This document discusses end-to-end security in mobile cloud computing. It defines mobile cloud computing and explains its advantages over mobile devices alone. The document outlines challenges to end-to-end security in service-oriented architectures and mobile cloud computing. It proposes a security framework that uses taint analysis and aspect-oriented programming to monitor service executions and detect unauthorized external service invocations. A trust broker would maintain trust sessions and evaluate the trustworthiness of services to ensure end-to-end security.
Mobile Cloud: Security Issues and Challenges discusses security concerns with mobile cloud computing. It outlines the evolution of cloud computing and features of mobile cloud computing. The document then discusses challenges such as bandwidth limitations and security issues including data ownership, privacy, and data security. Existing solutions and possible solutions to security issues are presented, along with a conclusion emphasizing the need for data security plans and addressing threats to attain more reliable and cost-effective mobile cloud computing.
Mobile cloud computing aims to augment the capabilities of mobile devices by moving data processing and storage to powerful centralized cloud platforms. This conserves local resources on mobile devices while extending storage capacity and enhancing data security. Key challenges include the limited capabilities of mobile devices, quality of communication given changing network conditions and disconnections, and how to effectively divide applications between mobile and cloud resources. Research is still needed to address task division, data delivery, quality of service standards, and providing suitable interactive services for mobile devices within this environment.
starts with an introduction to mobile cloud computing with a definition, architecture, and advantages/disadvantages. At the next sections, continues with the applications of MCC, detailed challenges in mobile environment and solutions. Lastly the document concludes the main issues about the mobile cloud computing with the conclusion part.
This is a small and simple Presentation on the topic Mobile Cloud Computing Made for a Symposium. The content inside the slides are taken from Google and various research papers, this slide is purely for educational purpose and not meant for commercial publication.
This document discusses mobile cloud computing (MCC). It defines MCC as infrastructure where data storage and processing occur outside the mobile device. MCC provides advantages to mobile devices with limited resources by offering cloud services elastically. The document outlines the MCC architecture and describes how mobile requests are processed in the cloud. It lists applications of MCC like mobile commerce, healthcare and gaming. Issues with MCC like bandwidth, availability and security are also covered. In conclusion, MCC combines advantages of mobile and cloud computing to provide opportunities for mobile business.
Security and privacy issues with mobile cloud computing applications june 2016Merlec Mpyana
This document discusses security and privacy issues with mobile cloud computing applications. It outlines potential security threats facing mobile devices, networks, and cloud platforms in mobile cloud computing models. These include malware, software vulnerabilities, privacy violations, and data breaches. The document also summarizes several proposed approaches to address these issues, such as malware detection techniques, access control methods, and encryption. Finally, it reviews some existing solutions and open challenges in securing mobile cloud computing.
Security and Privacy in Mobile Cloud ComputingRam Kumar K R
This document discusses security and privacy issues in mobile cloud computing. It identifies several factors that affect the growth of mobile cloud computing, including battery life, limited device resources, bandwidth, and security. It also outlines some common security issues like vulnerabilities in open source mobile operating systems, malware, and data transfer methods. Additionally, it discusses security challenges at the mobile terminal level, in mobile networks, and within mobile clouds. Finally, it provides an overview of current security and privacy approaches that aim to address these issues at each level through methods such as anti-malware software, encryption, access control, and data privacy protection.
Mobile Cloud: Security Issues and Challenges discusses security concerns with mobile cloud computing. It outlines the evolution of cloud computing and features of mobile cloud computing. The document then discusses challenges such as bandwidth limitations and security issues including data ownership, privacy, and data security. Existing solutions and possible solutions to security issues are presented, along with a conclusion emphasizing the need for data security plans and addressing threats to attain more reliable and cost-effective mobile cloud computing.
Mobile cloud computing aims to augment the capabilities of mobile devices by moving data processing and storage to powerful centralized cloud platforms. This conserves local resources on mobile devices while extending storage capacity and enhancing data security. Key challenges include the limited capabilities of mobile devices, quality of communication given changing network conditions and disconnections, and how to effectively divide applications between mobile and cloud resources. Research is still needed to address task division, data delivery, quality of service standards, and providing suitable interactive services for mobile devices within this environment.
starts with an introduction to mobile cloud computing with a definition, architecture, and advantages/disadvantages. At the next sections, continues with the applications of MCC, detailed challenges in mobile environment and solutions. Lastly the document concludes the main issues about the mobile cloud computing with the conclusion part.
This is a small and simple Presentation on the topic Mobile Cloud Computing Made for a Symposium. The content inside the slides are taken from Google and various research papers, this slide is purely for educational purpose and not meant for commercial publication.
This document discusses mobile cloud computing (MCC). It defines MCC as infrastructure where data storage and processing occur outside the mobile device. MCC provides advantages to mobile devices with limited resources by offering cloud services elastically. The document outlines the MCC architecture and describes how mobile requests are processed in the cloud. It lists applications of MCC like mobile commerce, healthcare and gaming. Issues with MCC like bandwidth, availability and security are also covered. In conclusion, MCC combines advantages of mobile and cloud computing to provide opportunities for mobile business.
Security and privacy issues with mobile cloud computing applications june 2016Merlec Mpyana
This document discusses security and privacy issues with mobile cloud computing applications. It outlines potential security threats facing mobile devices, networks, and cloud platforms in mobile cloud computing models. These include malware, software vulnerabilities, privacy violations, and data breaches. The document also summarizes several proposed approaches to address these issues, such as malware detection techniques, access control methods, and encryption. Finally, it reviews some existing solutions and open challenges in securing mobile cloud computing.
Security and Privacy in Mobile Cloud ComputingRam Kumar K R
This document discusses security and privacy issues in mobile cloud computing. It identifies several factors that affect the growth of mobile cloud computing, including battery life, limited device resources, bandwidth, and security. It also outlines some common security issues like vulnerabilities in open source mobile operating systems, malware, and data transfer methods. Additionally, it discusses security challenges at the mobile terminal level, in mobile networks, and within mobile clouds. Finally, it provides an overview of current security and privacy approaches that aim to address these issues at each level through methods such as anti-malware software, encryption, access control, and data privacy protection.
Mobile cloud computing (MCC) at its simplest, refers to an infrastructure where both the data storage and data processing happen outside of the mobile device.
Mobile cloud computing (MCC) at its simplest, refers to an infrastructure where both the data storage and data processing happen outside of the mobile device.
Mobile cloud computing (MCC) at its simplest, refers to an infrastructure where both the data storage and data processing happen outside of the mobile device.
This presentation will give you some insight about Mobile Cloud Computing. This is an emerging technology and I provided basic details to explore this specific technology aligned with market leading products and their comparisons
Mobile cloud computing combines cloud computing and mobile networks to provide benefits to mobile users, network providers, and cloud providers. It allows resource-intensive tasks to be processed in the cloud rather than on mobile devices, extending battery life and improving storage and processing capabilities. Key advantages include improving reliability and availability of data and services, enabling dynamic provisioning and scalability, and ease of integration. Several techniques for offloading computation and data to the cloud have been developed. Open issues include determining what tasks to offload, addressing low bandwidth constraints, and ensuring security and privacy when data and processing occur externally.
QoS-Aware Middleware for Optimal Service Allocation in Mobile Cloud ComputingReza Rahimi
- The document discusses QoS-aware middleware for optimal service allocation in mobile cloud computing.
