云计算中动态可信平台模块的实现

针对目前在云计算环境中用户虚拟计算环境不可信的问题,利用可信平台模块虚拟化技术,在云服务器端为用户构造一个虚拟可信平台模块,然后以虚拟可信平台模块为基石,为用户在云服务器端构造了一个虚拟的可信计算环境,从而使现有的云计算用户中虚拟计算环境的可信情况获得了有效保障。通过与现有的可信平台模块虚拟化方案作对比发现,所提方案不仅周全地考虑了在云计算中虚拟机效率损耗的相关问题,而且相较显著提高了它的安全性和执行效率,更加适合被应用于用户虚拟计算环境。     

Audio-Visual Emotion Recognition Using Big Data Towards 5G

With the advent of future generation mobile communication technologies (5G), there is the potential to allow mobile users to have access to big data processing over different clouds and networks. The increasing numbers of mobile users come with additional expectations for personalized services (e.g., social networking, smart home, health monitoring) at any time, from anywhere, and through any means of connectivity. Because of the expected massive amount of complex data generated by such services and networks from heterogeneous multiple sources, an infrastructure is required to recognize a user’s sentiments (e.g., emotion) and behavioral patterns to provide a high quality mobile user experience. To this end, this paper proposes an infrastructure that combines the potential of emotion-aware big data and cloud technology towards 5G. With this proposed infrastructure, a bimodal system of big data emotion recognition is proposed, where the modalities consist of speech and face video. Experimental results show that the proposed approach achieves 83.10 % emotion recognition accuracy using bimodal inputs. To show the suitability and validity of the proposed approach, Hadoop-based distributed processing is used to speed up the processing for heterogeneous mobile clients.     

Privacy preserving friend discovery cross domain scheme using re-encryption in mobile social networks

In order to guarantee the users’ privacy in the process of making friends in the mobile social networks,a new scheme of proxy re-encryption privacy protection in the cross-domain environment was introduced.The scheme employed the cross-domain multi-authority to sharing secret keys,so as to realize the access and shave of the cross-domain users data.And the secret keys of users’ attributes were re-encrypted,based on the technology of the proxy re-encryption and attribute encryption,to achieve the friends matching under the conditions of extending the access policy.Meanwhile,in purpose of enhancing the privacy of users’ data,the technology which contained the separation of users’ privacy ciphertext and secret keys was adopted.Based on that,problems in the existing system such as user data’s inability to be shared cross-cloud,less matching during the process of making friends and users’ inability to make friends when offline had been addressed.Security and experimental analysis show that this scheme can achieve chosen plaintext attack (CPA) security,ensure the privacy of friend discovery,and that is more effective than existing solutions.     

基于二次规划的任务卸载决策和资源分配方法

主要研究移动用户均有多个独立任务的多用户移动云计算系统,这些移动用户将任务卸载到云端时共享通信资源。如何对所有用户的任务卸载决策和通信资源分配进行联合优化,以便使所有用户的能耗、计算量和延时降到最低是目前研究的难点。将该问题建模为NP难度的非凸的具有二次约束的二次规划(QCQP)问题,提出一种高效的近似算法进行求解,通过单独的半正定松驰(SDR)处理后,确定二元卸载决策和通信资源最优分配。采用代表最小系统成本的性能下界作为性能基准进行仿真实验,结果表明,本文算法在多种参数配置下的性能均接近最优性能。     

浅谈人脸识别技术在智能电视系统中的应用

文章介绍了三种基于人脸识别技术的电视应用,第一种是通过人脸识别技术来识别人的面部表情,从而知道用户当时的心情,根据用户的心情来调整图像模式和声音模式,达到一种电视和用户自动互动的效果;第二种是通过人脸识别技术来较为实时地监测电视机前面是否有人在观看电视节目,如果在一定时间内,没有人看电视节目,就自动待机,从而实现节能的目的;第三种应用是利用人脸识别技术来鉴定用户的身份,根据用户的身份和与之关联的喜好,来自动为用户推送节目。     

Cloud-assisted Computing for Event-driven Mobile Services

Today, software developers for desktop computing build request and respond applications to do what end users tell them to do and answer what they ask. In mobile computing, software developers will need to develop sense and response applications that will interact with the end user. These applications will notify or ask users what they want based on what they have sensed or on a personal profile. Mobile cloud computing has the potential to empower mobile users with capabilities not found in mobile devices, combining different and heterogeneous data sets. In this work, we discuss the importance and challenges in designing event-driven mobile services that will detect conditions of interest to users and notify them accordingly.     

