It was very hard to find literature on education and cloud computing. I found this paper from IEEE which has good information about the significance of cloud computing in education organizations and it discusses the possible security threats as well as proposes a suitable security solution to overcome the concerns of the education organizations.
M-Star School Expert System - The Most Rewarding Way To Run Your SchoolHitachi MGRM Net Ltd.
Managing through Scheduling, Tracking, Analyzing and Reporting - represents an ideal governance process through which an organization* works towards achieving its set goals. M-Star is a suite of products, tools & services aimed to enhance this governance process within an organization and deliver enhanced value to its stakeholders.
Today M-Star products, tools & services are available across various domains such as Education, Healthcare, Pharmaceutical, Automobile & Insurance. In education M-Star finds wide applicability:
• Pre- primary to Higher education (School, Colleges, Universities) (Education stages)
• Public, Institution, Administration/Governing bodies (Governance framework)
• Student, Teachers, Alumni, Management & Parent (STAMP - stakeholders)
• Neo Natal to Employment (Life Cycle stages of an individual)
• Village to Metro (Administration layers)
Key Highlights of M-Star
• Research-based
• Based on Life Cycle approach
• Involves all domain stake holders yet Individual focused
• Values blended with technology
• E-governance compliant
*organization can denote business, institution, government etc
Load balancing clustering on moodle LMS to overcome performance issue of e-le...TELKOMNIKA JOURNAL
In dealing with the rapid growth of digitalization, the e-learning system has become a mandatory component of any Higher Education (HE) to serve academic processes requests. Along with the increasing number of users, the need for service availability and capabilities of eLearning are increasing day by day. The organization should always look for strategies to keep the eLearning always able to meet these demands. This report presents the implementation of Load Balancing Clustering (LBC) mechanism applied to Moodle LMS in an HE Institution to deal with the poor performance issues. By utilizing existing tools such as HAProxy and keepalived, the implemented LBC configuration delivers a qualified e-learning system performance. Both qualitative and quantitative parameters convince better performance than before. In four months of the operation there is no user complaint received. Meanwhile, in the current semester has been running for two months, the up-time is 99.8 % of 52.685 minutes operational time.
M-Star School Expert System - The Most Rewarding Way To Run Your SchoolHitachi MGRM Net Ltd.
Managing through Scheduling, Tracking, Analyzing and Reporting - represents an ideal governance process through which an organization* works towards achieving its set goals. M-Star is a suite of products, tools & services aimed to enhance this governance process within an organization and deliver enhanced value to its stakeholders.
Today M-Star products, tools & services are available across various domains such as Education, Healthcare, Pharmaceutical, Automobile & Insurance. In education M-Star finds wide applicability:
• Pre- primary to Higher education (School, Colleges, Universities) (Education stages)
• Public, Institution, Administration/Governing bodies (Governance framework)
• Student, Teachers, Alumni, Management & Parent (STAMP - stakeholders)
• Neo Natal to Employment (Life Cycle stages of an individual)
• Village to Metro (Administration layers)
Key Highlights of M-Star
• Research-based
• Based on Life Cycle approach
• Involves all domain stake holders yet Individual focused
• Values blended with technology
• E-governance compliant
*organization can denote business, institution, government etc
Load balancing clustering on moodle LMS to overcome performance issue of e-le...TELKOMNIKA JOURNAL
In dealing with the rapid growth of digitalization, the e-learning system has become a mandatory component of any Higher Education (HE) to serve academic processes requests. Along with the increasing number of users, the need for service availability and capabilities of eLearning are increasing day by day. The organization should always look for strategies to keep the eLearning always able to meet these demands. This report presents the implementation of Load Balancing Clustering (LBC) mechanism applied to Moodle LMS in an HE Institution to deal with the poor performance issues. By utilizing existing tools such as HAProxy and keepalived, the implemented LBC configuration delivers a qualified e-learning system performance. Both qualitative and quantitative parameters convince better performance than before. In four months of the operation there is no user complaint received. Meanwhile, in the current semester has been running for two months, the up-time is 99.8 % of 52.685 minutes operational time.
