基于云计算的校园教学云平台建设

随着教育信息化和互联网的高速发展,校园里面的教育信息化建设已经成为众多行业关注的重点。为了适应当前彳言,息化的发展,提高学生的学习质量和效率,文章重点结合云计算的特点以及我国目前校园信息化建设的现状,研究探讨了基于云计算的校园教育云平台的新模型建设。     

A privacy preserving authorisation system for the cloud

In this paper we describe a policy based authorisation infrastructure that a cloud provider can run as an infrastructure service for its users. It will protect the privacy of users? data by allowing the users to set their own privacy policies, and then enforcing them so that no unauthorised access is allowed to their data. The infrastructure ensures that the users? privacy policies are stuck to their data, so that access will always be controlled by the policies even if the data is transferred between cloud providers or services. This infrastructure also ensures the enforcement of privacy policies which may be written in different policy languages by multiple authorities such as: legal, data subject, data issuer and data controller. A conflict resolution strategy is presented which resolves conflicts among the decisions returned by the different policy decision points (PDPs). The performance figures are presented which show that the system performs well and that each additional PDP only imposes a small overhead.     

Attribute-based authentication on the cloud for thin clients

We propose two new authentication schemes for the cloud that support private attribute-based authentication services. The basic scheme is non-anonymous attribute-based authentication scheme. The extended scheme of the basic scheme is fully anonymous attribute-based authentication scheme to realize full anonymity and unlinkability services. In the proposed schemes, a user is authenticated by the remote server if the intersection of the set of his/her assigned attributes and the server’s required attributes exceeds a satisfactory predefined level. Unlike existing attribute-based encryption and signature schemes that require the user to perform significant amount of elliptic curve bilinear pairings and modular exponentiations, and require the user to hold a significantly long decryption/signature key, in our schemes the user is not required to perform any bilinear pairings. With a fixed length private key, independent of the number of attributes, the cloud user performs only few exponentiations by which he/she is able to authenticate himself/herself to the remote server and establish a session key with the server with the condition that he/she satisfies a predefined level of the server’s attributes requirement. Therefore, our schemes are suitable for implementation on devices with limited resources. We provide the rigorous security of the proposed schemes and complexity analysis of our schemes. Finally, the security and performance comparisons of our schemes with the existing related schemes show that our schemes outperform other existing schemes.     

From cloud computing to cloud manufacturing

Cloud computing is changing the way industries and enterprises do their businesses in that dynamically scalable and virtualized resources are provided as a service over the Internet. This model creates a brand new opportunity for enterprises. In this paper, some of the essential features of cloud computing are briefly discussed with regard to the end-users, enterprises that use the cloud as a platform, and cloud providers themselves. Cloud computing is emerging as one of the major enablers for the manufacturing industry; it can transform the traditional manufacturing business model, help it to align product innovation with business strategy, and create intelligent factory networks that encourage effective collaboration. Two types of cloud computing adoptions in the manufacturing sector have been suggested, manufacturing with direct adoption of cloud computing technologies and cloud manufacturing—the manufacturing version of cloud computing. Cloud computing has been in some of key areas of manufacturing such as IT, pay-as-you-go business models, production scaling up and down per demand, and flexibility in deploying and customizing solutions. In cloud manufacturing, distributed resources are encapsulated into cloud services and managed in a centralized way. Clients can use cloud services according to their requirements. Cloud users can request services ranging from product design, manufacturing, testing, management, and all other stages of a product life cycle.     

Memory allocation algorithm for cloud services

Memory allocation has a major influence on multiuser systems, cloud-based services, virtual machines, and other computer systems. Memory allocation is a process that assigns physical or virtual memory space to programs and services as efficiently and quickly as possible. Economical memory allocation management needs allocation strategies with minimum wastage. In this paper, we introduce a new memory allocation algorithm based on sequential fits and zoning for on-demand (online) cloud services. The memory is divided into multiple zones, where a subgroup of relative request sizes compete in reverse order. We use simulation to compare our new mechanism with existing memory allocation methods that have been deployed using Amazon Elastic Compute Cloud as a test bed. The proposed algorithm is more efficient, and the average saving for the normalized revenue loss is about 7% better than best-fit and 15% better than first-fit memory allocation. In addition, we show that proposed algorithm is robust and faster and has a fairness index that is superior to that of existing techniques.     