- It proposes a 2-tier cloud architecture consisting of local clouds and public clouds and develops algorithms to optimally allocate services for mobile users across these tiers.
- A location-time workflow model is used to represent mobile applications and QoS metrics like delay, power consumption and price are considered for optimal service allocation.
The document discusses the architecture of mobile cloud computing (MCC). MCC combines mobile computing, mobile internet, and cloud computing. The MCC architecture involves mobile devices connecting to mobile networks through base stations. User requests are transmitted to central processors and then to a cloud where controllers process the requests to provide cloud services. The system architecture of MCC contains four layers - access, basic management, virtual, and physical. Middleware acts as a proxy between mobile clients and cloud services, improving interaction and handling issues like limited resources.
The document discusses mobile cloud computing (MCC), including its architecture, applications, services, motivations and expected outcomes. MCC involves offloading data storage and processing from mobile devices to cloud infrastructure. Key applications are mobile commerce, gaming and healthcare. Services include storage, software apps and business tools provided through cloud platforms. MCC is seen as a potential technology and future research area to address limitations of mobile devices.
The document discusses mobile cloud computing trends and applications. It notes that mobile cloud computing involves storing data and processing outside mobile devices. This allows mobile devices to have richer capabilities. The document outlines several applications of mobile cloud computing including for enterprises, developers, healthcare, automotive, education, and consumer electronics. It also discusses challenges of mobile cloud computing like mobility constraints, bandwidth limitations, and security risks.
Mobile cloud computing (MCC) refers to an infrastructure where data storage and processing occur remotely on powerful centralized cloud servers, rather than locally on mobile devices. This alleviates issues like limited battery, storage, and bandwidth on mobile devices. MCC provides advantages like lower costs, greater scalability, reliability, and availability of data and applications stored in the cloud. Popular MCC applications include mobile commerce, healthcare, gaming and more. Key challenges include low bandwidth, service availability, and computation offloading in dynamic environments. Security issues involve protecting user privacy and securing data in the cloud.
Research Seminar Presentation - A framework for partitioning and execution of...malinga2009
This is a presentation slide-set which presented at Research Seminar Series in UCSC on 12th of August 2013. Two new research papers will be presented and discussed in each week and audience will be motivated to ask questions regarding those two papers. Altogether 40 papers will be presented within an academic year.
Abstract : This paper addresses the problem of automatic temporal annotation of realistic human actions in video using minimal manual supervision. To this end we consider two associated problems: (a) weakly-supervised learning of action models from readily available annotations, and (b) temporal localization of human actions in test videos. To avoid the prohibitive cost of manual annotation for training, we use movie scripts as a means of weak supervision. Scripts, however, provide only implicit, noisy, and imprecise information about the type and location of actions in video. We address this problem with a kernel-based discriminative clustering algorithm that locates actions in the weakly-labeled training data. Using the obtained action samples, we train temporal action detectors and apply them to locate actions in the raw video data. Our experiments demonstrate that the proposed method for weakly-supervised learning of action models leads to significant improvement in action detection. We present detection results for three action classes in four feature length movies with challenging and realistic video data.
Link to paper :
http://dl.acm.org/citation.cfm?id=2479946
This document summarizes mobile cloud computing. It defines mobile cloud computing as combining cloud computing, mobile computing, and wireless networks to provide rich computational resources to mobile users. It describes the advantages of mobile cloud computing in providing data storage, processing, and access from anywhere. It outlines the basic architecture and discusses hierarchical architectures using "cloudlets" to improve performance. It also discusses issues like limited mobile devices and connection quality, and proposes solutions like optimizing application distribution and developing network infrastructure around cloudlets.
Energy Efficient Mobile Applications with Mobile Cloud Computing ( MCC )Anand Bhojan
This document summarizes a talk on using mobile cloud computing (MCC) to develop energy efficient mobile applications. It discusses how offloading computation and storage to cloud infrastructure can enhance capabilities and improve energy efficiency for mobile devices. The talk introduces Gamelets, a distributed cloud architecture that uses localized micro-clouds to enable real-time mobile multiplayer games. Gamelets addresses latency and bandwidth issues through techniques like zone-based content distribution, distributed rendering across nearby devices, and adaptive streaming to clients. An evaluation of a prototype survival game demonstrated the feasibility of the Gamelets approach.
Mobile Cloud Computing (MCC) is the combination of cloud computing, mobile computing and wireless networks to bring rich computational resources to mobile users, network operators, as well as cloud computing providers.
M2C2: A Mobility Management System For Mobile Cloud ComputingKaran Mitra
Mobile devices have become an integral part of our daily lives. Applications
running on these devices may avail storage and compute resources from
the cloud(s). Further, a mobile device may also connect to heterogeneous
access networks (HANs) such as WiFi and LTE to provide ubiquitous
network connectivity to mobile applications. These devices have limited
resources (compute, storage and battery) that may lead to service
disruptions. In this context, mobile cloud computing enables offloading
of computing and storage to the cloud. However, applications running
on mobile devices using clouds and HANs are prone to unpredictable
cloud workloads, network congestion and handoffs. To run these applications
efficiently the mobile device requires the best possible cloud and
network resources while roaming in HANs. This paper proposes, develops
and validates a novel system called M2C2 which supports mechanisms
for: i.) multihoming, ii.) cloud and network probing, and iii.) cloud
and network selection. We built a prototype system and performed extensive
experimentation to validate our proposed M2C2. Our results
analysis shows that the proposed system supports mobility efficiently
in mobile cloud computing.
Paper can be downloaded from: http://karanmitra.me/wp-content/uploads/2015/02/MitraetalLTUWCNC_Preprint2015.pdf
Mobile Cloud Computing : The Upcoming Trend !Sai Natkar
Cloud computing and mobile technologies are the two most talked about trends in this century. Mobile Cloud Computing is an infrastructure where both the data storage and processing happens outside the mobile device. With the help of mobile Cloud Applications computing power and data storage is moved away from the mobile devices into centralized computing platforms located in clouds. It is like two or more innovations blend together to produce something more amazing.
Market oriented mobile cloud computing architectureSaeid Abolfazli
The document proposes MOMCC, a Market-Oriented Architecture for Mobile Cloud Computing based on Service Oriented Architecture. MOMCC establishes a proximate mobile cloud to alleviate latency and heterogeneity issues. It introduces financial incentives for mobile device owners to host services, encouraging collaboration. MOMCC extends the separation of roles from SOA to include service developers, consumers, governors, and hosts. The architecture allows unskilled users to host services and increases resource availability at low cost while enhancing security, reliability, and reducing long-distance network latency issues.
Mobile cloud computing combines mobile web and cloud computing to address limitations of the mobile web like limited storage, small screens, and unreliable browsers/connections. It takes data processing off mobile devices and into the cloud, creating a common platform across devices. While mobile cloud computing currently has under 1 billion subscribers, its potential is high given over 5 billion mobile subscribers globally, especially in Africa where it could provide widespread access to information and resources.
The document discusses mobile cloud computing, including its concepts, architecture, challenges, and applications. Mobile cloud computing extends cloud computing by storing and processing data and applications on remote servers accessible via mobile devices. It allows mobile devices to have their requirements reduced by offloading tasks to the cloud. Key challenges include limitations of mobile devices, communication quality, and dividing application services between mobile and cloud. Solutions involve virtualization, improving bandwidth and delivery times, and elastic application divisions. The document provides examples of mobile commerce, learning, healthcare and gaming applications of mobile cloud computing.