Xerox helps Cal State Fullerton prepare students for the future while seeing significant savings with an innovative digital printing solutions and service.
Mainstay - Xerox Cal State Fullerton Digital Printing SolutionsMainstay
Like every large public university, Cal State Fullerton strives to fulfill an ambitious educational mission while wisely managing its taxpayer-supported budget. CSUF has stood out with its emphasis on using new technologies to address challenges on both sides of this equation.
To achieve their goals, Cal State Fullerton launched a major initiative, in partnership with Xerox, involving Digital Print Services and a modernized printer fleet. Xerox was able to implement solutions that allowed them to spend more money on what they do best, which is higher education.
e Learning is the most impacting and cost effective method of training available for organizations today. HR professionals can improve their efficiency and effectiveness of training programs they conduct by adopting e Learning.
sweedu.com-Innovation in Education The Role of Cloud-Based School Management ...digitalrajnikant
Unlock cloud based school management software s potential for effective instruction Increased communication and cooperation, scalability and cost effectiveness, and global accessibility
Xerox helps Cal State Fullerton prepare students for the future while seeing significant savings with an innovative digital printing solutions and service.
Mainstay - Xerox Cal State Fullerton Digital Printing SolutionsMainstay
Like every large public university, Cal State Fullerton strives to fulfill an ambitious educational mission while wisely managing its taxpayer-supported budget. CSUF has stood out with its emphasis on using new technologies to address challenges on both sides of this equation.
To achieve their goals, Cal State Fullerton launched a major initiative, in partnership with Xerox, involving Digital Print Services and a modernized printer fleet. Xerox was able to implement solutions that allowed them to spend more money on what they do best, which is higher education.
e Learning is the most impacting and cost effective method of training available for organizations today. HR professionals can improve their efficiency and effectiveness of training programs they conduct by adopting e Learning.
sweedu.com-Innovation in Education The Role of Cloud-Based School Management ...digitalrajnikant
Unlock cloud based school management software s potential for effective instruction Increased communication and cooperation, scalability and cost effectiveness, and global accessibility
Application of Cloud Computing Models in Educationijtsrd
The cloud computing is a rapidly developing technology, which has brought significant changes and opportunities to various sectors in India. It is a pervasive computing paradigm that has revolutionized how Information Technology infrastructure and services can be delivered. There is a growing interest around the utilization of cloud computing in the education sector. Education plays an essential role in maintaining the economic growth of a country. Now a days the classroom teaching is changing and students are becoming more technology oriented in his changing environment, it's critical that we think about the latest technologies to incorporate in the teaching and learning process. The survey identifies and analyses the advantages and dangers that the use of cloud computing may have for the main stakeholders in education. Dr. S. VenkateshKumar | M, Karthick "Application of Cloud Computing Models in Education" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29341.pdf Paper URL: https://www.ijtsrd.com/engineering/computer-engineering/29341/application-of-cloud-computing-models-in-education/dr-s-venkateshkumar
Challenges of Learning Management Systems and Current TrendsIJAEMSJORNAL
Information and communication technologies (ICT) and Learning Management Systems (LMSs) are important multifunctional tools developed for higher education institutions, but in fact, the success of these systems largely depends on a detailed understanding of the challenges and factors that influence the e-learning of their users. During the quarantine period due to Covid-19 in the world, Learning Management Systems were used worldwide in Higher Education as software or method to promote the course delivery. Since it was the first experience of many Egyptian higher education institutions with the use of the learning management systems during the pandemic, challenges were expected. This research aims to examine the challenges faced by LMS use and the factors influencing its use among teachers and students. The results of this research could help researchers, policy-makers, and practitioners from public and private universities to gather insights on the successful application and use of LMS during and after Covid19.
