Deployment of using cloud services as a new approach to keep people's platforms, Infrastructure and applications has become an important issue in the world of communications technology. This is a very useful paradigm for humans to obtain their essential needs simpler, faster ,more flexible, and safer than before. But there are many concerns about this system challenge. Security is the most important challenge for cloud systems. In this paper we design and explain the procedure of implementation of a new method for cloud services based on multi clouds on our platform which supplies security and privacy more than other clouds. We introduce some confidentiality and security methods in each layer to have a secure access to requirements. The architecture of our method and the implementation of method on our selected platform for each layer are introduced in this paper.
Rightscale Webinar: Designing Private & Hybrid Clouds (Hosted by Citrix)RightScale
Do you want to turn your existing data center into a private cloud? Exploring how to integrate your private cloud with a public cloud? In this webinar, we will discuss key considerations when designing a private cloud from internal resources and best practices for architecture of private and hybrid clouds. The webinar will include a demonstration, plus real-world examples of customers running their private cloud implementations on Citrix CloudPlatform using RightScale.
Topics to be covered:
• When to use private clouds
• Hardware selection
• Reference architectures and design considerations
• Use cases and real-life scenarios
• Managing your cloud resources effectively
There are a variety of options for standing up an OpenStack private cloud platform. In this webinar, we will discuss existing design patterns for deploying OpenStack and their relative strengths and weaknesses.
Cloud computing and OpenStack basic introduction. This presentation was given on November 13, 2014 at Universitat Politecnica de Catalunya. Barcelona, Spain.
Do you think that Nova, Cinder, Heat, Ceilometer, and Neutron are all references to global warming and looming apocalypse? For all those who come to the OpenStack community and wonder what all the fuss is about, this quick introduction will answer your many questions. It includes a short history of the largest Open Source project in history and will touch on
the basic OpenStack components, so you will be prepared the next time someone mentions Keystone, Nova and Swift in the same sentence.
This session was presented by Beth Cohen at the OpenStack meetup on Feb 19th, 2014 in Boston. Beth works for Verizon developing cool Cloud based products that she can't talk about without a strict NDA. She is a technical leader with over 25 years of experience architecting leading-edge system infrastructures and managing complex projects in the telecom, manufacturing, financial services, government, and technology industries. She has been involved in building some of the world's largest OpenStack architectures and has way too much fun at OpenStack Summits!
Rightscale Webinar: Designing Private & Hybrid Clouds (Hosted by Citrix)RightScale
Do you want to turn your existing data center into a private cloud? Exploring how to integrate your private cloud with a public cloud? In this webinar, we will discuss key considerations when designing a private cloud from internal resources and best practices for architecture of private and hybrid clouds. The webinar will include a demonstration, plus real-world examples of customers running their private cloud implementations on Citrix CloudPlatform using RightScale.
Topics to be covered:
• When to use private clouds
• Hardware selection
• Reference architectures and design considerations
• Use cases and real-life scenarios
• Managing your cloud resources effectively
There are a variety of options for standing up an OpenStack private cloud platform. In this webinar, we will discuss existing design patterns for deploying OpenStack and their relative strengths and weaknesses.
Cloud computing and OpenStack basic introduction. This presentation was given on November 13, 2014 at Universitat Politecnica de Catalunya. Barcelona, Spain.
Do you think that Nova, Cinder, Heat, Ceilometer, and Neutron are all references to global warming and looming apocalypse? For all those who come to the OpenStack community and wonder what all the fuss is about, this quick introduction will answer your many questions. It includes a short history of the largest Open Source project in history and will touch on
the basic OpenStack components, so you will be prepared the next time someone mentions Keystone, Nova and Swift in the same sentence.
This session was presented by Beth Cohen at the OpenStack meetup on Feb 19th, 2014 in Boston. Beth works for Verizon developing cool Cloud based products that she can't talk about without a strict NDA. She is a technical leader with over 25 years of experience architecting leading-edge system infrastructures and managing complex projects in the telecom, manufacturing, financial services, government, and technology industries. She has been involved in building some of the world's largest OpenStack architectures and has way too much fun at OpenStack Summits!
Are you overwhelmed by storage capacity requirements? Are you wondering how web giants are able to store large amounts of data at a fraction of your storage costs?
OpenStack is the fastest growing open-source project to date, and its community builds cloud software. Join us to learn about the two OpenStack storage projects and how your company can take advantage of them.
OpenStack storage allows the use of commodity hardware at massive scales that you can consume as a public, private, or hybrid cloud.
View the on-demand webinar. Special guest speaker Randy Bias, founder and CEO of Cloudscaling and member of the Board of Directors for OpenStack Foundation, and EVault big data expert Joey Yep will inform you about this fast-growing, open-source project: OpenStack.
• OpenStack Swift and Cinder storage projects
• High-level functionality and architecture
• Public, private, and hybrid use-cases
OpenStack As A Strategy For Future Growth at CiscoLew Tucker
Cisco's adoption of OpenStack. Cisco Systems joined the OpenStack community in early 2011 and since then, OpenStack has been adopted by several different business and product teams. This is how we made it possible.
Mirantis OpenStack 5.0 brings together the convenience of Fuel with the latest release of OpenStack, Icehouse. This presentation shows what's new, and what you can expect.
Eager to learn more about OpenStack? This presentation provides an overview of OpenStack basics and an introduction to the types of storage in OpenStack. Choosing the right storage for your cloud can be the hardest part of building out your environment – this is a great primer to picking the right storage for your OpenStack deployment.
Why OpenStack on UCS? An Introduction to Red Hat and Cisco OpenStack SolutionElizabeth Sale
The presentation discusses the current status of OpenStack as well as running UCSO, the Cisco and Red Hat partnership for OpenStack solutions.
Topics include:
What is OpenStack? Why OpenStack?
Trends in the Data Center
What is UCSO?
Why OpenStack on UCS?
OpenStack and the Cisco Neutron
Delivering Composable NFV Services for Business, Residential and Mobile EdgePLUMgrid
In this talk, Principal architects will share considerations in designing virtual infrastructure to deliver vCPE and vPE based services. The speakers will provide some background on service function chaining, service edge routing, Openstack clouds and discuss virtualized architectures that can solve Service Provider problems to achieve agility and richness of cloud based services
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapatibuildacloud
In this talk Suresh will discuss how Nuage Networks Virtualized Services Platform (VSP) helps overcome the challenges that cloud service providers and large enterprises face delivering, and managing, large multi-tenant clouds. He will discuss how Nuage Networks delivers a massively scalable SDN solution that ensures that datacenters, and wide area networks, are able to respond instantly to demand, and are boundary-less. The talk will also provide an overview of the SDN capabilities that Nuage VSP adds to CloudStack.
Bio
Suresh is the VP of Engineering at Nuage Networks. He has over 19 years experience in software development, building great teams and delivering high quality software. As the first engineer at Nuage Networks, Suresh played a key role in shaping the architecture of the Nuage Virtualized Services Platform (VSP). Suresh’s experience includes extensive protocol development, having developed IP routing and multicast protocols from scratch and deploying them in large ISPs. Suresh was part of the original TiMetra team before becoming part of Alcatel Lucent as Principal Engineer. He then took a role as Director of Engineering at Juniper where he worked on their QFabric product. Earlier in his career, Suresh worked in software engineering at Shasta Networks (Nortel acquired) as well as Fore Systems (Marconi, Ericsson acquired).