This document provides an overview of mobile cloud computing. It begins with introductions to mobile computing and cloud computing individually, defining them and their key features and challenges. It then defines mobile cloud computing as the combination of these two, where data storage and processing occur remotely rather than on the mobile device itself. The architecture of mobile cloud computing connects mobile devices to remote cloud servers. Applications include offloading computation and storage to the cloud to improve battery life and processing speed on mobile devices. Challenges include costs of mobile networks and cloud services as well as issues with availability, heterogeneity, and security.
This document describes a remote desktop management system that allows an administrator to monitor and control client computers from a server. Key features of the system include asset management, software deployment, patch management, remote desktop sharing, and generating reports. The system uses Remote Method Invocation (RMI) for remote communication between the server and clients. The server can send messages to clients, log clients off remotely, and restart clients. Clients send live screen captures to the server at set intervals. The system is intended for use in corporate networks to remotely monitor employee computers.
This document summarizes a research paper on designing a secure cloud-assisted mobile health monitoring system. The system aims to address privacy and security issues while lowering healthcare costs. It incorporates techniques like multi-dimensional range queries, outsourcing decryption to the cloud, and proxy re-encryption to shift computational tasks to the cloud without compromising privacy. The system architecture allows a mobile health service provider to store encrypted data and programs in the cloud and deliver them securely. It enables clients to query the cloud for monitoring programs using privacy-preserving tokens. The cloud assists with computationally intensive tasks without learning private query inputs or outputs, to protect all parties' privacy and data.
Mobile cloud computing (MCC) at its simplest, refers to an infrastructure where both the data storage and data processing happen outside of the mobile device.
Mobile cloud computing (MCC) at its simplest, refers to an infrastructure where both the data storage and data processing happen outside of the mobile device.
Mobile cloud computing (MCC) at its simplest, refers to an infrastructure where both the data storage and data processing happen outside of the mobile device.
This presentation will give you some insight about Mobile Cloud Computing. This is an emerging technology and I provided basic details to explore this specific technology aligned with market leading products and their comparisons
Mobile cloud computing combines cloud computing and mobile networks to provide benefits to mobile users, network providers, and cloud providers. It allows resource-intensive tasks to be processed in the cloud rather than on mobile devices, extending battery life and improving storage and processing capabilities. Key advantages include improving reliability and availability of data and services, enabling dynamic provisioning and scalability, and ease of integration. Several techniques for offloading computation and data to the cloud have been developed. Open issues include determining what tasks to offload, addressing low bandwidth constraints, and ensuring security and privacy when data and processing occur externally.
QoS-Aware Middleware for Optimal Service Allocation in Mobile Cloud ComputingReza Rahimi
- The document discusses QoS-aware middleware for optimal service allocation in mobile cloud computing.
- It proposes a 2-tier cloud architecture consisting of local clouds and public clouds and develops algorithms to optimally allocate services for mobile users across these tiers.
- A location-time workflow model is used to represent mobile applications and QoS metrics like delay, power consumption and price are considered for optimal service allocation.
The document discusses the architecture of mobile cloud computing (MCC). MCC combines mobile computing, mobile internet, and cloud computing. The MCC architecture involves mobile devices connecting to mobile networks through base stations. User requests are transmitted to central processors and then to a cloud where controllers process the requests to provide cloud services. The system architecture of MCC contains four layers - access, basic management, virtual, and physical. Middleware acts as a proxy between mobile clients and cloud services, improving interaction and handling issues like limited resources.
The document discusses mobile cloud computing (MCC), including its architecture, applications, services, motivations and expected outcomes. MCC involves offloading data storage and processing from mobile devices to cloud infrastructure. Key applications are mobile commerce, gaming and healthcare. Services include storage, software apps and business tools provided through cloud platforms. MCC is seen as a potential technology and future research area to address limitations of mobile devices.
The document discusses mobile cloud computing trends and applications. It notes that mobile cloud computing involves storing data and processing outside mobile devices. This allows mobile devices to have richer capabilities. The document outlines several applications of mobile cloud computing including for enterprises, developers, healthcare, automotive, education, and consumer electronics. It also discusses challenges of mobile cloud computing like mobility constraints, bandwidth limitations, and security risks.
Mobile cloud computing (MCC) refers to an infrastructure where data storage and processing occur remotely on powerful centralized cloud servers, rather than locally on mobile devices. This alleviates issues like limited battery, storage, and bandwidth on mobile devices. MCC provides advantages like lower costs, greater scalability, reliability, and availability of data and applications stored in the cloud. Popular MCC applications include mobile commerce, healthcare, gaming and more. Key challenges include low bandwidth, service availability, and computation offloading in dynamic environments. Security issues involve protecting user privacy and securing data in the cloud.
Research Seminar Presentation - A framework for partitioning and execution of...malinga2009
This is a presentation slide-set which presented at Research Seminar Series in UCSC on 12th of August 2013. Two new research papers will be presented and discussed in each week and audience will be motivated to ask questions regarding those two papers. Altogether 40 papers will be presented within an academic year.
Abstract : This paper addresses the problem of automatic temporal annotation of realistic human actions in video using minimal manual supervision. To this end we consider two associated problems: (a) weakly-supervised learning of action models from readily available annotations, and (b) temporal localization of human actions in test videos. To avoid the prohibitive cost of manual annotation for training, we use movie scripts as a means of weak supervision. Scripts, however, provide only implicit, noisy, and imprecise information about the type and location of actions in video. We address this problem with a kernel-based discriminative clustering algorithm that locates actions in the weakly-labeled training data. Using the obtained action samples, we train temporal action detectors and apply them to locate actions in the raw video data. Our experiments demonstrate that the proposed method for weakly-supervised learning of action models leads to significant improvement in action detection. We present detection results for three action classes in four feature length movies with challenging and realistic video data.
Link to paper :
http://dl.acm.org/citation.cfm?id=2479946
This document summarizes mobile cloud computing. It defines mobile cloud computing as combining cloud computing, mobile computing, and wireless networks to provide rich computational resources to mobile users. It describes the advantages of mobile cloud computing in providing data storage, processing, and access from anywhere. It outlines the basic architecture and discusses hierarchical architectures using "cloudlets" to improve performance. It also discusses issues like limited mobile devices and connection quality, and proposes solutions like optimizing application distribution and developing network infrastructure around cloudlets.
Energy Efficient Mobile Applications with Mobile Cloud Computing ( MCC )Anand Bhojan
This document summarizes a talk on using mobile cloud computing (MCC) to develop energy efficient mobile applications. It discusses how offloading computation and storage to cloud infrastructure can enhance capabilities and improve energy efficiency for mobile devices. The talk introduces Gamelets, a distributed cloud architecture that uses localized micro-clouds to enable real-time mobile multiplayer games. Gamelets addresses latency and bandwidth issues through techniques like zone-based content distribution, distributed rendering across nearby devices, and adaptive streaming to clients. An evaluation of a prototype survival game demonstrated the feasibility of the Gamelets approach.
Mobile Cloud Computing (MCC) is the combination of cloud computing, mobile computing and wireless networks to bring rich computational resources to mobile users, network operators, as well as cloud computing providers.