ACHIEVING SEAMLESS MIGRATION TO PRIVATECLOUD INFRASTRUCTURE FOR MULTI-CAMPUS ...ijccsa
Maintaining IT infrastructure is a major challenge for multi-campus universities. The difficulties they face
include inflexibility, inefficiency, outdated technology, and redundant resources, all of which negatively
impact the quality of services provided to students, faculty, and researchers. Consequently, there is a
growing need for a more agile, efficient, and cost-effective solution that can cater to the everchanging IT
service demands of these institutions. Universities can boost their agility, scalability, and cost-effectiveness
while enhancing service quality by utilizing cloud services. Cloud computing enables universities to quickly
and easily access computing resources that can be scaled up or down as per their IT requirements,
providing them with the necessary flexibility to meet dynamic demands. Private cloud migration further
offers universities complete control over their internal security and SLA obligations, allowing them to
guarantee a high level of service delivery. This paper contends that private cloud migration is an effective
solution that can help multi-campus universities surmount their IT infrastructure challenges and enhance
their IT service delivery capabilities.
How to mitigate risk in the age of the cloudJames Sankar
The convergence of mobile, cloud computing and the Internet of
Things (IoT) heralds a new era of hyper connectivity, and with it,
high expectations from students, staff and faculty for anywhere,
anytime Internet availability and data sharing in real time.
Moving services to the cloud can deliver significant infrastructure
benefits and cost efficiencies to help the education sector meet these
new expectations, but these opportunities come with risks that are
sometimes overlooked in the rush to join the crowd in the cloud.
It’s important to consider the risks, as well as the benefits, when
making decisions around out-sourcing IT services to the cloud.
Rethinking business continuity and disaster recovery plans is vital for
ensuring that any investment in cloud services will meet the service
delivery expectation goals of institutions, now and into the future.
In looking at the legitimate ramifications of protection and cloud registering, it is imperative to see a portion of the foundation. Right now, will look at a portion of the specialized foundation of the present innovations before examining distributed computing and its focal points and disservices in more detail. We will likewise present some lawful issues that emerge in the cloud setting and quickly audit different calls for activity that have sounded with regard to the cloud, for example, calls for revising enactment, proposing enactment, or calling for gauges or expanded straightforwardness.
Cloud computing is set of resources and services offered through the Internet. Cloud
services are delivered from data centers located throughout the world. Cloud computing
facilitates its consumers by providing virtual resources via internet. The biggest challenge in
cloud computing is the security and privacy problems caused by its multi-tenancy nature and the
outsourcing of infrastructure, sensitive data and critical applications. Enterprises are rapidly adopting
cloud services for their businesses, measures need to be developed so that organizations can be assured
of security in their businesses and can choose a suitable vendor for their computing needs. Cloud
computing depends on the internet as a medium for users to access the required services at any time on
pay-per-use pattern. However this technology is still in its initial stages of development, as it suffers
from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities
from illegal users have threatened this technology such as data misuse, inflexible access control and
limited monitoring. The occurrence of these threats may result into damaging or illegal access of
critical and confidential data of users. In this paper we identify the most vulnerable security
threats/attacks in cloud computing, which will enable both end users and vendors to know a bout
the k ey security threats associated with cloud computing and propose relevant solution directives to
strengthen security in the Cloud environment. We also propose secure cloud architecture for
organizations to strengthen the security.
Exploring the Feasibility of Adopting Cloud Computing in Computer Center Taiz...Eswar Publications
The paper would discuss the possibilities of using cloud computing as a solution to expand work efficiency at Taiz
university (TU) Computer Center and Information Technology (CCIT) labs, these Labs equipped with hardware and software resources. Cloud computing has been adopted for managing the labs to facilitate maintenance and network management according to cloud computing characteristics, also paper has studied the different types of cloud-based computing to decide the appropriate type that would gain significant advantages for students and lecturers. Surely result of this paper will be the guideline for all universities in Yemen to use the cloud computing in different areas of their work.
