Modeling of service agents for simulation in cloud manufacturing

Cloud Manufacturing is a paradigm of intelligent manufacturing system with information opening, resource sharing, and diversified services. In order to research the issues in cloud manufacturing, such as behaviors of a service provider and service consumer, matching of service, dynamic change of resource, verification of business model, scheduling of service and evolution of service network, cloud manufacturing simulation platform is widely applied. However, the method of simulation-based on agent or rule lacks to represent the characteristics of service in cloud manufacturing. This paper presents a method of integrating the service and agent to form a service agent. The service agent integrates intelligence to the service in cloud manufacturing so that it can trade autonomously and adapt itself to the environment. A simulation case of production takt is presented in the rear of the paper. It shows that the conceptual model of the service agent and the communication architecture of the service agent can build the service agent model, which can support the cloud manufacturing simulation platform.     

面向云应用的拟态云服务架构

针对单执行体的云应用服务缺乏异构性和动态性,难以应对未知漏洞和后门的安全威胁问题,提出一种拟态云服务架构,把云平台向用户提供的应用服务节点构造成基于拟态防御技术的服务包,使应用服务具有拟态构造带来的内生安全特性和鲁棒性,同时讨论了策略调度和裁决机制等两项关键的拟态云服务运行机制.经实验分析表明,拟态云服务具有较好的安全...     

Healing on the cloud: Secure cloud architecture for medical wireless sensor networks

There has been a host of research works on wireless sensor networks (WSN) for medical applications. However, the major shortcoming of these efforts is a lack of consideration of data management. Indeed, the huge amount of high sensitive data generated and collected by medical sensor networks introduces several challenges that existing architectures cannot solve. These challenges include scalability, availability and security. Furthermore, WSNs for medical applications provide useful and real information about patients’ health state. This information should be available for healthcare providers to facilitate response and to improve the rescue process of a patient during emergency. Hence, emergency management is another challenge for medical wireless sensor networks. In this paper, we propose an innovative architecture for collecting and accessing large amount of data generated by medical sensor networks. Our architecture overcomes all the aforementioned challenges and makes easy information sharing between healthcare professionals in normal and emergency situations. Furthermore, we propose an effective and flexible security mechanism that guarantees confidentiality, integrity as well as fine-grained access control to outsourced medical data. This mechanism relies on Ciphertext Policy Attribute-based Encryption (CP-ABE) to achieve high flexibility and performance. Finally, we carry out extensive simulations that allow showing that our scheme provides an efficient, fine-grained and scalable access control in normal and emergency situations.     

Modeling urban growth sustainability in the cloud by augmenting Google Earth Engine (GEE)

Google Earth Engine (GEE) has been increasingly used in environmental and urban studies due to its cloud-based geospatial processing capability and accessibility to a large collection of geospatial datasets like Landsat, Modis, etc. However, at present, ecological and urban modeling efforts based on GEE are facing three grave challenges: current illustrations of GEE are to a large extent “straightforward mapping” applications; technical complexities that ecological or urban modelers have to overcome in order to effectively and easily use GEE to develop image processing based environmental models; and the majority of ecological and urban modelers are not aware of new analytical approaches that are becoming available because of the unprecedent geospatial processing capability and large collection of big geospatial datasets GEE has brought to them. The great potential of GEE to support ecological and urban modeling is less explored. In this study, we augmented GEE functions with a few sets of user-customized functions for improving image classification accuracy, estimating ecosystem services, and modeling urban growth sustainability. The paper is the first effort of modeling urban sustainability based on the concept of ecosystem service value (ESV) and in the cloud with GEE; is the first application of classifying GEE Landsat time-series images to compute yearly ESV; and creates the first set of cloud tools to augment GEE for ecologists and urban modelers to model urban sustainability from GEE and ESV. The paper also chose Hohhot City, Inner Mongolia as a case study to model urban sustainability in a time-series 12 years (2005–2016). The case study successfully estimated ecosystem service values and analyzed urban growth sustainability. It also revealed spatial disparities and temporal dynamics of urban growth sustainability in Hohhot City. The study provides an easy-to-adapt illustration on using GEE for image-based ecological and urban modeling.     

