Time efficient secure DNA based access control model for cloud computing environment

The uses of Big Data (BD) are gradually increasing in many new emerging applications, such as Facebook, eBay, Snapdeal, etc. BD is a term, which is used for describing a large volume of data. The data security is always a big concern of BD. Besides the data security, other issues of BD are data storage, high data accessing time, high data searching time, high system overhead, server demand, etc. In this paper, a new access control model has been proposed for BD to solve all these issues, where fast accessing of the large volume of data are provided based on the data size Here, a long 512-bit Deoxyribonucleic Acid (DNA) based key sequence has been used for improving the data security, and it is secured against the collision attack, man-in-the-middle attack, internal attack, etc. The proposed scheme is evaluated in terms of both theoretical and experimental results, which show the proficiency of the proposed scheme over the existing schemes.     

The method to secure scalability and high density in cloud data-center

Recently IT infrastructures change to cloud computing, the demand of cloud data center increased. Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared computing resources that can be rapidly provisioned and released with minimal management effort, the interest on data centers to provide the cloud computing services is increasing economically and variably. This study analyzes the factors to improve the power efficiency while securing scalability of data centers and presents the considerations for cloud data center construction in terms of power distribution method, power density per rack and expansion unit separately. The result of this study may be used for making rational decisions concerning the power input, voltage transformation and unit of expansion when constructing a cloud data center or migrating an existing data center to a cloud data center.     

A collaborative and integrated platform to support distributed manufacturing system using a service-oriented approach based on cloud computing paradigm

Today's manufacturing enterprises struggle to adopt cost-effective manufacturing systems. Overview of the recent manufacturing enterprises shows that successful global manufacturing enterprises have distributed their manufacturing capabilities over the globe. The successes of global manufacturing enterprises depend upon the entire worldwide integration of their product development processes and manufacturing operations that are distributed over the globe. Distributed manufacturing agents' collaboration and manufacturing data integrity play a major role in global manufacturing enterprises' success. There are number of works, conducted to enable the distributed manufacturing agents to collaborate with each other. To achieve the manufacturing data integrity through manufacturing processes, numbers of solutions have been proposed which one of the successful solutions is to use ISO 10303 (STEP) standard. However, adopting this standard one can recognize antonym effects of integration and collaboration approaches that weaken both integration and collaboration capabilities of manufacturing agents. In our latest work, we had developed an integrated and collaborative manufacturing platform named LAYMOD. Albeit the platform in question was through enough to be applied in various collaborative and integrated CAx systems, its embedded structure hampers its application for collaboration in distributed manufacturing systems. To achieve an integrated and collaborative platform for distributed manufacturing agents, this paper proposes a service-oriented approach. This approach is originated from cloud computing paradigm known as one of the technologies which enables a major transformation in manufacturing industry. Also, to maintain the product data integration based on the STEP standard, a new service-oriented approach is proposed. This approach is in parallel to the new capability of the STEP standard for supporting XML data structures. The result is a new platform named XMLAYMOD. XMLAYMOD is able to support distributed manufacturing collaboration and data integration based on the STEP standard. The different aspects of this platform to fulfill the requirements of distributed collaboration and also to overcome the lacks of the STEP standard are discussed through a brief case study.     