M2C2: A Mobility Management System For Mobile Cloud ComputingKaran Mitra
Mobile devices have become an integral part of our daily lives. Applications
running on these devices may avail storage and compute resources from
the cloud(s). Further, a mobile device may also connect to heterogeneous
access networks (HANs) such as WiFi and LTE to provide ubiquitous
network connectivity to mobile applications. These devices have limited
resources (compute, storage and battery) that may lead to service
disruptions. In this context, mobile cloud computing enables offloading
of computing and storage to the cloud. However, applications running
on mobile devices using clouds and HANs are prone to unpredictable
cloud workloads, network congestion and handoffs. To run these applications
efficiently the mobile device requires the best possible cloud and
network resources while roaming in HANs. This paper proposes, develops
and validates a novel system called M2C2 which supports mechanisms
for: i.) multihoming, ii.) cloud and network probing, and iii.) cloud
and network selection. We built a prototype system and performed extensive
experimentation to validate our proposed M2C2. Our results
analysis shows that the proposed system supports mobility efficiently
in mobile cloud computing.
Paper can be downloaded from: http://karanmitra.me/wp-content/uploads/2015/02/MitraetalLTUWCNC_Preprint2015.pdf
Mobile Cloud Computing : The Upcoming Trend !Sai Natkar
Cloud computing and mobile technologies are the two most talked about trends in this century. Mobile Cloud Computing is an infrastructure where both the data storage and processing happens outside the mobile device. With the help of mobile Cloud Applications computing power and data storage is moved away from the mobile devices into centralized computing platforms located in clouds. It is like two or more innovations blend together to produce something more amazing.
Market oriented mobile cloud computing architectureSaeid Abolfazli
The document proposes MOMCC, a Market-Oriented Architecture for Mobile Cloud Computing based on Service Oriented Architecture. MOMCC establishes a proximate mobile cloud to alleviate latency and heterogeneity issues. It introduces financial incentives for mobile device owners to host services, encouraging collaboration. MOMCC extends the separation of roles from SOA to include service developers, consumers, governors, and hosts. The architecture allows unskilled users to host services and increases resource availability at low cost while enhancing security, reliability, and reducing long-distance network latency issues.
Mobile cloud computing combines mobile web and cloud computing to address limitations of the mobile web like limited storage, small screens, and unreliable browsers/connections. It takes data processing off mobile devices and into the cloud, creating a common platform across devices. While mobile cloud computing currently has under 1 billion subscribers, its potential is high given over 5 billion mobile subscribers globally, especially in Africa where it could provide widespread access to information and resources.
The document discusses mobile cloud computing, including its concepts, architecture, challenges, and applications. Mobile cloud computing extends cloud computing by storing and processing data and applications on remote servers accessible via mobile devices. It allows mobile devices to have their requirements reduced by offloading tasks to the cloud. Key challenges include limitations of mobile devices, communication quality, and dividing application services between mobile and cloud. Solutions involve virtualization, improving bandwidth and delivery times, and elastic application divisions. The document provides examples of mobile commerce, learning, healthcare and gaming applications of mobile cloud computing.
This document provides an overview of mobile cloud computing. It begins with introductions to mobile computing and cloud computing individually, defining them and their key features and challenges. It then defines mobile cloud computing as the combination of these two, where data storage and processing occur remotely rather than on the mobile device itself. The architecture of mobile cloud computing connects mobile devices to remote cloud servers. Applications include offloading computation and storage to the cloud to improve battery life and processing speed on mobile devices. Challenges include costs of mobile networks and cloud services as well as issues with availability, heterogeneity, and security.
This document describes a remote desktop management system that allows an administrator to monitor and control client computers from a server. Key features of the system include asset management, software deployment, patch management, remote desktop sharing, and generating reports. The system uses Remote Method Invocation (RMI) for remote communication between the server and clients. The server can send messages to clients, log clients off remotely, and restart clients. Clients send live screen captures to the server at set intervals. The system is intended for use in corporate networks to remotely monitor employee computers.
This document summarizes a research paper on designing a secure cloud-assisted mobile health monitoring system. The system aims to address privacy and security issues while lowering healthcare costs. It incorporates techniques like multi-dimensional range queries, outsourcing decryption to the cloud, and proxy re-encryption to shift computational tasks to the cloud without compromising privacy. The system architecture allows a mobile health service provider to store encrypted data and programs in the cloud and deliver them securely. It enables clients to query the cloud for monitoring programs using privacy-preserving tokens. The cloud assists with computationally intensive tasks without learning private query inputs or outputs, to protect all parties' privacy and data.
This document summarizes a research paper that proposes a secure cloud-based mobile health monitoring system called CAM. The system aims to protect patient privacy and the intellectual property of healthcare service providers. It incorporates techniques like anonymous identity-based encryption and outsourced decryption to encrypt health data and shift decryption tasks to the cloud. The system also randomizes diagnostic programs and decision thresholds stored in the cloud to protect provider content. The goal is to allow resource-constrained providers to participate in mobile healthcare via cloud support while preserving security and privacy.
This document summarizes a research paper on designing a secure cloud-assisted mobile health monitoring system. The system aims to address privacy and security issues while lowering healthcare costs. It incorporates techniques like multi-dimensional range queries, outsourcing decryption to the cloud, and proxy re-encryption to shift computational tasks to the cloud without compromising privacy. The system architecture allows a mobile health service provider to store encrypted data and programs in the cloud and deliver them securely. It enables clients to query the cloud for monitoring programs using privacy-preserving tokens. The cloud assists with computationally intensive tasks without learning private query inputs or outputs. The system aims to achieve effective privacy preservation while reducing the workload on clients and the service provider.
Secure Multi-Owner Group Signature Based Secure M-Health Records in Cloud IJMER
This document summarizes a research paper that proposes a secure cloud-based mobile health monitoring system called CAM. The system aims to protect patient privacy and the intellectual property of healthcare service providers. It incorporates techniques like anonymous identity-based encryption and outsourced decryption to encrypt health data and shift decryption tasks to the cloud. The system also randomizes diagnostic programs and decision thresholds stored in the cloud to protect provider content. The final scheme enables resource-constrained providers to participate by reducing their computational burden through techniques like key-private proxy re-encryption.
This document discusses enterprise application integration (EAI) and the role of message brokers. It notes that EAI is needed to integrate coarse-grained, heterogeneous applications and platforms. Message brokers provide adapters to access different systems and filter/route messages between applications. They allow for loose coupling and flexibility when new systems need to be integrated. While EAI platforms can be expensive to implement, message brokers play an important role in enabling integration between disparate enterprise applications and systems.
The document discusses prospects and risks of cloud-based modeling and simulation services. It explores how cloud computing can be used in the area of computer-aided engineering (CAE) through two research projects funded by the German government and European Union. The projects examine technical foundations, security aspects, potential applications, and viable business models for offering CAE modeling and simulation services in the cloud. While the cloud provides benefits like flexibility, accessibility, and reduced costs, security, reliability, and usability must be ensured for long-term success of cloud-based engineering applications.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Microservices architecture is an evolution of service-oriented architecture (SOA) principles applied to application design and development. Some key differences include:
- SOA focuses on exposing application functionality as services at the enterprise level, while microservices focus on developing individual applications as a suite of independently deployable services.
- Microservices are typically smaller, lighter weight services focused on a single task, as opposed to monolithic applications. They communicate with lightweight protocols like HTTP.
- Microservices aim to support continuous delivery and deployment, with goals of automation, resilience, and loose coupling between services.
- Individual microservices can be developed and scaled independently. This provides benefits like enabling continuous delivery and deployment.