Monitoring Security Policies for Container and OpenStack CloudsPLUMgrid
Container and OpenStack clouds often co-exist in data centers. Monitoring both environments require views into the underlay and overlay infrastructure, but infrastructure monitoring alone is no longer sufficient and needs to be paired with security policy views as containers and microservices are constantly reshaping data center traffic and flow patterns. A visualization GUI that correlates containers and VMs with security policy views provide a powerful tool for any operations team to detect security flow violations in real-time. Enterprises and cloud providers are adopting visualization and monitoring platforms in addition to OpenStack Horizon to keep their infrastructure running with 100% uptime. New tools that help with proactive remediation of issues are being deployed to quickly bring back the system to healthy conditions.
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)PLUMgrid
The OpenStack Innovation Center (OSIC), established by Intel and Rackspace, is created to accelerate adoption of open source cloud operating system while supporting open source principles. OSIC provides ready-to-use data center facilities to the OpenStack community for development and test. This case study presentation highlights a scale-out test performed within a 3 week period using OpenStack Ansible Community based on Liberty with an SDN overlay network connecting 131 nodes running over 1,000 VMs. Tempest and Rally tests were conducted to validate functions including high availability failure scenarios. Join this session to find out more about OSIC and the SDN scale-out test configuration, scenarios, and results.
Cloud computing is set of resources and services offered through the Internet. Cloud
services are delivered from data centers located throughout the world. Cloud computing
facilitates its consumers by providing virtual resources via internet. The biggest challenge in
cloud computing is the security and privacy problems caused by its multi-tenancy nature and the
outsourcing of infrastructure, sensitive data and critical applications. Enterprises are rapidly adopting
cloud services for their businesses, measures need to be developed so that organizations can be assured
of security in their businesses and can choose a suitable vendor for their computing needs. Cloud
computing depends on the internet as a medium for users to access the required services at any time on
pay-per-use pattern. However this technology is still in its initial stages of development, as it suffers
from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities
from illegal users have threatened this technology such as data misuse, inflexible access control and
limited monitoring. The occurrence of these threats may result into damaging or illegal access of
critical and confidential data of users. In this paper we identify the most vulnerable security
threats/attacks in cloud computing, which will enable both end users and vendors to know a bout
the k ey security threats associated with cloud computing and propose relevant solution directives to
strengthen security in the Cloud environment. We also propose secure cloud architecture for
organizations to strengthen the security.
Are you overwhelmed by storage capacity requirements? Are you wondering how web giants are able to store large amounts of data at a fraction of your storage costs?
OpenStack is the fastest growing open-source project to date, and its community builds cloud software. Join us to learn about the two OpenStack storage projects and how your company can take advantage of them.
OpenStack storage allows the use of commodity hardware at massive scales that you can consume as a public, private, or hybrid cloud.
View the on-demand webinar. Special guest speaker Randy Bias, founder and CEO of Cloudscaling and member of the Board of Directors for OpenStack Foundation, and EVault big data expert Joey Yep will inform you about this fast-growing, open-source project: OpenStack.
• OpenStack Swift and Cinder storage projects
• High-level functionality and architecture
• Public, private, and hybrid use-cases
OpenStack As A Strategy For Future Growth at CiscoLew Tucker
Cisco's adoption of OpenStack. Cisco Systems joined the OpenStack community in early 2011 and since then, OpenStack has been adopted by several different business and product teams. This is how we made it possible.
Mirantis OpenStack 5.0 brings together the convenience of Fuel with the latest release of OpenStack, Icehouse. This presentation shows what's new, and what you can expect.
Eager to learn more about OpenStack? This presentation provides an overview of OpenStack basics and an introduction to the types of storage in OpenStack. Choosing the right storage for your cloud can be the hardest part of building out your environment – this is a great primer to picking the right storage for your OpenStack deployment.
Why OpenStack on UCS? An Introduction to Red Hat and Cisco OpenStack SolutionElizabeth Sale
The presentation discusses the current status of OpenStack as well as running UCSO, the Cisco and Red Hat partnership for OpenStack solutions.
Topics include:
What is OpenStack? Why OpenStack?
Trends in the Data Center
What is UCSO?
Why OpenStack on UCS?
OpenStack and the Cisco Neutron
Delivering Composable NFV Services for Business, Residential and Mobile EdgePLUMgrid
In this talk, Principal architects will share considerations in designing virtual infrastructure to deliver vCPE and vPE based services. The speakers will provide some background on service function chaining, service edge routing, Openstack clouds and discuss virtualized architectures that can solve Service Provider problems to achieve agility and richness of cloud based services
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapatibuildacloud
In this talk Suresh will discuss how Nuage Networks Virtualized Services Platform (VSP) helps overcome the challenges that cloud service providers and large enterprises face delivering, and managing, large multi-tenant clouds. He will discuss how Nuage Networks delivers a massively scalable SDN solution that ensures that datacenters, and wide area networks, are able to respond instantly to demand, and are boundary-less. The talk will also provide an overview of the SDN capabilities that Nuage VSP adds to CloudStack.
Bio
Suresh is the VP of Engineering at Nuage Networks. He has over 19 years experience in software development, building great teams and delivering high quality software. As the first engineer at Nuage Networks, Suresh played a key role in shaping the architecture of the Nuage Virtualized Services Platform (VSP). Suresh’s experience includes extensive protocol development, having developed IP routing and multicast protocols from scratch and deploying them in large ISPs. Suresh was part of the original TiMetra team before becoming part of Alcatel Lucent as Principal Engineer. He then took a role as Director of Engineering at Juniper where he worked on their QFabric product. Earlier in his career, Suresh worked in software engineering at Shasta Networks (Nortel acquired) as well as Fore Systems (Marconi, Ericsson acquired).
Monitoring Security Policies for Container and OpenStack CloudsPLUMgrid
Container and OpenStack clouds often co-exist in data centers. Monitoring both environments require views into the underlay and overlay infrastructure, but infrastructure monitoring alone is no longer sufficient and needs to be paired with security policy views as containers and microservices are constantly reshaping data center traffic and flow patterns. A visualization GUI that correlates containers and VMs with security policy views provide a powerful tool for any operations team to detect security flow violations in real-time. Enterprises and cloud providers are adopting visualization and monitoring platforms in addition to OpenStack Horizon to keep their infrastructure running with 100% uptime. New tools that help with proactive remediation of issues are being deployed to quickly bring back the system to healthy conditions.
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)PLUMgrid
The OpenStack Innovation Center (OSIC), established by Intel and Rackspace, is created to accelerate adoption of open source cloud operating system while supporting open source principles. OSIC provides ready-to-use data center facilities to the OpenStack community for development and test. This case study presentation highlights a scale-out test performed within a 3 week period using OpenStack Ansible Community based on Liberty with an SDN overlay network connecting 131 nodes running over 1,000 VMs. Tempest and Rally tests were conducted to validate functions including high availability failure scenarios. Join this session to find out more about OSIC and the SDN scale-out test configuration, scenarios, and results.