A cloud supported model for efficient community health awareness

The needs for efficient and scalable community health awareness model become a crucial issue in today’s health care applications. Many health care service providers need to provide their services for long terms, in real time and interactively. Many of these applications are based on the emerging Wireless Body Area networks (WBANs) technology. WBANs have developed as an effective solution for a wide range of healthcare, military, sports, general health and social applications. On the other hand, handling data in a large scale (currently known as Big Data) requires an efficient collection and processing model with scalable computing and storage capacity. Therefore, a new computing paradigm is needed such as Cloud Computing and Internet of Things (IoT). In this paper we present a novel cloud supported model for efficient community health awareness in the presence of a large scale WBANs data generation. The objective is to process this big data in order to detect the abnormal data using MapReduce infrastructure and user defined functions with minimum processing delay. The goal is to have a large monitored data of WBANs to be available to the end user or to the decision maker in reliable manner. While reducing data packet processing energy, the proposed work is minimizing the data processing delay by choosing cloudlet or local cloud model and MapReduce infrastructure. So, the overall delay is minimized, thus leading to detect the abnormal data in the cloud in real time mode. In this paper we present a multi-layer computing model composed of Local Cloud (LC) layer and Enterprise Cloud (EP) layer that aim to process the collected data from Monitored Subjects (MSs) in a large scale to generate useful facts, observations or to find abnormal phenomena within the monitored data. Performance results show that integrating the MapReduce capabilities with cloud computing model will reduce the processing delay. The proposed MapReduce infrastructure has also been applied in lower layer, such as LC in order to reduce the amount of communications and processing delay. Performance results show that applying MapReduce infrastructure in lower tire will significantly decrease the overall processing delay.     

An efficient dynamic decision-based task optimization and scheduling approach for microservice-based cost management in mobile cloud computing applications

The use of smartphones and mobile devices has increased significantly, as have Mobile Cloud Applications based on cloud computing. These applications are used in various fields, including Augmented Reality, E-Transportation, 2D/3-D Games, E-Healthcare, and Education. While existing cloud-based frameworks provide such services on Virtual Machines, they incur problems such as overhead, lengthy boot time, and high costs. To address these issues, the paper proposes a Dynamic Decision-Based Task Scheduling Approach for Microservice-based Mobile Cloud Computing Applications (MSCMCC) that can run delay-sensitive applications and mobility with less cost than existing approaches. The study focuses on Task Offloading problems on heterogeneous Mobile Cloud servers. It proposes a Task Offloading and Microservices based Computational Offloading (TSMCO) framework to solve Task Scheduling in steps such as Resource Matching, Task Sequencing, and Task Offloading. Experimental results show that the proposed MSCMCC and TSMCO enhance Mobile Server Utilization while minimizing costs and improving boot time, resource utilization, and task arrival time for various applications. Specifically, the proposed system effectively reduces the cost of healthcare applications by 25%, augmented reality by 23%, E-Transport tasks by 21%, and 3-D games tasks by 19%, the average boot-time of microservices applications by 17%, resource utilization by 36%, and tasks arrival time by 16%.     

一种适合云数据共享的身份代理重加密方案

目前云数据安全存储方案中,数据拥有者加密数据上传到云中,但却不能很好的支持加密数据分享,尤其是分享给多个用户时,可扩展性不强。针对这个问题本文提出一种基于身份的代理重加密方案,该方案不需要云完全可信但却又能灵活地进行数据安全共享。在具体构造上,结合基于身份的加密,用一个强不可伪造的一次签名方案使被转化后的密文具有公开验证性,且能达到被转化后的密文在标准模型下具有选择密文安全性。由于该类方案无需使用公钥证书、能支持细粒度的访问控制且可扩展性较好,因此可以较好的适用于安全云数据共享。     

Secure and efficient data collaboration with hierarchical attribute-based encryption in cloud computing

With the increasing trend of outsourcing data to the cloud for efficient data storage, secure data collaboration service including data read and write in cloud computing is urgently required. However, it introduces many new challenges toward data security. The key issue is how to afford secure write operation on ciphertext collaboratively, and the other issues include difficulty in key management and heavy computation overhead on user since cooperative users may read and write data using any device. In this paper, we propose a secure and efficient data collaboration scheme, in which fine-grained access control of ciphertext and secure data writing operation can be afforded based on attribute-based encryption (ABE) and attribute-based signature (ABS) respectively. In order to relieve the attribute authority from heavy key management burden, our scheme employs a full delegation mechanism based on hierarchical attribute-based encryption (HABE). Further, we also propose a partial decryption and signing construction by delegating most of the computation overhead on user to cloud service provider. The security and performance analysis show that our scheme is secure and efficient.     