So in summary,
Blockchain solution architecture deliverableSarmad Ibrahim
This document discusses key architectural decisions for designing blockchain solution networks using Hyperledger Fabric. It outlines considerations for direct vs indirect network participation, secure key management, certificate authority design, data storage choices regarding on-chain and off-chain data, endorsement policy design, integration with enterprise systems, and deployment models. The document provides guidance for solution architects in assessing these decisions and designing blockchain business networks.
Managing microservices with Istio Service MeshRafik HARABI
Developing and managing hundreds (or maybe thousands) of microservices at scale is a challenge for both development and operations teams.
We have seen over the last years the appearance of new frameworks dedicated to deliver ‘Cloud Native’ applications by providing a set of (out of box) building blocks. Most of these frameworks integrate microservices concerns at the code level.
Recently, we have seen the emerging of a new pattern known as sidecar or proxy promoting to push all these common concerns outside of the business code and provides them on the edge by integrate a new layer to the underlying platform called Service Mesh.
Istio is one of the leading Service Mesh implementing sidecar pattern.
We will go during the presentation throw the core concepts behind Istio, the capabilities that provides to manage, secure and observe microservices and how it gives a new breath for both developers and operations.
The presentation will be guided by a sequence of demo exposing Istio capabilities.
Applications Drive Secure Lightpath Creation Across Heterogeneous DomainsTal Lavian Ph.D.
We realize an open, programmable paradigm for application-driven network control by way of a novel network plane — the “service plane” — layered above legacy networks. The service plane bridges domains, establishes trust, and exposes control to credited users/applications while preventing unauthorized access and resource theft. The Authentication, Authorization, Accounting subsystem and the Dynamic Resource Allocation Controller are the two defining building blocks of our service plane. In concert, they act upon an interconnection request or a restoration request according to application requirements, security credentials, and domain-resident policy. We have experimented with such service
plane in an optical, large-scale testbed featuring two hubs (NetherLight in Amsterdam, StarLight in Chicago) and attached network clouds, each representing an independent domain. The dynamic interconnection of the heterogeneous domains occurred at Layer 1. The interconnections ultimately resulted in an optical end-to-end path (lightpath) for use by the
requesting Grid application.
Algorithm for Securing SOAP Based Web Services from WSDL Scanning Attacksiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
The document proposes an algorithm to secure SOAP-based web services from WSDL scanning attacks. The algorithm uses existing security standards like PKI, digital signatures, and XML encryption/decryption. It encrypts critical portions of the WSDL using symmetric encryption before publishing it to the UDDI registry. The encrypted WSDL contains a digital signature and hash to validate integrity. Clients must decrypt the WSDL using the service provider's public key before binding to prevent attacks from interpreting the WSDL contents. The algorithm was implemented and tested using Java with real banking data, with minimal performance overhead.
Middleware is software that connects applications running on different operating systems and networks. It provides services that allow applications to communicate with each other by hiding the complexity of the operating systems and networks. Common types of middleware include remote procedure calls, message-oriented middleware, object request brokers, and transaction processing monitors. Middleware is used by many large companies like IBM and Oracle and provides benefits such as increased flexibility, reduced costs, and improved management of IT services.
Middleware is software that connects applications running on different operating systems and networks. It provides services that allow applications to communicate with each other by hiding the complexity of the operating systems and networks. Common types of middleware include remote procedure calls, message-oriented middleware, object request brokers, and transaction processing monitors. Middleware is used by many large companies like IBM and Oracle and provides benefits such as increased flexibility, reduced costs, and improved management of IT services.
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...idescitation
Cloud computing is a model for enabling convenient, on-demand network access
to a shared pool of configurable computing resources. Reliability in compute cloud is an
important aspect in Quality of Service which needs to be addressed in order to foster the
adoption of compute cloud. In today’s integrated environment the distributed systems is
employed to carry out computational intensive task at a faster rate without much
investment. The Cloud is a multitenant architecture which allows faster computation with
high scalability at a lower cost thereby the users can share the same physical infrastructure.
Individual customers deploy their applications in such environment will occupy the virtual
partitions on the platform. This paper describes a straightforward procedure to analyze the
reliability of the application from the view point of the resource provider. A trust
component is implemented to provide preventive control and to mitigate the occurrence of
any non-permissible action by using the detective mechanism. Such mechanisms are used to
identify the privacy risk and it further prevents from utilization. Hence, in this paper trust
assessment is performed before the user is allowed to share the multitenant infrastructure.
The cloud can provide scalable and reliable service for the legitimate users. The proposed
work is tested using tools Aneka and Globus Toolkit.
Istio Triangle Kubernetes Meetup Aug 2019Ram Vennam
It's been two years since we introduced the Istio project to the Triangle Kubernetes Meetup group. This presentation will be a brief re-introduction of the Istio project, and a summary of the updates to the Istio project since its 1.0 release.
This document proposes an architectural framework for software defined networking federation and orchestration. It describes a layered model with an application layer, control layer, and infrastructure layer. The control layer includes orchestrators and controllers that provision services across the infrastructure layer. Five use cases are identified that involve orchestrating applications across data centers and WANs, failover of applications, provisioning of application upgrades, distributing applications across data centers, and migrating application dependency maps. Requirements for the framework are also outlined. Finally, more detailed views of the control and infrastructure layers are presented, including the interfaces between orchestrators, controllers, and physical/virtual resources.
Similar to End-to-End Security in Mobile-Cloud Computing (20)
This document provides guidance on writing an effective research paper. It discusses establishing a methodology for writing the paper in a chronological order, including preparing the title, abstract, introduction, literature review, methods section, and results. The document emphasizes that a research paper must be well-organized and provide enough detail that others could replicate the study. It also stresses the importance of clearly communicating the objectives, methods, results and conclusions of the research.
Sukhpal Singh Gill and Rajkumar Buyya, "Cloud Data Centers and the Challenge of Sustainable Energy", Cutter Business Technology Journal, Volume 31, Issue 4, Pages 1-2, Publisher Cutter, 2018.
The document provides an introduction to HTML basics, including:
- HTML uses a client-server architecture with HTTP to deliver web pages as text files containing HTML tags
- HTML tags provide semantic structure and formatting for web page content, with opening and closing tags wrapping elements like paragraphs, headings, and images
- Simple HTML pages can be created with a text editor and include the basic <html>, <head>, <body> structure along with common text and image elements
This document provides a template and guidelines for creating a Software Requirements Specification (SRS). It includes sections for an introduction, general description, specific requirements, and appendix. The specific requirements section breaks down high-level functional requirements into detailed child requirements and includes examples of formatting for non-functional and design requirements. Guidelines are provided on attributes of a good SRS such as requirements being correct, necessary, unambiguous and verifiable.
The document provides an introduction to RDF (Resource Description Framework). It discusses that RDF is a framework for describing resources using statements with a subject, predicate, and object. RDF identifies resources with URIs and describes resources and their properties and property values. An example RDF document is provided that describes CDs with properties like artist, country, and price.
The document discusses different network topologies including bus, ring, and star. A bus topology uses a single cable to connect all nodes without intermediary devices. It is inexpensive but not scalable. A ring topology connects each node to the two nearest in a circular formation using token passing. It handles high traffic but is expensive. A star topology connects all nodes to a central hub, requiring more cabling but being fault tolerant and scalable. Hybrid topologies also exist, such as a star-wired ring.