Cloud computing is set of resources and services offered through the Internet. Cloud
services are delivered from data centers located throughout the world. Cloud computing
facilitates its consumers by providing virtual resources via internet. The biggest challenge in
cloud computing is the security and privacy problems caused by its multi-tenancy nature and the
outsourcing of infrastructure, sensitive data and critical applications. Enterprises are rapidly adopting
cloud services for their businesses, measures need to be developed so that organizations can be assured
of security in their businesses and can choose a suitable vendor for their computing needs. Cloud
computing depends on the internet as a medium for users to access the required services at any time on
pay-per-use pattern. However this technology is still in its initial stages of development, as it suffers
from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities
from illegal users have threatened this technology such as data misuse, inflexible access control and
limited monitoring. The occurrence of these threats may result into damaging or illegal access of
critical and confidential data of users. In this paper we identify the most vulnerable security
threats/attacks in cloud computing, which will enable both end users and vendors to know a bout
the k ey security threats associated with cloud computing and propose relevant solution directives to
strengthen security in the Cloud environment. We also propose secure cloud architecture for
organizations to strengthen the security.
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Zac Darcy
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
In this study, survey questions were sent to different non-profit and government organizations, which
assisted in collecting fundamental information. The data was acquired by conducting surveys in OpenStack
Company to identify the critical vulnerabilities in the cloud computing platform in order to provide the
recommended solutions.
So, analysis will be made on how the cloud’s characteristics such as the nature of the architecture,
attractiveness, as well as, vulnerability are tightly related to privacy and security issues. Privacy and
security are complex issues for which there is no standard and the relationship between them is necessarily
complicated. The study also highlight on the inherent challenge to data privacy because it typically results
in data to be presented in an encryption from the data owner. Thus, the study aimed at obtaining a common
goal to provide a comprehensive review of the existing security and privacy issues in cloud environments,
and identify and describe the most representative of the security and privacy attributes and present a
relationship among them.
Finally, in order to ensure that the standard measure of validity is achieved, validity test was conducted in
order to ensure that the study is free from errors. Various recommendations were provided. The study also
explored various areas that require future directions for each attribute, which comprise of multi-domain
policy integration and a secure service composition to design a comprehensive policy-based management
framework in the cloud environments.
Lastly, the recommendations will provide the potential for security and privacy approaches that can be
implemented to improve the cloud computing environment to ensure that a level of trust is achieved
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...Zac Darcy
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This presentation gives a detailed overview about Cloud Computing, its features and challenges faced by it in the market. It gives an insight into cloud security and privacy issues and its measures.
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...AJASTJournal
Because of its accessibility and flexibility, cloud technology is among the most notable innovations in today's world. Having many service platforms, such as GoogleApps by Google, Amazon, Apple, and so on, is well accepted by large enterprises. Distributed cloud computing is a concept for enabling every-time, convenient, on-demand network access to processing resources including servers, storage devices, networks, and services that may be mutually configured. The major security risks for cloud computing as identified by the Cloud security alliance (CSA) have been examined in this study. Also, methods for resolving issues with cloud computing technology's data security and privacy protection were systematically examined
Because of its accessibility and flexibility, cloud technology is among the most notable innovations in today's world. Having many service platforms, such as GoogleApps by Google, Amazon, Apple, and so on, is well accepted by large enterprises. Distributed cloud computing is a concept for enabling every-time, convenient, on-demand network access to processing resources including servers, storage devices, networks, and services that may be mutually configured. The major security risks for cloud computing as identified by the Cloud security alliance (CSA) have been examined in this study. Also, methods for resolving issues with cloud computing technology's data security and privacy protection were systematically examined.
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
Ubiquitous computing has revolutionized interaction of humans and machines. Cloud computing has been mainly used for storing data and various computational purposes. It has changed the face of using the internet. But, as we know every technology has its pros and cons. Securing cloud environment is the most challenging issue for the researchers and developers. Main aspects which cloud security should cover are authentication, authorization, data protection etc. Establishing trust between cloud service providers (CSP) is the biggest challenge, when someone is discussing about cloud security. Trust is a critical factor which mainly depends on perception of reputation and self-assessment done by both user and CSP. The trust model can act as security strength evaluator and ranking service for cloud application and services. For establishing trust relationship between two parties, mutual trust mechanism is reliable, as it does verification from both sides. There are various trust models which mainly focuses on securing one party i.e., they validate either user or service node. In this survey paper, the study of various trust models and their various parameters are discussed.
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...IJCNCJournal
Cloud computing is utility-based computing provides many benefits to its clients but security is one aspect which is delaying its adoptions. Security challenges include data security, network security and infrastructure security. Data security can be achieved using Cryptography. If we include location information in the encryption and decryption process then we can bind access to data with the location so that data can be accessed only from the specified locations. In this paper, we propose a method based on the symmetric cryptography, location-based cryptography and ciphertext policy – Attribute-based encryption (CP-ABE) to implements secure access control to the outsourced data. The Symmetric key is used to encrypt that data whereas CP-ABE is used to encrypt the secret key and the location lock value before uploading on the server. User will download encrypted data and the symmetric secret key XORed with the Location Lock value, using his attributes based secret key he can obtain first XORed value of Symmetric secret key and location lock value. Using anti-spoof GPS Location lock value can be obtained which can be used to retrieve the symmetric secret key. We have adopted Massage Authentication Code (MAC) to ensure Integrity and Availability of the data. This protocol can be used in the Bank, government organization, military services or any other industry those are having their offices/work location at a fixed place, so data access can be bounded to that location.
Single Sign-on Authentication Model for Cloud Computing using KerberosDeepak Bagga
ABSTRACT
In today’s organizations need for several new resources and storage requirements for terabytes of data is generated every day. Cloud computing provides solution for this in a cost effective and efficient manner. Cloud computing provides on demand resources as services to clients. Cloud is highly scalable and flexible. Although it is benefiting the clients in several ways but as data is stored remotely it has many security loopholes like attacks, data lose, other security and authentication issues. In this paper we are proposing an authentication model for cloud computing based on the Kerberos protocol to provide single sign-on and to prevent against DDOS attacks. This model can benefit by filtering against unauthorized access and to reduce the burden, computation and memory usage of cloud against authentication checks for each client. It acts as a third party between cloud servers and clients to allow secure access to cloud services. In this paper we will see some of the related work for cloud security issues and attacks. Then in next section we will discuss the proposed architecture, its working and sequential process of message transmission. Next we will see how it can prevent against DDOS attacks, some benefits and how it provides single sign-on.
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhShah Sheikh
ISACA Journal Publication Volume 5 written by Shah Sheikh - published in Q4 2013. Based on the Cloud Security Alliance Framework whitepaper titled "Does your Cloud have a Secure Lining?"
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
ANALYSIS OF LAND SURFACE DEFORMATION GRADIENT BY DINSAR cscpconf
The progressive development of Synthetic Aperture Radar (SAR) systems diversify the exploitation of the generated images by these systems in different applications of geoscience. Detection and monitoring surface deformations, procreated by various phenomena had benefited from this evolution and had been realized by interferometry (InSAR) and differential interferometry (DInSAR) techniques. Nevertheless, spatial and temporal decorrelations of the interferometric couples used, limit strongly the precision of analysis results by these techniques. In this context, we propose, in this work, a methodological approach of surface deformation detection and analysis by differential interferograms to show the limits of this technique according to noise quality and level. The detectability model is generated from the deformation signatures, by simulating a linear fault merged to the images couples of ERS1 / ERS2 sensors acquired in a region of the Algerian south.