Towards building a cloud for scientific applications

The Cloud computing becomes an innovative computing paradigm, which aims to provide reliable, customized and QoS guaranteed computing infrastructures for users. This paper presents our early experience of Cloud computing based on the Cumulus project for compute centers. In this paper, we give the Cloud computing definition and Cloud computing functionalities. This paper also introduces the Cumulus project with its various aspects, such as design pattern, infrastructure, and middleware. This paper delivers the state-of-the-art for Cloud computing with theoretical definition and practical experience.     

A highly secured and streamlined cloud collaborative editing scheme along with an efficient user revocation in cloud computing

These days with the expanded fame of cloud computing, the interest for cloud-based collaborative editing service is rising. The encryption method is utilized to ensure and secure the data, during the collaborative editing process. In the encryption process, the cloud requires more time to work the collaborative editing. This paper proposes an efficient scheme for reducing the encryption burden over the cooperative users, as the possibilities of cooperative users read and write data by means of any gadget. In the proposed scheme, the encrypted file sent by the data owner is split into smaller segments and stored in the cloud by the cloud service provider (CSP) along with specific tags. Once the cooperative user receives and decrypts the file from the CSP, it modifies and encrypts only the modified segment and resends to the CSP. The CSP after verifying the signature replace the original file segment in the cloud with the modified segment based on the tag information. The scheme that is put forward is performed based on the modified ciphertext-policy hierarchical attribute–based encryption, and the security process is done based on the attribute-based signature schemes. This work employs a proficient attribute updating method to accomplish the dynamic change of users' attributes, consisting granting new attributes, revoking previous attributes, and regranting formerly revoked attributes. A writer's attributes and keys have been revoked, and the stale information cannot be written.     

A hybrid approach for scalable sub-tree anonymization over big data using MapReduce on cloud

In big data applications, data privacy is one of the most concerned issues because processing large-scale privacy-sensitive data sets often requires computation resources provisioned by public cloud services. Sub-tree data anonymization is a widely adopted scheme to anonymize data sets for privacy preservation. Top–Down Specialization (TDS) and Bottom–Up Generalization (BUG) are two ways to fulfill sub-tree anonymization. However, existing approaches for sub-tree anonymization fall short of parallelization capability, thereby lacking scalability in handling big data in cloud. Still, either TDS or BUG individually suffers from poor performance for certain valuing of k-anonymity parameter. In this paper, we propose a hybrid approach that combines TDS and BUG together for efficient sub-tree anonymization over big data. Further, we design MapReduce algorithms for the two components (TDS and BUG) to gain high scalability. Experiment evaluation demonstrates that the hybrid approach significantly improves the scalability and efficiency of sub-tree anonymization scheme over existing approaches.     

A secure cloud-assisted urban data sharing framework for ubiquitous-cities

With the accelerated process of urbanization, more and more people tend to live in cities. In order to deal with the big data that are generated by citizens and public city departments, new information and communication technologies are utilized to process the urban data, which makes it more easier to manage. Cloud computing is a novel computation technology. After cloud computing was commercialized, there have been lot of cloud-based applications. Since the cloud service is provided by the third party, the cloud is semi-trusted. Due to the features of cloud computing, there are many security issues in cloud computing. Attribute-based encryption (ABE) is a promising cryptography technique which can be used in the cloud to solve many security issues. In this paper, we propose a framework for urban data sharing by exploiting the attribute-based cryptography. In order to fit the real world ubiquitous-cities utilization, we extend our scheme to support dynamic operations. In particular, from the part of performance analysis, it can be concluded that our scheme is secure and can resist possible attacks. Moreover, experimental results and comparisons show that our scheme is more efficient in terms of computation.     