Chargeback for cloud services

With pay-per-use pricing models, elastic scaling of resources, and the use of shared virtualized infrastructures, cloud computing offers more efficient use of capital and agility. To leverage the advantages of cloud computing, organizations have to introduce cloud-specific chargeback practices. Organizations have to allocate IT service costs to business users in a way that reflects service consumption. To help organizations become effective users of cloud services, this article provides an overview of the factors that influence chargeback in the cloud services. This is an initial work that determines the factors influencing the chargeback in the cloud services. The findings of this research facilitate organizations to realize the implications of the cloud for their chargeback.     

基于云计算的校园教学云平台建设

随着教育信息化和互联网的高速发展,校园里面的教育信息化建设已经成为众多行业关注的重点。为了适应当前彳言,息化的发展,提高学生的学习质量和效率,文章重点结合云计算的特点以及我国目前校园信息化建设的现状,研究探讨了基于云计算的校园教育云平台的新模型建设。     

Service agent networks in cloud manufacturing: Modeling and evaluation based on set-pair analysis

In a cloud manufacturing system, manufacturing services form the service network and collaboration network. The performance of the networks can affect the cloud manufacturing system. Researchers can study the behavior of enterprises, service, resource and elements in cloud manufacturing through the simulation platform. In this paper, the service agent in the simulation platform can drive the manufacturing service to form a self-organization network, in order to conduct transactions and cooperation spontaneously. Thus, the service network of service agent and the collaboration network of service agent are formed. And the models of two kinds of networks are presented by the theory of Set Pair Analysis (SPA). In addition, an evaluation method for two kinds of network models is proposed. The simulation data of the networks are produced by the method of data generation in cloud manufacturing simulation platform. Finally, the evaluation methods of the networks are validated by the simulation data.     

Attribute-based authentication on the cloud for thin clients

We propose two new authentication schemes for the cloud that support private attribute-based authentication services. The basic scheme is non-anonymous attribute-based authentication scheme. The extended scheme of the basic scheme is fully anonymous attribute-based authentication scheme to realize full anonymity and unlinkability services. In the proposed schemes, a user is authenticated by the remote server if the intersection of the set of his/her assigned attributes and the server’s required attributes exceeds a satisfactory predefined level. Unlike existing attribute-based encryption and signature schemes that require the user to perform significant amount of elliptic curve bilinear pairings and modular exponentiations, and require the user to hold a significantly long decryption/signature key, in our schemes the user is not required to perform any bilinear pairings. With a fixed length private key, independent of the number of attributes, the cloud user performs only few exponentiations by which he/she is able to authenticate himself/herself to the remote server and establish a session key with the server with the condition that he/she satisfies a predefined level of the server’s attributes requirement. Therefore, our schemes are suitable for implementation on devices with limited resources. We provide the rigorous security of the proposed schemes and complexity analysis of our schemes. Finally, the security and performance comparisons of our schemes with the existing related schemes show that our schemes outperform other existing schemes.     

A privacy preserving authorisation system for the cloud

In this paper we describe a policy based authorisation infrastructure that a cloud provider can run as an infrastructure service for its users. It will protect the privacy of users? data by allowing the users to set their own privacy policies, and then enforcing them so that no unauthorised access is allowed to their data. The infrastructure ensures that the users? privacy policies are stuck to their data, so that access will always be controlled by the policies even if the data is transferred between cloud providers or services. This infrastructure also ensures the enforcement of privacy policies which may be written in different policy languages by multiple authorities such as: legal, data subject, data issuer and data controller. A conflict resolution strategy is presented which resolves conflicts among the decisions returned by the different policy decision points (PDPs). The performance figures are presented which show that the system performs well and that each additional PDP only imposes a small overhead.     

SLA guarantees for cloud services

Quality-of-service and SLA guarantees are among the major challenges of cloud-based services. In this paper we first present a new cloud model called SLAaaS — SLA aware Service. SLAaaS considers QoS levels and SLA as first class citizens of cloud-based services. This model is orthogonal to other SaaS, PaaS, and IaaS cloud models, and may apply to any of them. More specifically we make three contributions: (i) we provide a novel domain specific language that allows to describe QoS-oriented SLA associated with cloud services; (ii) we present a general control-theoretic approach for managing cloud service SLA; (iii) we apply the proposed language and control approach to guarantee SLA in various case studies, ranging from cloud-based MapReduce service, to locking service, and higher-level e-commerce service; these case studies successfully illustrate SLA management with different QoS aspects of cloud services such as performance, dependability, financial energetic costs.     