4D AUTOMATIC LIP-READING FOR SPEAKER'S FACE IDENTIFCATIONcscpconf
A novel based a trajectory-guided, concatenating approach for synthesizing high-quality image real sample renders video is proposed . The lips reading automated is seeking for modeled the closest real image sample sequence preserve in the library under the data video to the HMM predicted trajectory. The object trajectory is modeled obtained by projecting the face patterns into an KDA feature space is estimated. The approach for speaker's face identification by using synthesise the identity surface of a subject face from a small sample of patterns which sparsely each the view sphere. An KDA algorithm use to the Lip-reading image is discrimination, after that work consisted of in the low dimensional for the fundamental lip features vector is reduced by using the 2D-DCT.The mouth of the set area dimensionality is ordered by a normally reduction base on the PCA to obtain the Eigen lips approach, their proposed approach by[33]. The subjective performance results of the cost function under the automatic lips reading modeled , which wasn’t illustrate the superior performance of the
method.
MOVING FROM WATERFALL TO AGILE PROCESS IN SOFTWARE ENGINEERING CAPSTONE PROJE...cscpconf
Universities offer software engineering capstone course to simulate a real world-working environment in which students can work in a team for a fixed period to deliver a quality product. The objective of the paper is to report on our experience in moving from Waterfall process to Agile process in conducting the software engineering capstone project. We present the capstone course designs for both Waterfall driven and Agile driven methodologies that highlight the structure, deliverables and assessment plans.To evaluate the improvement, we conducted a survey for two different sections taught by two different instructors to evaluate students’ experience in moving from traditional Waterfall model to Agile like process. Twentyeight students filled the survey. The survey consisted of eight multiple-choice questions and an open-ended question to collect feedback from students. The survey results show that students were able to attain hands one experience, which simulate a real world-working environment. The results also show that the Agile approach helped students to have overall better design and avoid mistakes they have made in the initial design completed in of the first phase of the capstone project. In addition, they were able to decide on their team capabilities, training needs and thus learn the required technologies earlier which is reflected on the final product quality
PROMOTING STUDENT ENGAGEMENT USING SOCIAL MEDIA TECHNOLOGIEScscpconf
Using social media in education provides learners with an informal way for communication. Informal communication tends to remove barriers and hence promotes student engagement. This paper presents our experience in using three different social media technologies in teaching software project management course. We conducted different surveys at the end of every semester to evaluate students’ satisfaction and engagement. Results show that using social media enhances students’ engagement and satisfaction. However, familiarity with the tool is an important factor for student satisfaction.
A SURVEY ON QUESTION ANSWERING SYSTEMS: THE ADVANCES OF FUZZY LOGICcscpconf
In real world computing environment with using a computer to answer questions has been a human dream since the beginning of the digital era, Question-answering systems are referred to as intelligent systems, that can be used to provide responses for the questions being asked by the user based on certain facts or rules stored in the knowledge base it can generate answers of questions asked in natural , and the first main idea of fuzzy logic was to working on the problem of computer understanding of natural language, so this survey paper provides an overview on what Question-Answering is and its system architecture and the possible relationship and
different with fuzzy logic, as well as the previous related research with respect to approaches that were followed. At the end, the survey provides an analytical discussion of the proposed QA models, along or combined with fuzzy logic and their main contributions and limitations.
DYNAMIC PHONE WARPING – A METHOD TO MEASURE THE DISTANCE BETWEEN PRONUNCIATIONS cscpconf
Human beings generate different speech waveforms while speaking the same word at different times. Also, different human beings have different accents and generate significantly varying speech waveforms for the same word. There is a need to measure the distances between various words which facilitate preparation of pronunciation dictionaries. A new algorithm called Dynamic Phone Warping (DPW) is presented in this paper. It uses dynamic programming technique for global alignment and shortest distance measurements. The DPW algorithm can be used to enhance the pronunciation dictionaries of the well-known languages like English or to build pronunciation dictionaries to the less known sparse languages. The precision measurement experiments show 88.9% accuracy.
INTELLIGENT ELECTRONIC ASSESSMENT FOR SUBJECTIVE EXAMS cscpconf
In education, the use of electronic (E) examination systems is not a novel idea, as Eexamination systems have been used to conduct objective assessments for the last few years. This research deals with randomly designed E-examinations and proposes an E-assessment system that can be used for subjective questions. This system assesses answers to subjective questions by finding a matching ratio for the keywords in instructor and student answers. The matching ratio is achieved based on semantic and document similarity. The assessment system is composed of four modules: preprocessing, keyword expansion, matching, and grading. A survey and case study were used in the research design to validate the proposed system. The examination assessment system will help instructors to save time, costs, and resources, while increasing efficiency and improving the productivity of exam setting and assessments.
TWO DISCRETE BINARY VERSIONS OF AFRICAN BUFFALO OPTIMIZATION METAHEURISTICcscpconf
African Buffalo Optimization (ABO) is one of the most recent swarms intelligence based metaheuristics. ABO algorithm is inspired by the buffalo’s behavior and lifestyle. Unfortunately, the standard ABO algorithm is proposed only for continuous optimization problems. In this paper, the authors propose two discrete binary ABO algorithms to deal with binary optimization problems. In the first version (called SBABO) they use the sigmoid function and probability model to generate binary solutions. In the second version (called LBABO) they use some logical operator to operate the binary solutions. Computational results on two knapsack problems (KP and MKP) instances show the effectiveness of the proposed algorithm and their ability to achieve good and promising solutions.
DETECTION OF ALGORITHMICALLY GENERATED MALICIOUS DOMAINcscpconf
In recent years, many malware writers have relied on Dynamic Domain Name Services (DDNS) to maintain their Command and Control (C&C) network infrastructure to ensure a persistence presence on a compromised host. Amongst the various DDNS techniques, Domain Generation Algorithm (DGA) is often perceived as the most difficult to detect using traditional methods. This paper presents an approach for detecting DGA using frequency analysis of the character distribution and the weighted scores of the domain names. The approach’s feasibility is demonstrated using a range of legitimate domains and a number of malicious algorithmicallygenerated domain names. Findings from this study show that domain names made up of English characters “a-z” achieving a weighted score of < 45 are often associated with DGA. When a weighted score of < 45 is applied to the Alexa one million list of domain names, only 15% of the domain names were treated as non-human generated.
GLOBAL MUSIC ASSET ASSURANCE DIGITAL CURRENCY: A DRM SOLUTION FOR STREAMING C...cscpconf
The amount of piracy in the streaming digital content in general and the music industry in specific is posing a real challenge to digital content owners. This paper presents a DRM solution to monetizing, tracking and controlling online streaming content cross platforms for IP enabled devices. The paper benefits from the current advances in Blockchain and cryptocurrencies. Specifically, the paper presents a Global Music Asset Assurance (GoMAA) digital currency and presents the iMediaStreams Blockchain to enable the secure dissemination and tracking of the streamed content. The proposed solution provides the data owner the ability to control the flow of information even after it has been released by creating a secure, selfinstalled, cross platform reader located on the digital content file header. The proposed system provides the content owners’ options to manage their digital information (audio, video, speech, etc.), including the tracking of the most consumed segments, once it is release. The system benefits from token distribution between the content owner (Music Bands), the content distributer (Online Radio Stations) and the content consumer(Fans) on the system blockchain.
