements are making secure computations practical, and recent optimizations have made dramatic improve- ments on their performance. However, there is still a need for effective tools that facilitate the development of SMPC applications using standard and famil- iar programming languages and techniques, without requiring the involvement of security experts with special training and background. This work addresses the latter problem by enabling SMPC application de- velopment through programs (or repurposing existing code) written in a stan- dard programming language such as ANSI C. Several high-level language (HLL) platforms have been proposed to enable secure computation such as Obliv-C [1], ObliVM [2] and Frigate [3] These platforms utilize a variation of Yao's garbled circuits [4] in order to evaluate the program securely. The source code written for these frameworks is then converted into a lower-level intermediate language that utilizes garbled circuits for program evaluation. Garbled Circuits have one party (garbler) who compiles the program that the other party (evaluator) runs, and the communication between the two parties happens through oblivi- ous transfer. Garbled circuits allow two parties to do this evaluation without a need for a trusted third party. These frameworks have two common characteristics: either define a new language [2] or make a restricted extension of a current language [1]. This is somewhat prohibitive as it requires the programmer to have a sufficient under- standing of SMPCs related constructs and semantics. This process is error-prone and time-consuming for the programmer. The other characteristic is that they use combinational circuits, which often require creating and materializing the entire circuit (circuit size may be huge) before evaluation. This introduces a restriction on the program being written. TinyGarble [5], however, is a secure two-party computation framework that is based on sequential circuits. Compared with the frameworks mentioned earlier, TinyGarble outperforms them by orders of magnitude. We are developing a framework that can automatically convert a HLL pro- gram (in this case ANSI C) into an hardware definition language, which is then evaluated securely. The benefit of having such transformation is that it does not require knowledge of unfamiliar SMPC constructs and semantics, and per- forms the computation in a much more efficient manner. We are combining the efficiency of sequential circuits for computation as well as the expressiveness of a HLL like ANSI C to be able to develop a secure computation framework that is expected to be effective and efficient. Our proposed approach is two-fold: first, it offers a separation of concern between the function of computation, written in C, and a secure computation policy to be enforced. This leaves the original source code unchanged, and the programmer is only required to specify a policy file where he/she specifies the function/variables which need secure computations. Secondly, it leverages the current state-of-the-art framework to generate sequential circuits. The idea is to covert the original source code to Verilog (a Hardware Definition Language) as this can then be transformed into standard circuit description which TinyGarble [5] would run. This will enable us to leverage TinyGarbles efficient sequential circuits. The result would be having the best of both worlds where we have HLL that would be converted and evaluated as a sequential circuit.qscienc

Survivable Cloud Network Mapping for Disaster Recovery Support

Network virtualization is a key provision for improving the scalability and reliability of cloud computing services. In recent years, various mapping schemes have been developed to reserve VN resources over substrate networks. However, many cloud providers are very concerned about improving service reliability under catastrophic disaster conditions yielding multiple system failures. To address this challenge, this work presents a novel failure region-disjoint VN mapping scheme to improve VN mapping survivability. The problem is first formulated as a mixed integer linear programming problem and then two heuristic solutions are proposed to compute a pair of failure region-disjoint VN mappings. The solution also takes into account mapping costs and load balancing concerns to help improve resource efficiencies. The schemes are then analyzed in detail for a variety of networks and their overall performances compared to some existing survivable VN mapping scheme