The advancements in cloud computing and leveraging the benefits from
cloud computing to the service providers have increased the deployment of
traditional applications to the cloud. The applications once deployed on the
cloud, due to various reasons, need migration from development
infrastructure to operational infrastructure, one operational instance to other
operational instances due to load balancing and the cycle continues due to the
use of DevOps as development strategies for cloud computing applications.
Advocates of hybrid and public clouds observe cloud computing makes it
possible for organizations to avert or minimize upfront IT infrastructure
expenses. Proponents also assert that cloud computing systems permit
businesses to receive their software up and running faster, using improved
manageability and less maintenance, so it empowers IT teams to rapidly
adapt tools to meet the varying and unpredictable requirements. DevOps is a
lot of practices that mechanizes the procedures between programming
improvement and IT groups, all together that they can fabricate, test, and
discharge programming quicker and even more dependably. The idea of
DevOps is established on building a culture of a joint effort between groups
that generally worked in relative siloes. The guaranteed advantages
incorporate expanded trust, quicker programming discharges, capacity to
explain basic issues rapidly and better oversee impromptu work. Thus, this
work identifies the need for providing multiple security protocols during the
complete life cycle of cloud application development and deployment. This
work proposes a novel framework for automatic selection and deployment of
the security protocols during cloud service deployments. The framework
identifies the need for security aspects and selects the appropriate security
algorithms for virtual machines. The proposed framework demonstrates
nearly 80% improvement over the security policy deployment time.
CompTIA exam study guide presentations by instructor Brian Ferrill, PACE-IT (Progressive, Accelerated Certifications for Employment in Information Technology)
"Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53"
Learn more about the PACE-IT Online program: www.edcc.edu/pace-it
Webinar CRUI Dell: flexilab, computer classroom made flexible Jürgen Ambrosi
Nella cornice dei seminari CRUI, Dell presenta la piattaforma Flexilab, una soluzione innovativa per le computer classroom, che consente allo studente di accedere alle applicazioni di cui necessita da qualunque dispositivo e da qualunque luogo e alle università di dotarsi delle più recenti tecnologie, in una modalità gestita, flessibile ed economicamente vantaggiosa.
MIGRATING IN-HOUSE DATA CENTER TO PRIVATE CLOUD: A CASE STUDYcseij
ABSTRACT
Internet traffic has become vast in terms of data processing as well as storage which has occurred somelimitations on existing traditional infrastructure. Such limitations may include servers, data storage, andcomputing resources. This has consequently led most of organization to keep investing and expanding theirinfrastructure in periodical phases. Hence, two factors are always co-related to each other which areTCO (total cost of ownership) and ROT (return on investment) which are critically increased due to theamount of general investment including all expenses as well as human powers. Therefore, a new technologyhas emerged which is called “Cloud Computing”. This terminology has been released recently to work as asupportive to traditional infrastructure which is part of Datacenters. It offers reliability, improved QoS,and efficiency to end-users. This paper presents a novel case study of cloud computing on a large scaleenvironment. Various factors such as TOC and ROI have been taken in consideration on a comparativestudy with traditional Datacenter. Results have shown considerable improvement on performance,utilization, and investment.
KEYWORDS
Cloud computing, ROT, TCO, QoS, CAPEX, OPEX
Similar to Towards an efficient and secure educational platform on cloud infrastructure (20)
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
2. 15 4741227: Towards an Efficient and Secure Educational Platform on Cloud Inrrastructure
D. Accessibility
At the on-premises educational platform, the required
services through devices would have limited access capability
in-terms of time, location and accessing device. This becomes
an issue because the software development team nonnally
assumes the PC/laptop as the standard accessibility medium.
Hence, accessing via smart devices such as smart phones
would encounter incompatibility and interoperability issues.
Furthermore, the use of micro and digitalized technology is
rapidly increasing and students are more comfortable to use
smart phones, notebooks, tablets instead of PCs or laptop.