IMPORTANCE OF VERB SUFFIX MAPPING IN DISCOURSE TRANSLATION SYSTEMcscpconf
This paper discusses the importance of verb suffix mapping in Discourse translation system. In
discourse translation, the crucial step is Anaphora resolution and generation. In Anaphora
resolution, cohesion links like pronouns are identified between portions of text. These binders
make the text cohesive by referring to nouns appearing in the previous sentences or nouns
appearing in sentences after them. In Machine Translation systems, to convert the source
language sentences into meaningful target language sentences the verb suffixes should be
changed as per the cohesion links identified. This step of translation process is emphasized in
the present paper. Specifically, the discussion is on how the verbs change according to the
subjects and anaphors. To explain the concept, English is used as the source language (SL) and
an Indian language Telugu is used as Target language (TL)
EXACT SOLUTIONS OF A FAMILY OF HIGHER-DIMENSIONAL SPACE-TIME FRACTIONAL KDV-T...cscpconf
In this paper, based on the definition of conformable fractional derivative, the functional
variable method (FVM) is proposed to seek the exact traveling wave solutions of two higherdimensional
space-time fractional KdV-type equations in mathematical physics, namely the
(3+1)-dimensional space–time fractional Zakharov-Kuznetsov (ZK) equation and the (2+1)-
dimensional space–time fractional Generalized Zakharov-Kuznetsov-Benjamin-Bona-Mahony
(GZK-BBM) equation. Some new solutions are procured and depicted. These solutions, which
contain kink-shaped, singular kink, bell-shaped soliton, singular soliton and periodic wave
solutions, have many potential applications in mathematical physics and engineering. The
simplicity and reliability of the proposed method is verified.
AUTOMATED PENETRATION TESTING: AN OVERVIEWcscpconf
The using of information technology resources is rapidly increasing in organizations,
businesses, and even governments, that led to arise various attacks, and vulnerabilities in the
field. All resources make it a must to do frequently a penetration test (PT) for the environment
and see what can the attacker gain and what is the current environment's vulnerabilities. This
paper reviews some of the automated penetration testing techniques and presents its
enhancement over the traditional manual approaches. To the best of our knowledge, it is the
first research that takes into consideration the concept of penetration testing and the standards
in the area.This research tackles the comparison between the manual and automated
penetration testing, the main tools used in penetration testing. Additionally, compares between
some methodologies used to build an automated penetration testing platform.
CLASSIFICATION OF ALZHEIMER USING fMRI DATA AND BRAIN NETWORKcscpconf
Since the mid of 1990s, functional connectivity study using fMRI (fcMRI) has drawn increasing
attention of neuroscientists and computer scientists, since it opens a new window to explore
functional network of human brain with relatively high resolution. BOLD technique provides
almost accurate state of brain. Past researches prove that neuro diseases damage the brain
network interaction, protein- protein interaction and gene-gene interaction. A number of
neurological research paper also analyse the relationship among damaged part. By
computational method especially machine learning technique we can show such classifications.
In this paper we used OASIS fMRI dataset affected with Alzheimer’s disease and normal
patient’s dataset. After proper processing the fMRI data we use the processed data to form
classifier models using SVM (Support Vector Machine), KNN (K- nearest neighbour) & Naïve
Bayes. We also compare the accuracy of our proposed method with existing methods. In future,
we will other combinations of methods for better accuracy.
VALIDATION METHOD OF FUZZY ASSOCIATION RULES BASED ON FUZZY FORMAL CONCEPT AN...cscpconf
In order to treat and analyze real datasets, fuzzy association rules have been proposed. Several
algorithms have been introduced to extract these rules. However, these algorithms suffer from
the problems of utility, redundancy and large number of extracted fuzzy association rules. The
expert will then be confronted with this huge amount of fuzzy association rules. The task of
validation becomes fastidious. In order to solve these problems, we propose a new validation
method. Our method is based on three steps. (i) We extract a generic base of non redundant
fuzzy association rules by applying EFAR-PN algorithm based on fuzzy formal concept analysis.
(ii) we categorize extracted rules into groups and (iii) we evaluate the relevance of these rules
using structural equation model.
PROBABILITY BASED CLUSTER EXPANSION OVERSAMPLING TECHNIQUE FOR IMBALANCED DATAcscpconf
In many applications of data mining, class imbalance is noticed when examples in one class are
overrepresented. Traditional classifiers result in poor accuracy of the minority class due to the
class imbalance. Further, the presence of within class imbalance where classes are composed of
multiple sub-concepts with different number of examples also affect the performance of
classifier. In this paper, we propose an oversampling technique that handles between class and
within class imbalance simultaneously and also takes into consideration the generalization
ability in data space. The proposed method is based on two steps- performing Model Based
Clustering with respect to classes to identify the sub-concepts; and then computing the
separating hyperplane based on equal posterior probability between the classes. The proposed
method is tested on 10 publicly available data sets and the result shows that the proposed
method is statistically superior to other existing oversampling methods.
CHARACTER AND IMAGE RECOGNITION FOR DATA CATALOGING IN ECOLOGICAL RESEARCHcscpconf
Data collection is an essential, but manpower intensive procedure in ecological research. An
algorithm was developed by the author which incorporated two important computer vision
techniques to automate data cataloging for butterfly measurements. Optical Character
Recognition is used for character recognition and Contour Detection is used for imageprocessing.
Proper pre-processing is first done on the images to improve accuracy. Although
there are limitations to Tesseract’s detection of certain fonts, overall, it can successfully identify
words of basic fonts. Contour detection is an advanced technique that can be utilized to
measure an image. Shapes and mathematical calculations are crucial in determining the precise
location of the points on which to draw the body and forewing lines of the butterfly. Overall,
92% accuracy were achieved by the program for the set of butterflies measured.
SOCIAL MEDIA ANALYTICS FOR SENTIMENT ANALYSIS AND EVENT DETECTION IN SMART CI...cscpconf
Smart cities utilize Internet of Things (IoT) devices and sensors to enhance the quality of the city
services including energy, transportation, health, and much more. They generate massive
volumes of structured and unstructured data on a daily basis. Also, social networks, such as
Twitter, Facebook, and Google+, are becoming a new source of real-time information in smart
cities. Social network users are acting as social sensors. These datasets so large and complex
are difficult to manage with conventional data management tools and methods. To become
valuable, this massive amount of data, known as 'big data,' needs to be processed and
comprehended to hold the promise of supporting a broad range of urban and smart cities
functions, including among others transportation, water, and energy consumption, pollution
surveillance, and smart city governance. In this work, we investigate how social media analytics
help to analyze smart city data collected from various social media sources, such as Twitter and
Facebook, to detect various events taking place in a smart city and identify the importance of
events and concerns of citizens regarding some events. A case scenario analyses the opinions of
users concerning the traffic in three largest cities in the UAE
SOCIAL NETWORK HATE SPEECH DETECTION FOR AMHARIC LANGUAGEcscpconf
The anonymity of social networks makes it attractive for hate speech to mask their criminal
activities online posing a challenge to the world and in particular Ethiopia. With this everincreasing
volume of social media data, hate speech identification becomes a challenge in
aggravating conflict between citizens of nations. The high rate of production, has become
difficult to collect, store and analyze such big data using traditional detection methods. This
paper proposed the application of apache spark in hate speech detection to reduce the
challenges. Authors developed an apache spark based model to classify Amharic Facebook
posts and comments into hate and not hate. Authors employed Random forest and Naïve Bayes
for learning and Word2Vec and TF-IDF for feature selection. Tested by 10-fold crossvalidation,
the model based on word2vec embedding performed best with 79.83%accuracy. The
proposed method achieve a promising result with unique feature of spark for big data.