This document outlines 7 steps for writing an effective research paper: 1) Choose an interesting and narrow topic, 2) Gather relevant materials and create a bibliography, 3) Take organized notes on sources using index cards or separate pages, 4) Formulate a thesis statement that makes an argument, 5) Create an outline with an introduction, supporting research, contrary research, and a conclusion, 6) Write a rough draft focused on the thesis while properly citing sources, and 7) Revise the draft by addressing feedback and producing a final, polished version free of errors.
This document discusses green cloud computing from the perspective of data centers. It begins with background on green computing and cloud computing. It then discusses how green cloud computing can help balance energy usage in data centers through server virtualization, energy-aware consolidation, and locating data centers in developing regions. The document presents two case studies, one on a green data center in Senegal and another on benefits realized by a cell phone company in South Africa from implementing a private cloud. It concludes with sections on the Indian scenario for green IT standardization and a call to continue research efforts to maximize efficiency of green data centers.
This article describes how integrate Java with Microsoft Technology. Sometimes there may be need an application where integrate both technologies. This article describes how to call some Java methods from .NET code, and pass some values to Java or .NET and vice versa. This is a simple ASP.NET application, which interacts with Java Applets while performing another operation. The application is very simple to do, but the main thing behind the scene is the idea and implementation logic.
This document describes test cases that were generated for different programs using various software testing techniques. The programs tested include a for loop, if/else statements, if-else-for, nested if, if-for, if with two conditions, and a switch case. Equivalence partitioning, boundary value analysis, robustness testing, and worst case testing techniques were used to generate test cases with valid and invalid input values. The test cases are represented in tables that show the input parameters and expected output for each case.
Software Requirements Specification (SRS) for Online Tower Plotting System (O...Dr Sukhpal Singh Gill
Software Requirements Specification (SRS) for Online Tower Plotting System (OTPS) created during Master of Engineering in Software Engineering at Thapar University, Patiala, Punjab, India in Software Project Management (SPM) in 2011.
SRS of Case Study Based Software Engineering Project Development: State of Art
Download Link:
http://www.slideshare.net/sukhpalsinghgill/case-study-based-software-engineering-project-development-state-of-art
Presented in the National Level Technical Symposium on Emerging Trends in Technology [TECHNOVISION ’10, G.N.D.E.C. Ludhiana, Punjab, India- 9th-10th April, 2010]
Workshop on Basics of Software Engineering (DFD, UML and Project Culture)Dr Sukhpal Singh Gill
Three days workshop on Basics of Software Engineering at Thapar University, Patiala on 7th-9th, 2013. Workshop on Basics of Software Engineering (DFD, UML and Project Culture)
Case Study Based Software Engineering Project Development: State of ArtDr Sukhpal Singh Gill
Publised in International Journal of Scientific Research in Computer Science Applications and Management Studies (IJSRCSAMS), Volume 2, Issue 3 (May 2013).
Step by Step Development of Software Project
An approach to learn Software Project Management Practically.
SDLC phases of Software Engineering
Project Completed at Thapar University, Patiala, Punjab, India.
Download Link:
http://arxiv.org/ftp/arxiv/papers/1306/1306.2502.pdf
http://www.ijsrcsams.com/images/stories/Past_Issue_Docs/ijsrcsamsv2i3p31.pdf
SRS of this Project can be downloaded from :
http://www.slideshare.net/sukhpalsinghgill/software-requirements-specification-srs-for-online-tower-plotting-system-otps
Conference Proceedings of the National Level Technical Symposium on Emerging Trends in Technology, TECHNOVISION ’10, G.N.D.E.C. Ludhiana, Punjab, India- 9th-10th April, 2010
Constructors, Destructors, call in parameterized Constructor, Multiple constructor in a class, Explicit/implicit call, Copy constructor, Dynamic Constructors and call in parameterized Constructor
The document discusses a proposed reusability framework for cloud computing. The framework, called the Cloud Computing Reusability Model (CCR), aims to enable reusability in cloud computing through component-based development. The CCR model is validated using CloudSim, and experimental results show that the reusability-based approach can minimize costs and reduce time to market. The document also reviews related work on reusability and cloud computing, and analyzes challenges of the cloud computing platform for software development.
The document discusses the Reuse Capability Model (RCM) developed by the Software Productivity Consortium to help organizations assess and improve their software reuse capabilities. The RCM is a self-assessment tool that helps organizations determine their current reuse proficiency, identify areas for improvement, and develop plans to enhance reuse. It considers both technical and non-technical factors that influence reuse. The RCM is intended to guide organizations in selecting strategies to optimize their reuse practices for business needs and environment.
Topological methods are techniques for software component retrieval from repositories based on similarity between query specifications and component properties. They rely on defining a distance measure between queries and components. PageRank is used to calculate importance scores for components based on their relationships to other components defined by shared keywords. It is an iterative process where initial scores are calculated and used to recalculate new scores until they converge. PageRank allows for ranking of components in a repository based on their relevance to queries.
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
The simplified electron and muon model, Oscillating Spacetime: The Foundation...RitikBhardwaj56
Discover the Simplified Electron and Muon Model: A New Wave-Based Approach to Understanding Particles delves into a groundbreaking theory that presents electrons and muons as rotating soliton waves within oscillating spacetime. Geared towards students, researchers, and science buffs, this book breaks down complex ideas into simple explanations. It covers topics such as electron waves, temporal dynamics, and the implications of this model on particle physics. With clear illustrations and easy-to-follow explanations, readers will gain a new outlook on the universe's fundamental nature.
How to Fix the Import Error in the Odoo 17Celine George
An import error occurs when a program fails to import a module or library, disrupting its execution. In languages like Python, this issue arises when the specified module cannot be found or accessed, hindering the program's functionality. Resolving import errors is crucial for maintaining smooth software operation and uninterrupted development processes.
Main Java[All of the Base Concepts}.docxadhitya5119
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionTechSoup
Let’s explore the intersection of technology and equity in the final session of our DEI series. Discover how AI tools, like ChatGPT, can be used to support and enhance your nonprofit's DEI initiatives. Participants will gain insights into practical AI applications and get tips for leveraging technology to advance their DEI goals.
हिंदी वर्णमाला पीपीटी, hindi alphabet PPT presentation, hindi varnamala PPT, Hindi Varnamala pdf, हिंदी स्वर, हिंदी व्यंजन, sikhiye hindi varnmala, dr. mulla adam ali, hindi language and literature, hindi alphabet with drawing, hindi alphabet pdf, hindi varnamala for childrens, hindi language, hindi varnamala practice for kids, https://www.drmullaadamali.com
A workshop hosted by the South African Journal of Science aimed at postgraduate students and early career researchers with little or no experience in writing and publishing journal articles.
it describes the bony anatomy including the femoral head , acetabulum, labrum . also discusses the capsule , ligaments . muscle that act on the hip joint and the range of motion are outlined. factors affecting hip joint stability and weight transmission through the joint are summarized.
2. Outline
Definition, big picture, and challenges
End to end security challenges
System architecture
Taint analysis and AOP
Prototype evaluation
Performance and security evaluation
Cloud computing evaluation
Security in Mobile Cloud Computing (current efforts)
MCC architecture
Mobile agent for computation offloading
Proposed MCC security framework
Tamper resistant approach
Active Bundle
Summary
1
3. Mobile-Cloud Computing Definition
Mobile cloud computing (MCC) at its simplest, refers
to an infrastructure where both the data storage and
data processing happen outside of the mobile device.