Future systems must consider accessibility via smart devices
from any location at anytime without any incompatibility,
access time or location issues. Other issue that may happen is if
an employee or students completing a part of work in the
organization, they need to store the data in USB or any backup
devices. Under, some unfavorable circumstance if the storage
device is lost, all the work done will go waste.
E. System Security
System security is the most critical challenge faced by many
EOs and they are required to implement appropriate security
standards to avoid misuse and illegal access of their
applications and infonnation. The security threats can take
place on an EO's system by outside or inside malicious
attackers. In order to eliminate this issue, software
development team must implement the system with appropriate
strong security techniques. The successful implementation and
monitoring of system security in the organization also requires
expensive management and labor cost.
II. SIGNIFICANCE OF CLOUD COMPUTING IN DEVELOPING AN
EFFICIENT EDUCATIONAL PLATFORM
Considering the limitations of current educational
infrastructure, we require an EEP that must be flexible to
exhibit the services of scalability, availability, recovery,
accessibility and security in cost-effective manner. In other
word, an EEP must be able to accommodate new
organizational business requirements. Resources must be
available on-demand at any time without any downtime, and
they can be accessed from any location via any smart device.
The resources must be secured i.e. applications and data of
users' should be protected from illegal access. Considering the
requirements for developing a EEP and looking at the feature
of cloud computing such as scalability and flexibility,
availability and disaster recovery, software on-demand and
accessibility [I] [2], we can say that cloud computing will play
an integral role in the development of a EEP.
A. Scalability and Flexibility
The primary objective for many EOs is cost saving and
increase return of investment (ROI). According to proposed
business model for cloud computing, users only pay for the
computing resources they use. No need to buy new hardware,
software or pay for maintenance and upgrading. In some
existing solution, EOs need to purchase the infrastructure
utilities at a fixed cost that nonnally became an issue of an
under or over-utilized infrastructure. Being a client of cloud
services, an EO can just acquire the basic resource such as
applications, software or data storage size and they can scale
up or down whenever is required on-demand. Scalability also
allows for rapid escalations in demand at peak times such as at
the start of academic year or exam periods. Therefore, there is
no need to plan usage levels in advance [I]. In short, an EO can
simply obtain the flexibility of expanding or shrinking their
infrastructure without paying unwanted cost for new resources
or management effort.
B. Availability and Disaster Recovery
Students are increasingly dependent on online services for
learning and assessment. They should be given the best
possible system availability. An EO's computing service
department may aim to achieve 99.5 % availability for its
educational services such as the Learnfinity Management
System (LMS). Such a requirement can be easily met by a
service provider such as Google cloud services which offers
99.9% availability for its educational application suite and
appears to enhance this target [1]. Moreover, Cloud Service
Providers (CSPs) offer the required disaster recovery
infrastructure and plan. They provide recovery system and
replication of data at several geographical locations such as
cities, countries or states that are permitted by legal law. CSPs
also maintain procedures for accurate and reliable retrieval of
data. Due to disaster recovery, backup plan and efficient
troubleshooting tools used by CSP, EOs can assume that they
are highly saved from facing downtime issues and loss of data
due to.
C. Software on Demand
For the end users, apart from better availability and disaster
recovery, there are other clear benefits of cloud-based services
particularly evident with the range of new applications bein
provided. These contain the latest tools and features from
innovative companies such as Microsoft and Google [2].
Students and other entities from EOs can use office
applications without having to purchase, install and keep these
applications up-to-date on their computers [1]. It is the
responsibility of a CSP to provide always the latest and
updated applications to the users and whenever necessary
update the software versions without requiring any interaction
from the users. Beside the applications from third party
industries, EOs can also deploy their applications such as
Human Resource Management System (HRMS), LMS, and
admission systems on CCI that can be accessed at anytime
remotely without installing or configuring them. EOs don't
need to worry about backing up or losing the data as it should
be safely stored in cloud with large storage capacity provided.
Technologies such as HTML5 will increasingly allow users to
work offline when Internet access is intermittent [1].