An algorithm for efficient privacy-preserving item-based collaborative filtering

Collaborative filtering (CF) methods are widely adopted by existing recommender systems, which can analyze and predict user “ratings” or “preferences” of newly generated items based on user historical behaviors. However, privacy issue arises in this process as sensitive user private data are collected by the recommender server. Recently proposed privacy-preserving collaborative filtering (PPCF) methods, using computation-intensive cryptography techniques or data perturbation techniques are not appropriate in real online services. In this paper, an efficient privacy-preserving item-based collaborative filtering algorithm is proposed, which can protect user privacy during online recommendation process without compromising recommendation accuracy and efficiency. The proposed method is evaluated using the Netflix Prize dataset. Experimental results demonstrate that the proposed method outperforms a randomized perturbation based PPCF solution and a homomorphic encryption based PPCF solution by over 14X and 386X, respectively, in recommendation efficiency while achieving similar or even better recommendation accuracy.     

Discrete-event simulation for efficient and stable resource allocation in collaborative mobile cloudlets

The deployment of highly interactive, media-rich applications on mobile devices is hindered by the inherent limitations on compute power, memory and battery capacity of these hand-held platforms. The cloudlet concept, opportunistically offloading computation to nearby devices, has proven to be a viable solution in offering resource-intensive applications on mobile devices. In this paper, we propose to extend the cloudlet concept with collaborative scenarios, in which not only hardware resources for processing are shared between all cloudlet users, but also the data computed.In a cloudlet, the resource demand should be spread over all available cloudlet nodes. User mobility and fluctuations in wireless bandwidth will cause the optimal resource allocation to vary over time. The cloudlet middleware must continuously balance the performance gain of reallocating components with the operational costs in terms of user experience and management complexity. In this paper, we formulate this optimization problem based on a theoretical cloudlet model capturing the infrastructure, application structure and user behavior.In order to solve this problem, two heuristic allocation algorithms based on Steepest Descent (SD) and Simulated Annealing (SA) are described. Besides optimality of the found solution, it is also important to limit the number of reallocations at runtime. To evaluate the performance and stability of the algorithms, we propose a discrete-event model for cloudlet simulation. For multiple application scenarios, we observe that SD performs 4 times less reallocations than SA. By introducing hysteresis, the number of reallocations by SA can be nearly halved without any significant degradation of application performance.     

An efficient and secure authentication protocol for RFID systems

The use of radio frequency identification (RFID) tags may cause privacy violation of users carrying an RFID tag. Due to the unique identification number of the RFID tag, the possible privacy threats are information leakage of a tag, traceability of the consumer, denial of service attack, replay attack and impersonation of a tag, etc. There are a number of challenges in providing privacy and security in the RFID tag due to the limited computation, storage and communication ability of low-cost RFID tags. Many research works have already been conducted using hash functions and pseudorandom numbers. As the same random number can recur many times, the adversary can use the response derived from the same random number for replay attack and it can cause a break in location privacy. This paper proposes an RFID authentication protocol using a static identifier, a monotonically increasing timestamp, a tag side random number and a hash function to protect the RFID system from adversary attacks. The proposed protocol also indicates that it requires less storage and computation than previous existing RFID authentication protocols but offers a larger range of security protection. A simulation is also conducted to verify some of the privacy and security properties of the proposed protocol.     

Multi-valued collaborative QoS prediction for cloud service via time series analysis

Aiming at the diversity of user features, the uncertainty and the variation characteristics of quality of service (QoS), by exploiting the continuous monitoring data of cloud services, this paper proposes a multi-valued collaborative approach to predict the unknown QoS values via time series analysis for potential users. In this approach, the multi-valued QoS evaluations consisting of single-value data and time series data from consumers are transformed into cloud models, and the differences between potential users and other consumers in every period are measured based on these cloud models. Against the deficiency of existing methods of similarity measurement between cloud models, this paper presents a new vector comparison method combining the orientation similarity and dimension similarity to improve the precision of similarity calculation. The fuzzy analytic hierarchy process method is used to help potential users determine the objective weight of every period, and the neighboring users are selected for the potential user according to their comprehensive similarities of QoS evaluations in multiple periods. By incorporating the multi-valued QoS evaluations with the objective weights among multiple periods, the predicted results can remain consistent with the periodic variations of QoS. Finally, the experiments based on a real-world dataset demonstrate that this approach can provide high accuracy of collaborative QoS prediction for multi-valued evaluations in the cloud computing paradigm.     