[1,2]
Mobile cloud applications move the computing power
and data storage away from the mobile devices and
into powerful and centralized computing platforms
located in clouds, which are then accessed over the
wireless connection based on a thin native client.
2
4. Why Mobile-Cloud Computing?
Mobile devices face many resource challenges (battery
life, storage, bandwidth etc.)
Cloud computing offers advantages to users by allowing
them to use infrastructure, platforms and software by cloud
providers at low cost and elastically in an on-demand
fashion.
Mobile cloud computing provides mobile users with data
storage and processing services in clouds, obviating the
need to have a powerful device configuration (e.g. CPU
speed, memory capacity etc.), as all resource-intensive
computing can be performed in the cloud.
3
5. The Big Picture: End-to-End Security for MCC
Application code to be offloaded to the cloud for execution is
bundled in a mobile agent
Upon arrival at the destination (cloud host) platform, the
bundle enables itself and starts executing its code
Guards integrated into the agent code using AOP pointcuts
check for tamper during execution (with code
checksumming)
Upon tamper detection, the bundle moves to a different
platform, reloads its data (code) and continues/restarts
execution, using the associated AOP advice
Results to be sent to the request originator (mobile platform)
are encrypted with a well-known authenticated encryption
algorithm to ensure end-to-end authentication and integrity.
4
6. Security Challenges in SOA and MCC
Authentication and authorization may not take place across
intended end points
Intermediate steps of service execution might expose
messages to hostile threats
External services are not verified or validated dynamically
(Uninformed selection of services by user)
User has no control on external service invocation within an
orchestration or through a service in another service
domain
Violations and malicious activities in a trusted service
domain remain undetected
5
8. End to End Security Architecture-Description
Figure shows problems in end to end SOA security as follow:
In this figure the current Air Force infrastructure is shown above the red dashed line. In this
architecture, all services are available in the local trusted service domain and everything is
under the control of domain A.
Client at the edge platform decides to use a service from domain A. He will use his CAC
(common access card) to authenticate into the system.
The security token is sent to the IDM (identity management system) for validation check.
If the user is authorized, IDM gives permission to the requested service (e.g. MX or mail
service) for communication with user.
New security token (which is created temporarily for the current service session) is sent back to
the user and user can use the service.
In a class of extended scenarios (use cases) the services in service domain A may want to use
external services which are not in the same local trust boundary. In this case, other components
come to the picture (below the dashed red line). This figure shows when service domain A (e.g.
Air Force service portal) tries to access other governmental or public services (from external
domains), it will lose track of end to end security. This figure shows that end points can be
accessible to the client directly. We have addressed these issues by adding trust broker server
and taint analysis modules (in external trusted service domains).
7
9. System Architecture and SOA Baseline Scenario
1. UDDI Registry request
2. Forwarding the service
list to Trust Broker and
receive a categorized
list
3. Invoking a selected
service
4. Second invocation by
service in domain A
5. Invoking a service in
public service domain
6. End points (Reply to
user)
9
10. Baseline Scenario Details
Steps:
1. Global UDDI Registry request
User receives a list of services related to the requested
category
2. User sends a refined list of services to Trust Broker
module
Trust Broker categorizes the list of services and returns a
classified list
Trust categories: Certified, Trusted, Untrusted services
3. Service Request
User selects a service based on its criteria (QoS, Trust category
of service, Security preference, etc.) and invokes that service.
User creates a session with Trust Broker and selected service in
Trusted Domain A. (Trust sessions are shown with dashed lines)
10
11. Baseline Scenario Details (Cont.)
4. Trusted domain A will invoke another service in Trusted
domain B.
Taint Analysis module will intercept the communications and reports any
illegal external invocation
Trust session will be extended to this domain (a new trust link between
domain A and trust broker)
5. Step four is repeated.
At this moment, an external service invocation to a public service is
detected by Taint Analysis module
This will be reported to Trust Broker. Trust Broker will maintain the
trustworthiness of this SOA service orchestration and if needed can stop
it.
Service in service domain B invokes a service in an public (Maybe
untrusted) domain C (Possibility of deploying Taint Analysis in this
domain)
6. Service end points to user
The response of SOA invocation can be sent directly to the user
11
12. Taint Analysis
What is Taint Analysis?
Related to IFC (Information Flow Control)
How it fits into solution for AFRL?
Independent of services (We do not need to change
the services or access the source code of services)
Interception of Service execution (Service will remain
transparent)
28
13. Taint Analysis
Using AOP (Aspect Oriented Programming)
Instrumenting classes based on predefined pointcuts
Low performance overhead (ideal solution)
How it works?
Load-time instrumentation
The whole Application server is under control
Granularity
Package/Class level
Method level
Field level
Instrumenting classes in action pipeline
29
14. What is AOP?
Some programming tasks cannot be neatly encapsulated in
objects, but must be scattered throughout the program
AOP is a programming methodology to help with
crosscutting concerns
Crosscutting concerns:
Functionality whose implementation spans multiple
modules
AOP helps to implement them without modifying the
original code
Many examples: Logging and tracing, Transaction
management, security, caching, error handling, business
rules, performance monitoring…
13
15. AOP Concepts
Join point
An identifiable point in the execution of a program.
An specific pattern of execution
Example patterns: execution of a method, access to a class field,
loading of a class, …
Pointcut
A set of join points as a program construct.
Advice
During the service execution, when a join point of a pointcut is
matched then a piece of code called advice is executed.
An advice may log the event or report the event back to a server
(trust broker in the proposed project)
Each advice is associated with one or more pointcuts.
14
16. Experience with AOP for End-to-End Cloud
Service Security
Need to ensure trustworthiness of results from external
services (which could outsource functionality to other
services) A general service-oriented architecture
(SOA) problem
We proposed an information flow tracking approach [5]:
Based on taint analysis (tracking external service calls)
and trust broker (a trusted third party evaluating
trustworthiness of services, keeping track of service
invocation chains, reporting invocation history to clients)
All interactions secured with WS-Security
15
17. AOP for Taint Analysis
Load-time instrumentation of classes as they are
loaded into the JVM at runtime
Access to source code is not required
Instrumenting classes based on predefined pointcuts
Pointcuts are specified based on security policies and
requirements
Low performance overhead
Independent of services (We do not need to change the
services or access the source code of services)
Interception of Service execution (Service will remain
transparent)
16
19. AOP for Taint Analysis
The previous diagram shows the internal of a service in an
application server.
A service is composed of a series of actions called action
pipeline which are invoked when a message is received.
Every class is associated with a business class (Java class)
Taint analysis monitors the execution of classes to find
certain pointcuts (illegal service invocation in this scenario)
When an illegal service invocation is detected, taint analysis
module reports the incident back to trust broker
18
21. Interaction of Taint Analysis and Trust Broker
The diagram illustrates how taint analysis (T.A) and trust
broker modules work together.
It shows a SOA service which is composed of three services
S1-S3 (S1 and S2 are trusted; S3 is untrusted/public)
T.A modules monitor the service invocations and then report
the events back to trust broker through sessionFeedback.