D. Pervasive and Ubiquitous Accessibility
The systems deployed on a CCI, have ubiquitous and
pervasive accessibility [2]. If employees or students from an
educational organizations are always using the cloud based
system and storing their data on cloud, they are not required to
carry backup or storage device, their workload will be saved on
Proceedings of 20121ntemational of Cloud Computing, Technologies, Applications Management 146
3. Sarrraz Nawaz Brohi, Mervat Adib Bamiah, Suriayati Chuprat, lamalul-Iail Ab Manan
the cloud storage and will never get lost due to use of backup
and recovery services and it can be accessed within the
organization, home or across the border.
III. BARRIERS IN ADOPTING THE CLOUD PARADIGM
Although there are significant flexible and efficient features
that cloud computing can provide to EOs. However, like an
EO's existing internal infrastructure, security on a CCI is not
trustworthy and it is rapidly growing concern that needs to be
addressed [3]. When data of a client is on the datacenter of
CSP, there are obvious chances of security, hack, theft and
various malicious activities that can be performed by illegal
users such as hackers. Cloud computing datacenter
environment is overloaded with trust issues [6]. Before moving
to the cloud, an EO need assurance that their sensitive
information is protected from compromised security
procedures, and their applications are available whenever
accessed [4] [5]. Due to security and trust issues in cloud
computing, EOs are not yet ready to adopt the paradigm of
cloud computing which creates a major obstacle to leverage the
significant advantages of cloud services for EOs.
A survey conducted by ECAR shows that two-thirds of
those who out source, cited their institutional culture as a real
barrier to adopting alternative sourcing approaches and
those who outsource, nearly three-quarters (72.1 %) cited
concerns about IT security in adoption of emerging cloud
computing services [7]. No suspect that cloud computing can
be key enabler for a developing an EEP however survey results
clearly represent that EOs consider security as their main
concern for not moving towards cloud based IT services and
solutions. Since security is a vital factor for organizations
policies, the education organization need to be guaranteed
on provided security standards and procedures prior to the
adoption of cloud services. In order to overcome the security
issues. In this paper we have provided a conceptual model to
develop an ESEP on CCI.
IV. RELATED WORK
(Z. Yang, 2011) [8], suggested an open structure framework
that can interoperate with external content and social service, it
can also interoperate with enterprise applications such as CRM,
ERP, Groupware, SharePoint, etc and client's applications such
as twitter, g-mail, YouTube, etc at the data level by mapping
mechanism. This open structure framework has four layers i.e.
user experience, collaboration service, core service, and
delivery platforms. It can make internal cloud and external
cloud interoperate with each other if standards are followed.
The core of the framework is the standard cloud structure,
namely e-Education cloud. The overall structure of e-Education
cloud can be subdivided into management subsystem and
service subsystem. (R. Elumalai, V. Ramachandran, 2011) [9]
proposed cloud based e-Content sharing service deployed in
Google App Engine in order to serve the academic community
by providing a common educational e-Content repository
wherein the contribution is also from the academic
community. This model is designed to distribute e-Contents in
the form of text, audio and video files to the intended
audience, which are contributed by various subject experts
from academic community. These files are uploaded to cloud
storage as a service layer by the administrator after the peer
reviewing process. In order to access the e-Contents, the user is
requested to register with the service. At the time of
registration the user needs to provide a basic personal
information such as their email Id, geographical position,
mobile number along with a request to identity them as users
or content providers. Once they have entered the requested
details, a unique One Time Password (OTP) is dynamically
generated and is sent to their mobile numbers and to their email
Id's which can be used for confirming their registration. The
OTP is formulated by the random number generation
algorithm which generates the random number within the
range of 100 to 99999. The generated number is sent as text
message to the client's registered mobile phone through third
party Web service for sending Short Messaging Service(
SMS). Once the number is validated, the content provider can
upload the e-Resources in the cloud e-Content Sharing as a
Service layer.