From cloud computing to cloud manufacturing

Cloud computing is changing the way industries and enterprises do their businesses in that dynamically scalable and virtualized resources are provided as a service over the Internet. This model creates a brand new opportunity for enterprises. In this paper, some of the essential features of cloud computing are briefly discussed with regard to the end-users, enterprises that use the cloud as a platform, and cloud providers themselves. Cloud computing is emerging as one of the major enablers for the manufacturing industry; it can transform the traditional manufacturing business model, help it to align product innovation with business strategy, and create intelligent factory networks that encourage effective collaboration. Two types of cloud computing adoptions in the manufacturing sector have been suggested, manufacturing with direct adoption of cloud computing technologies and cloud manufacturing—the manufacturing version of cloud computing. Cloud computing has been in some of key areas of manufacturing such as IT, pay-as-you-go business models, production scaling up and down per demand, and flexibility in deploying and customizing solutions. In cloud manufacturing, distributed resources are encapsulated into cloud services and managed in a centralized way. Clients can use cloud services according to their requirements. Cloud users can request services ranging from product design, manufacturing, testing, management, and all other stages of a product life cycle.     

On the use of ordinal measures for cloud tracking

Template matching is used in many practical applications for tracking the movement of clouds. To accommodate their non-rigid nature, additional constraints are often applied to produce cloud motion vectors that are more indicative of the underlying flow. One such approach is correlation-relaxation labelling, which uses a relaxation algorithm to refine sets of velocity vectors produced by template matching. The quality of the final result depends on the initial motion vectors and hence the choice of similarity metric at the template matching stage. Ordinal measures (OM) are a new class of matching functions that are sensitive to image noise. The use of OM for cloud tracking is evaluated both independently and as the first stage of a correlation-relaxation labelling scheme. Experimental results for noise-corrupted sequences show that the direct application of OM does not produce meaningful results. However, within a correlation-relaxation framework, OM produce a more consistent motion field than the widely used cross-correlation coefficient. The increase in accuracy was found to be greater for sequences corrupted by impulsive noise than for Gaussian noise.     

云计算中的入侵检测模型

本文提出了一种云环境下的网络安全处理模型,模型中的每台云服务器都拥有自己的入侵检测系统,并且所有的服务器共享一个异常管理平台,该平台负责报警信息的接收、处理和日志管理.模型采用报警级别动态调整技术和攻击信息共享方法,最大限度地降低了漏报率和服务器遭受同种攻击的可能性,有效提高了检测效率和系统安全水平.     

Automated configuration support for infrastructure migration to the cloud

With an increasing number of cloud computing offerings in the market, migrating an existing computational infrastructure to the cloud requires comparison of different offers in order to find the most suitable configuration. Cloud providers offer many configuration options, such as location, purchasing mode, redundancy, and extra storage. Often, the information about such options is not well organised. This leads to large and unstructured configuration spaces, and turns the comparison into a tedious, error-prone search problem for the customers. In this work we focus on supporting customer decision making for selecting the most suitable cloud configuration—in terms of infrastructural requirements and cost. We achieve this by means of variability modelling and analysis techniques. Firstly, we structure the configuration space of an IaaS using feature models, usually employed for the modelling of variability-intensive systems, and present the case study of the Amazon EC2. Secondly, we assist the configuration search process. Feature models enable the use of different analysis operations that, among others, automate the search of optimal configurations. Results of our analysis show how our approach, with a negligible analysis time, outperforms commercial approaches in terms of expressiveness and accuracy.     

面向云计算环境的访问控制模型

针对云计算[1]领域中基础设施服务在运行和管理中存在的安全问题,在传统访问控制模型的基础上综合考虑了云计算基础设施服务[2]的特点,设计了一套访问控制模型。分析了云计算中安全问题的特点及现有方案的不足之处,提出基础设施服务的安全是云计算安全的基础。根据四条设计原则在RBAC模型[3]和TE模型[4]的基础上加以改进形成了适用于云计算基础设施服务的CIRBAC模型和CITE模型,对模型中的各个模块进行了详细的设计。在基于Xen[5-6]虚拟化技术[7]的OpenStack[8]云计算环境中实现了这些访问控制模型。该模型很好地增强了云计算基础设施服务的安全性。