Economic decision criteria for the migration to cloud storage

Cloud storage has fast become a widespread alternative to in-house costly storage infrastructures. However, the migration to cloud storage is not necessarily everybody’s best choice and should be evaluated in a rigorous quantitative way against the alternative over a long time horizon. We propose a methodological approach for the comparison of cloud vs in-house solutions, based on the use of the Net Present Value and employing stochastic models for storage prices and memory needs. We analyse two decision criteria, which employ the median and the mean value of the Differential Net Present Value (DNPV), respectively. Through three appropriate risk measures, we show that the mean DNPV is the less risky decision criterion. Since the DNPV is a stochastic quantity, we also consider a protection measure against the risk of taking the wrong decision, which relies on underwriting an insurance policy. Through the real options approach, we propose a pricing formula for such policy, showing that it is an affordable means to hedge against risk for smaller companies and over a limited time horizon. Both the decision criteria and the insurance pricing formula are applied in a typical scenario.     

面向云计算环境的访问控制模型

针对云计算[1]领域中基础设施服务在运行和管理中存在的安全问题,在传统访问控制模型的基础上综合考虑了云计算基础设施服务[2]的特点,设计了一套访问控制模型。分析了云计算中安全问题的特点及现有方案的不足之处,提出基础设施服务的安全是云计算安全的基础。根据四条设计原则在RBAC模型[3]和TE模型[4]的基础上加以改进形成了适用于云计算基础设施服务的CIRBAC模型和CITE模型,对模型中的各个模块进行了详细的设计。在基于Xen[5-6]虚拟化技术[7]的OpenStack[8]云计算环境中实现了这些访问控制模型。该模型很好地增强了云计算基础设施服务的安全性。     

基于云计算的图书馆云服务模型研究

通过借鉴OCLC在云计算图书馆的设计思路以及基于云计算整合图书馆资源与日常服务的办法,提出了在云计算图书馆云服务的构建思路及其模型。     

云计算中的入侵检测模型

本文提出了一种云环境下的网络安全处理模型,模型中的每台云服务器都拥有自己的入侵检测系统,并且所有的服务器共享一个异常管理平台,该平台负责报警信息的接收、处理和日志管理.模型采用报警级别动态调整技术和攻击信息共享方法,最大限度地降低了漏报率和服务器遭受同种攻击的可能性,有效提高了检测效率和系统安全水平.     

On the use of ordinal measures for cloud tracking

Template matching is used in many practical applications for tracking the movement of clouds. To accommodate their non-rigid nature, additional constraints are often applied to produce cloud motion vectors that are more indicative of the underlying flow. One such approach is correlation-relaxation labelling, which uses a relaxation algorithm to refine sets of velocity vectors produced by template matching. The quality of the final result depends on the initial motion vectors and hence the choice of similarity metric at the template matching stage. Ordinal measures (OM) are a new class of matching functions that are sensitive to image noise. The use of OM for cloud tracking is evaluated both independently and as the first stage of a correlation-relaxation labelling scheme. Experimental results for noise-corrupted sequences show that the direct application of OM does not produce meaningful results. However, within a correlation-relaxation framework, OM produce a more consistent motion field than the widely used cross-correlation coefficient. The increase in accuracy was found to be greater for sequences corrupted by impulsive noise than for Gaussian noise.     

A novel cloud management framework for trust establishment and evaluation in a federated cloud environment

The Journal of Supercomputing - Cloud Computing is being utilized by large-scale organizations for data storage and management. It provides advantages like reducing the cost of information...     

Towards building a cloud for scientific applications

The Cloud computing becomes an innovative computing paradigm, which aims to provide reliable, customized and QoS guaranteed computing infrastructures for users. This paper presents our early experience of Cloud computing based on the Cumulus project for compute centers. In this paper, we give the Cloud computing definition and Cloud computing functionalities. This paper also introduces the Cumulus project with its various aspects, such as design pattern, infrastructure, and middleware. This paper delivers the state-of-the-art for Cloud computing with theoretical definition and practical experience.     

Irregular community discovery for cloud service improvement

Utility services provided by cloud computing rely on virtual customer communities forming spontaneously and evolving continuously. Clarifying the explicit boundaries of these communities is thus essential to the quality of utility services in cloud computing. Communities with overlapping features or prominent peripheral vertexes are usually typical irregular communities. Traditional community identification algorithms are limited in discovering irregular topological structures from CR networks, whereas these irregular shapes typically play an important role in finding prominent customers which are ignored in social CRM otherwise. We present a novel method of discovering irregular communities. It firstly finds and merges primitive maximal cliques and the irregular features of overlapping and prominent sparse vertices are further considered. An empirical case and a methodology comparison confirm the feasibility and efficiency of our approach.