Phased Scheduling for Resource-Constrained Mobile Devices in Mobile Cloud Computing

Mobile cloud computing combines wireless access service and cloud computing to improve the performance of mobile applications. Mobile cloud computing can balance the application distribution between the mobile device and the cloud, in order to achieve faster interactions, battery savings and better resource utilization. To support mobile cloud computing, the paper proposes a phased scheduling model of mobile cloud such that mobile device’s users experience lower interaction times and extended battery life. The phased scheduling optimization is solved by two subproblems: mobile device’s batch application optimization and mobile device’s job level optimization. At the first stage, the mobile cloud global scheduling optimization implements the allocation of the cloud resources to the mobile device’s batch applications. At the second stage, mobile device’s job level optimization adjusts the cloud resource usages to optimize the utility of single mobile device’s application. In the simulations, compared with other algorithm, our proposed mobile cloud phased scheduling algorithms achieve the better performance with acceptable overhead.     

移动边缘计算安全研究

移动边缘计算具有靠近用户、业务本地处理、灵活路由等特点,成为满足5G低时延业务需求的关键技术之一。由于移动边缘计算靠近用户、处于相对不安全的环境、核心网控制能力减弱等,存在非授权访问、敏感数据泄露、(D)DoS攻击等安全风险。本文在介绍边缘计算概念、应用场景的基础上,分析移动边缘计算的安全威胁、安全防护框架、安全防护方案,并展望后续研究方向。     

mTrust: Call Behavioral Trust Predictive Analytics Using Unsupervised Learning in Mobile Cloud Computing

Filtering spam voice calls are a still major challenge in today’s technology contrary to SMS or email-based spamming. A numerical measure of the trust between users can help us filter calls based on relevance. Given the abundance of user-generated information available from the huge number of online devices, we can harness the power of this data to develop software adapting to user behavior. Existing research works for trust computation face various challenges when it comes to global applicability and understandability of trust values. Our investigation includes detailed surveillance of user call patterns based on the call data available from mobile devices and proposes a novel approach to filter calls that are of higher relevance to users based on their call-trust values. Our implementation realizes the diversity in call patterns of different people due to varying usage and uses classification and clustering algorithms to generate personalized, accurate numerical, and categorical trust values for every user. Categorical trust makes it easier to apply and understand trust ratings on a global scale. The implementation also incorporates a cloud facility to crowd-source trust values from multiple users, in a single database to generate the global trust of a user which can be used for spam filtering on a global scale. A software named “mTrust” is developed in this work for the future generation of a trustworthy mobile cloud network.

     

An efficient authentication system of smart device using multi factors in mobile cloud service architecture

Mobile cloud computing environments have overcome the performance limitation of mobile devices and provide use environments not restricted by places. However, user information protection mechanisms are required because of both the security vulnerability of mobile devices and the security vulnerability of cloud computing. In this paper, a multifactor mobile device authentication system is proposed to provide safety, efficiency, and user convenience for mobile device use in cloud service architectures. This system improves security by reinforcing the user authentication required before using cloud computing services. Furthermore, to reinforce user convenience, the system proposed increases the strength of authentication keys by establishing multiple factors for authentication. For efficient entries in mobile device use environments, this system combines mobile device identification number entries, basic ID/password type authentication methods, and the authentication of diverse user bio‐information. This system also enhances authentication efficiency by processing the authentication factors of a user's authentication attempt in a lump instead of one by one in the cloud computing service environment. These authentication factors can be continuously added, and this authentication system provides authentication efficiency even when authentication factors are added. The main contribution is to improve high security level by through authentication of mobile devices with multifactors simultaneously and to use the mobile cloud service architecture for its efficient processing with respect to execution time of it. Copyright © 2013 John Wiley & Sons, Ltd.     