A model-driven workflow fragmentation framework for collaborative workflow architectures and systems

This paper focuses on a workflow distribution methodology for rationally deploying workflow models onto a distributed workflow system running on cloud computing environments, and we particularly lay a stress upon that those workflow systems operable on cloud computing environments are dubbed collaborative workflow systems, which are not only built upon the collaborative workflow architectures proposed in the paper, but pursuing the so-called collaborative computing paradigm characterized by focusing collaboration over cloud computing environments. The essential idea of the workflow distribution methodology is about how to fragment a workflow model and how to allocate its fragments to each of the architectural components configuring the underlying collaborative workflow architecture and system. As a reasonable solution to realize the essential idea, the paper proposes a model-driven workflow fragmentation framework, which provides a series of fragmentation algorithms that semantically fragmentate a workflow model by considering the semantic factors - performer, role, control-flow, data-flow, etc. - of the ICN-based workflow model as fragmentation criteria. The algorithms are classified into the vertical fragmentation approach, the horizontal fragmentation approach, and the hybrid approach of both. Conclusively, this paper conceives a possible set of collaborative workflow architectures embedding the collaborative computing paradigm, and describes the detailed formalism of the framework and about how the framework works on those collaborative workflow architectures and systems.     

URL: A unified reinforcement learning approach for autonomic cloud management

Cloud computing is emerging as an increasingly important service-oriented computing paradigm. Management is a key to providing accurate service availability and performance data, as well as enabling real-time provisioning that automatically provides the capacity needed to meet service demands. In this paper, we present a unified reinforcement learning approach, namely URL, to automate the configuration processes of virtualized machines and appliances running in the virtual machines. The approach lends itself to the application of real-time autoconfiguration of clouds. It also makes it possible to adapt the VM resource budget and appliance parameter settings to the cloud dynamics and the changing workload to provide service quality assurance. In particular, the approach has the flexibility to make a good trade-off between system-wide utilization objectives and appliance-specific SLA optimization goals. Experimental results on Xen VMs with various workloads demonstrate the effectiveness of the approach. It can drive the system into an optimal or near-optimal configuration setting in a few trial-and-error iterations.     

Provably secure authenticated key agreement scheme for distributed mobile cloud computing services

With the rapid development of mobile cloud computing, the security becomes a crucial part of communication systems in a distributed mobile cloud computing environment. Recently, in 2015, Tsai and Lo proposed a privacy-aware authentication scheme for distributed mobile cloud computing services. In this paper, we first analyze the Tsai–Lo’s scheme and show that their scheme is vulnerable to server impersonation attack, and thus, their scheme fails to achieve the secure mutual authentication. In addition, we also show that Tsai–Lo’s scheme does not provide the session-key security (SK-security) and strong user credentials’ privacy when ephemeral secret is unexpectedly revealed to the adversary. In order to withstand these security pitfalls found in Tsai–Lo’s scheme, we propose a provably secure authentication scheme for distributed mobile cloud computing services. Through the rigorous security analysis, we show that our scheme achieves SK-security and strong credentials’ privacy and prevents all well-known attacks including the impersonation attack and ephemeral secrets leakage attack. Furthermore, we simulate our scheme for the formal security analysis using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, and show that our scheme is secure against passive and active attacks including the replay and man-in-the-middle attacks. More security functionalities along with reduced computational costs for the mobile users make our scheme more appropriate for the practical applications as compared to Tsai–Lo’s scheme and other related schemes. Finally, to demonstrate the practicality of the scheme, we evaluate the proposed scheme using the broadly-accepted NS-2 network simulator.