Trust broker maintains the sessions of end to end service
invocations and reports to the clients
In policy enforcement scenarios, trust broker can decide to
send a termination command to T.A modules (based on user
policies)
20
22. Evaluation of the Proposed Solution
Security Evaluation
The implemented prototype will be evaluated in terms
of its effectiveness in mitigating various attacks
including the following attacks
XML Rewriting Attack
DoS Attack
Performance Evaluation
Response Time
Throughput
37
23. SOA Security Evaluation
We are evaluating the proposed prototype in terms of its
effectiveness in mitigating various attacks
In-transit Sniffing or Spoofing
While information in SOAP message is in transit on the wire, various entities can
see it
SOAP messages could be spoofed by various tools
Attack Scenarios
XML Rewriting Attack
Replay Attacks
They poison the SOAP messages and send them to a server with a forged client
signature.
This attack can be lethal since an attacker spoofs a user’s identity
Denial of Service attack
38
24. XML Rewriting Attack
Exploring how certain XML rewriting attacks can be
detected by the Tainted Analysis component and Trust
Broker
XML rewriting attack commonly refers to the class of
attacks which involve in modifying the SOAP message.
(Replay, Redirect, Man in the middle, multiple header
etc.)
WS Client Attacker
Web service
provider
25. XML Rewriting Attack-Cont.
Basic Replay Attack: Replace the entire current
message with an old message. (Assuming no security
headers present)
Replay when security headers present : Replace the
current SOAP body with an old SOAP body but keep
the current SOAP body at the same time to satisfy the
security validations.
40
26. XML Rewriting (Replay Attack)
Cache the messages and replay old messages on Web
service A which will then make subsequent calls from A
to have older session ID/ Message ID.
Web Service A
MethodCall( param ) {
}
Web Service B
Web Service C
XML
Rewriting
Attack
27. XML Rewriting Attack Generation
We extended TCPMon which is an Open source
debugging utility for web service calls.
The tool listens on a specified port and collect the
request and response messages.
Customized to intercept, change the SOAP message
(redirect or replay) and resent to the receiver.
Examine how the Tainted analysis and Trust broker
modules behave in this case.
33. MCC Architecture
Mobile devices are connected to the mobile networks
via base stations that establish and control the
connections and functional interfaces between the
networks and mobile devices.
Mobile users’ requests and information are transmitted
to the central processors that are connected to servers
providing mobile network services.
The subscribers’ requests are delivered to a cloud
through the Internet.
In the cloud, cloud controllers process the requests to
provide mobile users with the corresponding cloud
services.
32
34. MCC Security Challenges
Lack of control on resources and multi-tenancy of different
users’ applications on the same physical machine make cloud
platforms vulnerable to attacks “Hey, You, Get Off of My
Cloud!”[3]
In addition to privacy issues, programs running in the cloud are
prone to:
Tampering with code/data/execution flow/ communication
Masquerading
Mobile code can navigate through multiple platforms before
returning to the origin, giving rise to the end-to-end security
problem, which involves decreasing control with every further hop
in the chain of platforms.
Security mechanisms should satisfy the constraints of (1) real-time
response under intermittent network connection; (2) keeping
communication costs at minimum; (3) incurring limited
computation overhead
33
35. Mobile Agents for Computation Offloading
A mobile agent is a software program with mobility, which can be
sent out from a computer into a network and roam among the
nodes in the network autonomously to finish its task on behalf
of its owner.
Mobile agent migration follows these steps:
1. Process suspension/new process creation
2. Process conversion into a message with all state information
3. Message routing to destination server
4. Message reconstitution into executable
5. Execution continuation with next instruction
34
36. Advantages of Mobile (Autonomous) Agents for MCC
Mobile agents can provide better support for mobile clients
(reduced network communication).
Mobile agents are capable of moving across different cloud
machine instances transparently, which makes them
capable of migrating to a different location for reasons
including poor performance or an attack-prone runtime
environment.
Mobile agents can be equipped with techniques to check
self-integrity independent of the host platform, for tamper
detection.
Mobile agents can clone themselves on multiple cloud hosts
to achieve better runtime performance.
35
38. Proposed Framework Components
Cloud directory service: A Web service (trusted third
party) that maintains an up-to-date database of virtual
machine instances (VMIs) available for use in the cloud
Execution manager (elasticity manager): Service on
mobile platform that makes the decision regarding the
execution platform of the different program partitions
Mobile agent containers: Provide an execution
environment for program partitions
Virtual machine instances (cloud hosts): Host
containers of the mobile agents (program partitions)
sent to the cloud
37
39. Proposed Framework in Action
1. When a mobile application is launched, the execution
manager contacts the cloud directory service to get a list of
available machine instances in the cloud
2. An execution plan containing offloading decisions for the
agent-based partitions is created by the execution
manager
3. For partitions to be offloaded, a bridge is formed between
the callers of those partitions and their selected cloud
hosts, through which the partitions migrate to the selected
hosts
4. Upon migration, the partitions start executing and
communicate their output data to the callers through the
same bridge
38
40. Experiments with Proposed Framework –
Sudoku Solver
Execution time to find all possible solutions for a Sudoku puzzle with different
numbers of initially filled cells, for mobile-device only vs. offloaded execution
39
41. Experiments with Proposed Framework –
Face Recognition
Execution time for a face recognition program with different numbers of pictures
to compare against, for mobile-device only vs. offloaded execution
40
42. Adding Security to MCC Framework
The performance results with the proposed MCC framework
are promising for real-time mobile computing.
Need to add end-to-end tamper resistance (integrity
verification) functionality without:
1. Significantly increasing response time
2. Increasing communication costs
3. Incurring high computational overhead
Solution: Self-protecting application partitions
41
43. Proposed Tamper Resistance Approach
Self-protecting agents: The autonomous agents used in the
MCC framework can be augmented with integrity verification
constructs called software guards (similar to the work by
Chang and Atallah [7]) that are executed during runtime
Guard: is a piece of code responsible for performing certain
security-related actions during program execution.
Example Guard: checksum code which can be used for
integrity verification
Integrity checkpoints are distributed throughout the agent
code to ensure timely detection of tamper
Upon tamper detection, the agent stops execution, moves to
a different platform and either (a) resumes execution from
the last integrity-verified checkpoint or (b) starts execution
from the beginning
42
44. Experience with Self-Protecting Agents: Active Bundles
Active Bundle: Data protection mechanism encapsulating
data with metadata and a virtual machine
Data protected from within instead of outside
43
46. Active Bundles for MCC
We have successfully applied the idea of active
bundles for
1. Secure data dissemination in a peer-to-peer network of
UAVs [8]
2. Identity management in cloud computing [6]
A similar idea with some modifications can be applied
to MCC:
The data of the bundle now consists of application code
to be executed on the foreign (cloud) platform
The trustworthiness of a host is now determined by the
bundle itself during runtime based on integrity checks
instead of (or in addition to) information from a trusted
third party.
45
47. How to Achieve Dynamic Tamper Detection?
Need to distribute integrity checkpoints throughout the
agent code without needing to modify the software
Need to take the appropriate measures in case of tamper
detection in a way that is transparent to the software
Need to keep runtime overhead at minimum
46
The solution is to use Aspect Oriented
Programming (AOP) for guards
48. The Big Picture and Summary
Application code to be offloaded to the cloud for execution is
bundled in a mobile agent
Upon arrival at the destination (cloud host) platform, the
bundle enables itself and starts executing its code
Guards integrated into the agent code using AOP pointcuts
check for tamper during execution (with code
checksumming)
Upon tamper detection, the bundle moves to a different
platform, reloads its data (code) and continues/restarts
execution, using the associated AOP advice
Results to be sent to the request originator (mobile platform)
are encrypted with a well-known authenticated encryption
algorithm to ensure end-to-end authentication and integrity.47