Performance analysis of LTE-U coexistence network with WiFi using queueing model

The unforeseen mobile data explosion as well as the scarce of spectrum resource pose a major challenge to the performance of today's cellular networks which are in urgent need of novel solutions to handle such voluminous mobile data. Long term evolution-unlicensed (LTE-U), which extends the LTE standard operating on the unlicensed band, has been proposed to improve system throughput. In LTE-U system, arriving users will contend the unlicensed spectrum resource with wireless fidelity (WiFi) users to transmit data information. Nevertheless, there is no clear consensus as to the benefits of transmission using unlicensed bands for LTE users. To this end, in this paper an analytical model is presented based on a queue system to understand the performance achieved by unlicensed based LTE system taking quality of services (QoS) and LTE-U users' behaviors into account. To obtain the stead-state solutions of the queue system, a matrix geometric method is used to solve it. Then, the average delay and utilization of unlicensed band for the LTE-U users is derived by using the queuing model. The performance of LTE-U coexistence is evaluated with WiFi using the proposed model and provide some initial insights as to the advantage of LTE-U in practice.     

Modeap: Moving Desktop Application to Mobile Cloud Service

Thanks to the availability of various mobile applications, lots of users shift from desktop environments, e.g., PCs and laptops, to mobile devices, e.g., smartphones and tablets. However, there are still some desktop applications without counterparts on mobile devices, such as some integrated development environments (e.g., eclipse) and automatic industry control systems. In this paper, we propose Modeap, a platform-independent mobile cloud service that can push all desktop applications developed for various operating systems from cloud servers to mobile devices. Modeap follows a design principle of complete detachment and regeneration of desktop user interface, i.e., the essential graphical primitives of the original desktop applications will be intercepted and then translated into standard web-based graphical primitives such that the interactions between users and remote cloud applications become possible via mobile web browsers. In this way, all desktop applications built upon the same set of graphical primitives can be used on mobile devices in great flexibility without installing any new software. We have developed a proof-of-concept prototype that provides Windows applications from cloud server to mobile web browsers. The results of extensive experiments show that the proposed framework can achieve our design goals with low latency and bandwidth consumption.     

Mobile Payment Based on Transaction Certificate Using Cloud Self‐Proxy Server

Recently, mobile phones have been recognized as the most convenient type of mobile payment device. However, they have some security problems; therefore, mobile devices cannot be used for unauthorized transactions using anonymous data by unauthenticated users in a cloud environment. This paper suggests a mobile payment system that uses a certificate mode in which a user receives a paperless receipt of a product purchase in a cloud environment. To address mobile payment system security, we propose the transaction certificate mode (TCM), which supports mutual authentication and key management for transaction parties. TCM provides a software token, the transaction certificate token (TCT), which interacts with a cloud self‐proxy server (CSPS). The CSPS shares key management with the TCT and provides simple data authentication without complex encryption. The proposed self‐creating protocol supports TCM, which can interactively communicate with the transaction parties without accessing a user's personal information. Therefore, the system can support verification for anonymous data and transaction parties and provides user‐based mobile payments with a paperless receipt.     

Energy‐aware cross‐layer resource allocation in mobile cloud

This paper proposed an energy‐aware cross‐layer mobile cloud resource allocation approach. In this paper, a hybrid cloud architecture is adopted for provisioning mobile service to mobile device users, which include nearby local cloud and remote public cloud. The computation‐intensive tasks can be processed by the remote public cloud, while the delay‐sensitive computation can be processed by the nearby local cloud. On the basis of the system context and mobile user preferences, the energy‐aware cross‐layer mobile cloud resource allocation approach can optimize the consumption of cloud resource and system performance. The cooperation and collaboration among local cloud agent, public cloud supplier, and mobile cloud user are regulated through the economic approach. The energy‐aware cross‐layer mobile cloud resource allocation is performed on the local cloud level and the public cloud level, which comprehensively considers the benefits of all participants. The energy‐aware cross‐layer mobile cloud resource allocation algorithm is proposed, which is evaluated in the experiment environment, and comparison results and analysis are discussed.     