GENERAL REGRESSION NEURAL NETWORK BASED POS TAGGING FOR NEPALI TEXTcscpconf
This article presents Part of Speech tagging for Nepali text using General Regression Neural
Network (GRNN). The corpus is divided into two parts viz. training and testing. The network is
trained and validated on both training and testing data. It is observed that 96.13% words are
correctly being tagged on training set whereas 74.38% words are tagged correctly on testing
data set using GRNN. The result is compared with the traditional Viterbi algorithm based on
Hidden Markov Model. Viterbi algorithm yields 97.2% and 40% classification accuracies on
training and testing data sets respectively. GRNN based POS Tagger is more consistent than the
traditional Viterbi decoding technique.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
2. 84 Computer Science & Information Technology (CS & IT)
Data that is stored on cloud must be secured while at rest, in transit, and inuse, and access to the
data needs to be controlled. Standards for communications protocols and public key certificates
allow data transfers to be protected using cryptography.Currently, the responsibility for
cryptographic key management falls mainly on the cloud service subscriber.
Threewidely referenced service models have evolved:
• Software-as-a-Service (SaaS) enables a software deployment model in which one or
more applications and the computing resources that run them are provided for use on
demand as a turnkey service. It can reduce the total cost of hardware and software
development, maintenance, and operations.
• Platform-as-a-Service (PaaS) enables a software deployment model in which the
computing platform is provided as an on-demand service which applications can be
developed upon and deployed. It can reduce the cost and complexity of buying, housing,
and the managing of hardware and software components of the platform.
• Infrastructure-as-a-Service (IaaS) enables a software deployment model in which the
basic computing infrastructure of servers, software, and network equipment is provided
as an on-demand service upon which a platform to develop and execute applications can
be founded. It can be used to avoid buying, housing, and managing the basic hardware
and software infrastructure components.
In September2009, IDC Enterprise Panel held its annual survey on cloud computing
organizations about the most important challenges of cloud services. The result of this survey
showed security among people who want to use cloud services is the most important challenge.
Figure 1 shows the result in percentage of the survey's concerns.
So if we want cloud computing as a useful service we should provide confidentiality and security
for it to reduce this concern. Otherwise clouds can't reach a good position among people for
using.
Cloud users and providers have many concerns about using it as a new technology. When
considering using a cloud service, the user must be aware of the fact that all data given to the
cloud provider leaves his/her own control and protection sphere.
Figure 1. Result of percentage of survey's concerns by IDC, 2009
3. Computer Science & Information Technology (CS & IT) 85
Even more so, if deploying data-processing applications to the cloud (via IaaS or PaaS),a cloud
provider gains full control on these processes. If an attacker is able to intrude the cloud system,
all of the data and processes of users operating on that cloud system, may become subject to
malicious actions by that attacker. So the methods that cloud providers use to protect their clouds
from threats and also the policy for accessing to the cloud by the users must be declared.
2. SECURITY THREATS FOR CLOUDS
As described security is the most important concern in cloud computing. This issue is organized
into several general categories: trust, architecture, identity management, software isolation, data
protection, and availability. So many threats to cloud computing can exist.
CSA(Cloud Security Alliance) is a research group on cloud security. They released their research
results as “Top Threats to Cloud Computing” in 2010 in which they introduce the 7 top threats to
clouds security challenges. The top threats they released consist of :
• Abuse and Nefarious Use of Cloud Computing
• Insecure Application Programming Interfaces
• Malicious Insiders
• Shared Technology Vulnerabilities
• Data Loss/Leakage
• Account, Service & Traffic Hijacking
• Unknown Risk Profile
The purpose of these are to provide desirable context to assist organizations in making educated
risk management decisions regarding their cloud adoption strategies.
For the common case of a cloud provider hosting and processing all of its user’s data, an
intrusion would immediately affect all security requirements: accessibility, integrity, and
confidentiality of data and processes may become violated,and further malicious actions may be
performed on behalf of the cloud user’s identity.
So providing a strong trusting relationship between the cloud providers and the cloud users is still
indispensable.Providers should make and represent their security solutions for cloud threats to
decrease consumer and organization's concerns.
Security must be provided in each layers of clouds. If we only have a safe physical layer, users
will still have concerns about network layers, application layers and others. Although security
approach should being applied on all cloud services contains infrastructure-as-a-service (IaaS)
security, providers’ platform-as-a-service (PaaS) security and software-as-a-service (SaaS)
security.
So our method should be complete and shouldn’t allow any attackers to access or change our
cloud's content.
Security problems for clouds do not have any real comprehensive solutions and existing cloud
security is in its infancy. There is a need for an approach to cloud security that is holistic,
adaptable, and reflects client requirements.
4. 86 Computer Science & Information Technology (CS & IT)
Cloud providers and researchers all over the world worked on this issue and tried many solutions
to reduce security risks of the cloud and they reached some solutions for each threat such as
authentication, authorization and identification to provide confidentiality, isolation and
encryption of cloud data in other layer. But cloud computing becomes bigger and bigger and its
challenges grow too.
3. SECURE CLOUD BASED ON MULTICLOUDS METHODOLOGY
Cloud costumers and users worry about using this phenomenon today. We decided to suggest a
useful method to decrease cloud's security threats of which we then designed its architecture. And
last,we used a platform to implement our security model . We will now explain these steps.
Our method is based on multiple clouds. In other words we use this model to create a secure
cloud. We think this model increases our cloud's transparency for consumers and decreases some
user's concern about the complexity of clouds and their type of needs of our requests for variety
of access level. We have some clouds in our model's architecture that user's data has been put on
them. Our clouds are nested and each of them have an access level that according to the needs,
this data put on each of them.
For choosing which cloud layer we want to put our data in, first after connecting to the server it
asks us about which cloud we want to save our data. In other word we design a contract that
forces clients to choose their level of storage and give their username and convert it to hash and
save it. The server should sign an international security communication protocol mutuall to
ensure user data security and save or recover their data in any circumstances. As we described
one of the most common compliance issues facing an organization is data location. In our method
we use external audits and security certifications to alleviate this concern. These certifications are
different in various countries and it depends on where our method swere used for example
DSS(Data Security Standards), The EC Data Protection Directive, GLBA (The Gramm-Leach
Bliley Act), CPNI (The FCC Customer Proprietary Network Information rules) and so on.