V. ATTACK SURFACE OF A CLOUD COMPUTING
INFRASTRUCTURE
We have identified two major types of attacks on a CCI i.e.
un-trusted malicious VM attack by malicious outsider, and
insider's attack by a malicious cloud administrator as shown
in Fig.l, indicated by red color lines.
A. Malicious VM / Outsider's Attack
Normally malicious VMs may be belonging to the
competitor of the EO on cloud, or CSP. The objective of this
VM is to infect the services of EO in order to issue a DoS
attack for their systems. This attack may be carried out to
threaten the reputation of CSP. A malicious VM can mainly
attack in two methods i.e. attack directly on other VMs and
affect the client applications with viruses, malwares, Trojan
horses or worms, or attacking on the host OS, if host OS is
compromised, attacker can exploit the hypervisor and physical
layer to misuse the client VMs and data. These kind of attacks
can destroy the overall computing infrastructure because host
OS is managing the hypervisor that is responsible for
providing significant tasks for the VMs such as start,
shutdown, pause and restart the VMs, monitor and modify the
resources available for the VMs, monitor the applications
running inside the VMs, view, copy, and modify the data
stored in the virtual disks assigned to the VMs. This enables
the host to monitor all the network traffic for all its VMs [10].
In-case if a host is compromised then the security of the VMs
is under question. On the other hand, malicious VM can also
change the configuration of underlying hardware and may try
to steal the confidential data of EO. Hence measurement
should be taken when configuring the VM environment so that
enough security standards should be implemented which
avoids the host being a gateway for attacking the VM [10],
and physical layer must be protect by illegal access as it
should be resistant to any malicious software activity.
Proceedings of 20121ntemational of Cloud Computing, Technologies, Applications Management 147
4. 15 4741227: Towards an Efficient and Secure Educational Platform on Cloud Inrrastructure
B. Malicious Administrator / Insider's Attack
One of the primary security concerns in cloud computing is
that the customer loses direct control over potentially business
sensitive and confidential data. This needs more attention
because the CSP is outside the trusted domain of customer
[12]. The risk of a malicious insider is one of the most
dangerous security threats. The cloud security alliance report
lists malicious insiders as the number three top threat in cloud
computing [ll]. Clients are not aware and fully trusting the
security technique used by the CSP when their data is on open
access cloud computing platform. They believe even if their
data is protected from outsider's attack but how about
insider's attack. It is possible that malicious cloud
administrator may, retrieve, view and misuse the confidential
data of an EO. In order to gain the trust of EOs, CSP must
provide them trustable security standards that ensure the
protection of their data-at-rest.
VI. OUR CONTRIBUTION: EFFICIENT AND SECURE
EDUCATIONAL PLATFORM (ESEP) ON THE CLOUD
INFRASTRUCTURE
To address the issues on CCI, we have designed a
conceptual model of an ESEP on the public CCI that is shared
by multiple tenants including trusted and un-trusted users.
Trusted users are the EOs who has signed a well-defined SLA
with the CSP to use the cloud service delivery models such as
SaaS (MicrosoftLive@edu, LMS, HRMS, OpenOffice), PaaS
(GoogleAppsEngine, Microsoft Azure), and laaS (Storage-asa-
Service) on pay-per-use billing pattern accessing via using
smart devices such as Notebooks, Smart phones, Tablets etc.
Un-trusted users refer to general public who are registered
online with the CSP for using some shared service such as
web-mail, media players, games etc as shown in Fig.1 the
services of a an EO are running on VMs, we have illustrated
the use of two VMs for the EO, both VMs consists on guest
OSs and applications that are configured on Apache Tomcat
server along with a DBMS such as MySQL. The un-trusted
users are also assigned with VMs to access some free services
provided by CSP. The client VMs are managed by VMM in
our case, we have proposed the use of KVM hypervisor
running on a Linux Host OS. Since these VMs of un-trusted
users are not trusted, they might be malicious and their target
might be to threat the EO or the CSP. The proposed model is
divided into two major parts for managing the security i.e.