基于用户感知的IPTV质量评估研究及应用

提供基于用户感知的IPTV质量端到端自动化评估方法和系统,将用户侧感知数据、用户承载网络运行数据以及远端视频服务平台数据等整合到同一个大数据分析系统,通过大数据分析手段建立用户端到端感知模型及评价体系,实现用户端管云业务感知监测,自动获取用户在使用IPTV过程中的感知度,并实现用户感知度端管云的量化评估。通过端管云业务感知评估结果,有针对性地解决影响用户感知的问题和环节,以改善服务的不足。     

移动网络中HTTP视频流终端数据分析及应用

伴随移动通信技术的发展,越来越多的用户选择通过移动网络随时随地观看网络视频,移动视频业务迅速增长.在现有的无线视频传输方式中,由于TCP的可靠性以及易穿透防火墙和网络地址转化等优点,基于TCP的HTTP流逐渐成为网络视频的主流传榆方式.另一方面,用户对业务体验需求的上升,也给移动数据的传输带来巨大挑战.该文通过采集和分析HTTP流的终端数据,获到了HTTP流在HSPA+中传输特性及关键参数的特征,分析结果表明其视频块传输速率变化与自回归模型近似,并在此基础上,提出一种视频等级自适应控制算法,能够有效地改善用户体验.     

融入唇语识别技术提升人脸识别安全性的研究

为了解决人脸识别的安全性问题,提高对恶意攻击人脸识别系统的安全防护,使人脸识别技术能够获得更广泛应用,本文提出了在人脸识别技术上融入一种基于深度神经网络的唇语识别技术的系统。与现有的唇语识别技术不同的是,该系统主要是识别用户的唇动习惯。运用本系统,用户在进行人脸识别的同时可按照检测方的提示,读出相应的内容,并在对用户的人脸进行验证的过程中,对用户通过唇动说出的内容分别实现唇动识别、比对,从而有效地提升人脸识别的安全性水平。实验结果表明,在故意针对人脸识别系统的攻击中,融入本技术的系统有更好的识别准确率。     

移动云计算安全问题及安全度量方法浅析

移动云计算安全度量是云计算安全中的一个研究领域,主要是研究采用手机等移动终端设备,通过移动互联网使用云计算服务过程中的安全问题及安全度量方法。本文分析了目前移动云计算行业发展过程中存在的安全问题,指出了这些安全问题是阻碍用户使用云计算服务的关键,分析了传统的安全度量方法在移动云计算中的应用的优缺点,并在此基础上提出了一种基于场景的移动云计算安全度量方法,该方法可以有效度量和展示用户正在使用的云计算服务的安全情况,可以解除用户对于安全的顾虑,让用户放心使用。     

Successive User Scheduling Schemes for a Multiuser MIMO System Employing Generalized Channel Inversion

Generalized channel inversion (GCI) is a precoding technique for multiuser multiple-input multiple-output system. While producing each user’s precoding matrix, GCI takes into account noise and thus it is more robust compared with alternative techniques such as block diagonalization technique in terms of sum rate capacity and frame error rate. In this paper, two suboptimal multiuser scheduling schemes for GCI are proposed that by scheduling a subset of mobile users nearly maximize the sum rate capacity. They employ an iterative approach involving a number of search steps. At each step, unselected mobile users are evaluated one by one, and only one of them is chosen according to given criteria. It is shown via computer simulations that the proposed schemes are capable of achieving a large portion of the sum rate capacity that is offered by an exhaustive search. The performance of the proposed multiuser scheduling schemes is evaluated when the antenna mutual coupling effects are taken into account at the mobile users’ sides. Numerical results reveal that the presence of antenna mutual coupling can result in an increased sum rate capacity when the array inter-element spacing is in the range of 0.3–0.4 wavelength.     

Load-Balancing Based Cross-Layer Elastic Resource Allocation in Mobile Cloud

The paper proposes a hybrid mobile cloud computing system, in which mobile applications can use different resources or services in local cloud and remote public cloud such as computation, storage and bandwidth. The cross-layer load-balancing based mobile cloud resource allocation optimization is proposed. The proposed approach augments local cloud service pools with public cloud to increase the probability of meeting the service level agreements. Our problem is divided by public cloud service allocation and local cloud service allocation, which is achieved by public cloud supplier, local cloud agent and the mobile user. The system status information is used in the hybrid mobile cloud computing system such as the preferences of mobile applications, energy, server load in cloud datacenter to improve resource utilization and quality of experience of mobile user. Therefore, the system status of hybrid mobile cloud is monitored continuously. The mathematical model of the system and optimization problem is given. The system design of load-balancing based cross-layer mobile cloud resource allocation is also proposed. Through extensive experiments, this paper evaluates our algorithm and other approaches from the literature under different conditions. The results of the experiments show a performance improvement when compared to the approaches from the literature.