Availability is one of our main targets for our secure cloud method. Availability means that an
organization has its full set of computing resources accessible and usable at all times. It can be
affected temporarily or permanently, and a loss can bepartial or complete. Denial of service
attacks,equipment outages, and natural disasters are all threatsto availability.The level of
reliability of our cloud service and also its capabilities forbackup and recovery is taken into
account inthe organization’s contingency planning to address the restoration and recovery of
disrupted cloud layers and operations, using alternate services, equipment,and locations.
In our method we describe a cloud that is in the outer surface. We named this cloud "Cloud by
public access" and called it CBPA as abbreviation. This is a public cloud. All of our clouds are in
this. Data and application that put in CBPA don’t have any protection. So in this layer of our
cloud, typically, we have some costumer's data, open source programs and applications and
platforms which they don’t want to do any security method or authentication on it. (So
developers don't put any preventive method from intruders attack on it. Here is a diagram of our
cloud in which CBPA is determined.
Notice that everyone can have access to all things that are put in this layer so all of the data that’s
put in this layer is not secure and costumers shouldn't put their important data on it. This is
5. Computer Science & Information Technology (CS & IT) 87
appropriate for only open source applications or infrastructures or data that they want to show to
all costumers. This access level can increase transparency of our cloud and access to this layer is
faster than other layers but it has less security than other layers of our method.
Besides authentication, the capability to adapt user privileges and maintain control over access to
resources is also required, as part of identity management. Standards like the Extensible Access
Control Markup Language (XACML) can be employed to control access to cloud resources,
instead of using a service provider’s proprietary interface. XACML focuses on the mechanism
for arriving at authorization decisions, which complements SAML’s focus on the means for
transferring authentication and authorization decisions between cooperating entities. Messages
transmitted between XACML entities are susceptible to attack by malicious third parties, making
it important to have safeguards in place to protect decision requests and authorization decisions
from possible attacks, including unauthorized disclosure, replay, deletion and modification.
Figure 2. Secure Cloud Architecture base on Multi Clouds
This cloud type includes two types of private clouds: "cloud by group access (CBGA)" and
"cloud by personal access (CBPeA)"that_are in the CBPA.
Another cloud in our model that we want to define is "cloud by group access (CBGA)" that
located in CBPA. In other wordsthis layer is a branch of our multi cloud model that is in cloud by
public access and provides different access level for data.In this layer we considered some
security solutions for accessing the contents.
Group access means having some users in a group by identical access level. This model is useful
for companies, organizations or any groups that want to have a cloud to put their data in
platforms on it for their clients to read, write and edit their information. In our design for this
cloud we put some security proceeding to have a more secure level. As we explained before for
access to secure clouds we should provide confidentiality. So in this level we
supplyconfidentiality by three security methods: Identification, authentication and authorization
and supply cloud security by isolation of data. As a service provider we have to ensure dynamic
flexible delivery of service and isolation of user resources. For doing this security level we used
OpenStack platform and it used two layers for isolating data.
This method here is performed in two levels: first we do these work to authenticate the user that
was in this CBGA which this level eliminate one of the most important concerns of cloud
consumers but after this security level because we want attackers or Intruders can't access to
group's information or to prevent information access by illegal clients, when one of our privileged
6. 88 Computer Science & Information Technology (CS & IT)
clients loses his/her public keys we introduce a second level for this type of cloud that is used to
authenticate person who is in the group. This authentication method is used for group members to
secure their access on groups and make group safe.
Figure 3. Architecture of CBPeA and ABGA
Another cloud _ we designed is "cloud by personal access (CBPeA)" that is suitable for saving
personal data.
In this cloud we have some solutions to keep data secure too. Usage of this type of cloud is more
than other types because all of the consumers can save their information on this cloud layer
which only they can access and it provides confidentiality and isolation of data like CBPA. But
we have some difference in this cloud designing. CBPeAconsists another cloud in itself named
"cloud by secure personal access (CBSPeA) that is more secure than normal personal access. In
this type we designed encryptionfor data that consumers want to save in addition to the
authentication, authorization, identification and isolation.
So we have a secure cloud in this layer that no one can access _ unless main users whose data it
is. This cloud is appropriate for user information that is personal and they want to be more secure
than other information for example they can put their confidential documents, personal tools or
anything that they don't want anyone to access _. Here is the view of this cloud type in our model.
4. IMPELEMENTATION OF METHOD ON OPENSTACK PLATFORM
So we designed our method and explained our architecture.For implementing our cloud model we
use OpenStack platform. OpenStack offers open source software to build public and private
clouds.This platform has three main components: Compute, Object Storage, and Image Service.
OpenStack Compute is a cloud fabric controller, used to start up virtual instances for either a user
or a group. It's also used to configure networking for each instance or project that contains
multiple instances for a particular project. OpenStack Object Storage is a system to store objects
in a massively scalable large capacity system with built-in redundancy and failover. OpenStack
Image Service is a lookup and retrieval system for virtual machine images. Our public and
private clouds have these components. The OpenStack Compute component of our public cloud
can control & manage the inner private clouds. It connects to the compute component of the
private clouds. The following diagram shows the basic relationships between the projects, how
they relate to each other:
7. Computer Science & Information Technology (CS & IT)
Figure 4. Cloud Secure Architecture with cloud layers names
Figure 5. API Layer on openStack platform
In OpenStack compute component we
controller, and Node Controller.
controlling the current cloud & the other clouds which are connected to main cloud. This
component have a relation to other components. They are Cluster Controller(CLC),Object
Storage, and Image Service. These relat
protocol. Cluster Controller(CLC) is the manager of the clusters. A cluster is a collection of
computers(Nodes) which have been connected to a main server(Frontend). In a cloud we could
have one or some clusters. Object Storage has a server that manage the space of the storage of our
cloud, we name this server Storage Controller(SC). Image Service has a server for managing the
instances of virtual machines and saving of images, we name this server Instance
Controller(IC).Each of these server applications run as a daemon
background process) in a Linux base OS.
graphical user interface web application for accessing to it, we need a web se
running the web application scripts(We use PHP). This web server is usually in CC server, but it
could be in the other assigned server or an external server(Host).This web based interface has a
relation to the CC server and uses the prima
Computer Science & Information Technology (CS & IT)
Figure 4. Cloud Secure Architecture with cloud layers names
Figure 5. API Layer on openStack platform
In OpenStack compute component we have three subcomponents: Cloud controller,
controller, and Node Controller. The main task of Cloud Controller(CC) are management &
controlling the current cloud & the other clouds which are connected to main cloud. This
component have a relation to other components. They are Cluster Controller(CLC),Object
Storage, and Image Service. These relations are done by REST/SOAP messaging over http
protocol. Cluster Controller(CLC) is the manager of the clusters. A cluster is a collection of
computers(Nodes) which have been connected to a main server(Frontend). In a cloud we could
rs. Object Storage has a server that manage the space of the storage of our
cloud, we name this server Storage Controller(SC). Image Service has a server for managing the
instances of virtual machines and saving of images, we name this server Instance
roller(IC).Each of these server applications run as a daemon (A computer program runs as a
d process) in a Linux base OS. Since the each cloud computing service needs a
graphical user interface web application for accessing to it, we need a web server for saving &
running the web application scripts(We use PHP). This web server is usually in CC server, but it
could be in the other assigned server or an external server(Host).This web based interface has a
relation to the CC server and uses the primary authentications for accessing to it. In our model,
89
controller, Cluster
of Cloud Controller(CC) are management &
controlling the current cloud & the other clouds which are connected to main cloud. This
component have a relation to other components. They are Cluster Controller(CLC),Object
ions are done by REST/SOAP messaging over http
protocol. Cluster Controller(CLC) is the manager of the clusters. A cluster is a collection of
computers(Nodes) which have been connected to a main server(Frontend). In a cloud we could
rs. Object Storage has a server that manage the space of the storage of our
cloud, we name this server Storage Controller(SC). Image Service has a server for managing the
instances of virtual machines and saving of images, we name this server Instance
(A computer program runs as a
Since the each cloud computing service needs a
rver for saving &
running the web application scripts(We use PHP). This web server is usually in CC server, but it
could be in the other assigned server or an external server(Host).This web based interface has a
ry authentications for accessing to it. In our model,
8. 90 Computer Science & Information Technology (CS & IT)
the main cloud which is public(CBPA) has a CC server that has a connection to its CLCs,SCs &
ICs. We assigned for each server a static class C IP( eg. 192.168.100.1 for CC,192.168.100.2 for
CLC,192.168.100.3 for SC & 192.168.100.4 for IC). The inner clouds which are
private(CBGA,CBPeA,CBSpeA) have these components too. The CC of the main cloud has
connection to the CCs of these clouds. In fact one of the tasks of our main CC is management of
the inner clouds CC. The procedure is that the user enters his/her username & password in web
application UI and after a authentication He/She can se the cloud. In this mode the user can use
the public services in cloud such as a application programs(SaaS) ,Platforms(Paas) and a
resources(IaaS).If the user(Often a organization) want to has a private cloud, they can use the
inner private clouds. For accessing to these they are authenticated again. Each of the
authentication actions are done via the components of Object Compute(CC). The users of each
group or organization have access to their clouds by group access(CBGA) data jointly. For
accessing to each data we define a policy for each of them. It means that which user or group can
access to that data or instance. This is what we name it Authorization in security. These
authorization are done via the components of Object Storage(SC) and Image Service(IC). The
isolation of the data is done by these components too.
5. CONCLUSION
Cloud computing will soon be a big approach in the entire world that conquers all ancient
technology. But it depends on removing all concern about this challenge. The migration to a
cloud computing environment isin many ways an exercise in risk management. Bothqualitative
and quantitative factors apply in ananalysis. An appropriate balancebetween the strength of
controls and the relative riskassociated with particular programs and operationsmust be ensured.
Nowadays Many companies, researchers and cloud developers are working on clouds and most
of them work spatially on cloud security as the biggest challenge of like Amazon, Google, IBM
and so on.They design their methods and publish them. Also they alwaystest their new method on
cloud systems or even big social networks but still they don't find a complete way to create a
secure cloud. Some organizations like ENISA, CSA and ISAKA survey the future of cloud
security.
We think our designed model has more secure levels than other models that can make clouds
more secure. But we don't claim our model is complete because several critical pieces of
technology, such as a solutionfor federated trust, are not yet fully realized, impingingon
successful deployments. In security issues completeness is an ultimate goal but no one can access
it.
REFERENCES
[1] Wayne A. Jansen, ―Cloud Hooks: Security and Privacy Issues in Cloud Computingǁ, 44th Hawaii
International Conference on System Sciesnces 2013.
[2] D. Hubbard and M. Sutton, “Top Threats to Cloud Computing V1.0,” Cloud Security Alliance, 2013.
Available:http://www.cloudsecurityalliance.org/topthreats
[3] P. Mell, T. Grance, The NIST Definition of Cloud Computing, Version 15, National Institute of
Standards and Technology, October 7, 2011,http://csrc.nist.gov/groups/SNS/cloud-computing
9. Computer Science & Information Technology (CS & IT) 91
[4] http://www.openstack.org/projects/openstack-security/
[5] L. Youseff, M. Butrico, D. D. Silva, Toward a Unified Ontology of Cloud Computing, Grid
Computing Environments Workshop, held with SC08, November 2014
http://www.cs.ucsb.edu/~lyouseff/CCOntology/CloudOntolo gy.pdf
[6] M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, “On technical security issues in cloud
compxuting,” in Proceedings of the IEEE International Conference on Cloud Computing (CLOUD-
II), 2012.
[7] D. Cappelli, A. Moore, R. Trzeciak, T. J. Shimeall, Common Sense Guide to Prevention and
Detection of Insider Threats, 3rd Edition, Version 3.1, CERT, January 2015,
http://www.cert.org/archive/pdf/CSG-V3.pdf
[8] M. Burkhart, M. Strasser, D. Many, and X. Dimitropoulos,“SEPIA: Privacy-Preserving Aggregation
of Multi-Domain Network Events and Statistics,” in USENIX Security Symposium, 2013.
[9] Y. Keleta, J. H. P. Eloff, H. S. Venter, Proposing a Secure XACML Architecture Ensuring Privacy
and Trust, Research in Progress Paper, University of Pretoria, 2005,
http://icsa.cs.up.ac.za/issa/2005/Proceedings/Research/093_A rticle.pdf
[10] http://docs.openstack.org/trunk/openstack/compute/admin/content/components-of-openstack.html
[11] S. Ramgovind, M.M. Eloff, and E. Smith, “The Management of Security in Cloud Computing,”
IEEE, 2010,
[12] X. Jing, and Z. Jian-jun, “A brief Survey on the Security model of Cloud Computing,” IEEE, 2013
[13] M. P. Eisenhauer, Privacy and Security Law Issues in Off-shore Outsourcing Transactions, Hunton&
Williams LLP, The Outsourcing Institute, February 15, 2012,
http://www.outsourcing.com/legal_corner/pdf/Outsourcing_Privacy.pdf
[14] B. R. Kandukuri, R. Paturi V, A. Rakshit, Cloud Security Issues, IEEE International Conference on
Services Computing, Bangalore, India, September 21-25, 2015
[15] S. Overby, How to Negotiate a Better Cloud Computing Contract, CIO, April 21, 2010,
http://www.cio.com/article/591629/How_to_Negotiate_aBetter_Cloud_Computing_Contract
[16] T. Ristenpart, E. Tromer, H. Shacham, S. Savage, Hey, You, Get Off of My Cloud: Exploring
Information Leakage in Third-Party Compute Clouds, ACM Conference on Computer and
Communications Security, November 2014
[17] C. Wang, “Forrester: A Close Look At Cloud Computing Security Issues,” CSO. 2009
[18] J. Somorovsky, M. Heiderich, M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, “Breaking the
clouds – security analysis of cloud management interfaces,” (in submission),2014.
[19] S. Pearson, Taking Account of Privacy when Designing Cloud Computing Services, ICSE Workshop
on Software Engineering Challenges of Cloud Computing, May 23, 2013, Vancouver, Canada
[20] A. Greenberg, IBM's Blindfolded Calculator, Forbes Magazine, July 13, 2014