Management of security by CSP and client. CSP is responsible
to secure all layers of computing infrastructure against
outsider's attacks. Clients are responsible to secure and
control their personal data against insider's attacks by
acquiring a remote cryptography software using Security as a
Service (SECaaS). The proposed model is developed by using
several security tools as well as techniques such as SECaaS,
TPM, vTPM, Virtual Firewall (VFs), Intrusion Detection
Systems (IDS) and TVO to eliminate the threats of malicious
VMs on the VMs of the EO and to block the insider to view or
misuse the data of EO as shown in Fig.1. The detailed
mechanism of our security model is further described.
End Users from
EO
. ... : ' : -
....... -- 1115 -
.
EO's Admin
,
I
I
I
I
,,-- ... _'
EO's Encrypted
O'UbilH
Figure I. Efficient and Secure Educational Platform (E-SEP) on CCI
A. Securing the Virtualization Layer
We have proposed the use of lOTs, TVD, TPM driver,
vTPM and hypervisors-resident VF to secure the virtualization
layer that includes VMs and VMM. These tools will be
illustrated as follows:
1) Intrusion Detections Tools (IDTs)
IDTs will collect and analyze data from a computing
system, aiming to detect intrusive actions. We propose the use
of two main approaches for IDTs i.e. Network-based IDTs
(NiOTs) and Host-based IDTs (HIDTs), NIDTs will monitor
the network traffic flowing through the systems whereas
HIDTs will monitor the local activities on a host like
processes, network connections, system calls, logs, etc and
examining events like which files have been accessed and
what applications have been executed [13].
2) Trusted Virtual Domains (T VDs)
Since isolation is one of the main solutions to eliminate the
threat of malicious VMs attacking on VMs of trusted users. In
our model, isolation is achieved by using the technique of
TVD, which is formed at CCI by grouping the related VMs
running on separate physical machine into a single network
domain with a unified security policy. The multiple instances
of TV Os co-exist on a single platform under a shared resource
policy. The use of TVO provides strong isolation among unrelated
VMs as the communication among VMs will take
places only according to the security policies configured by
administrator in the VMM. A malicious VM cannot join any
TVO because it should fulfil the access policy requirements so
no any malicious VM will affect the VMs of trusted users on
cloud [14]. Normally the VMs residing in a TVD are labeled
with a unique identifier. The labeling is used to identity the
assigned VMs to a particular customer and to allow the same
labeled VMs to run inside the same TVO.
Proceedings of 20121ntemational of Cloud Computing, Technologies, Applications Management 148
5. Sarrraz Nawaz Brohi, Mervat Adib Bamiah, Suriayati Chuprat, lamalul-Iail Ab Manan
3) TPM Driver and vTPM
In order to protect the KVM hypervisor from attacks of
malicious VM, we need to secure the OS kernel. To achieve
this, we have proposed the use of TPM driver at this layer. It is
a kernel-mode device driver designed for TPM, it will allow
the host OS to communicate with hardware TPM that will
provide more platform stability and eliminates the need for
vendor-specific device drivers. TPM driver can be used in
various OSs such as Windows and Linux to protect the OS
from attacks [15]. If OS is free from attacks the security of
hypervisor will remain alive. Since the physical TPM is used to
protect the host OS and underlying physical platform and the
use of vTPM, it provides same TPM like functionality for
VMs, each VM will have its own vTPM instance that will be
created by vTPM manager and will keep running throughout
the lifetime of the VM which will communicate with
underlying TPM through drivers. The use of vTPM will ensure
the integrity and consistency of VMs' .
4) Hypervisor-Resident Virtual Firewall
Hypervisor-resident VF that is implemented on the VMM
and it is responsible to capture malicious VM activities
including packet injections. The VF requires a modification to
the physical host hypervisor kernel to install process hooks or
modules allowing the VF system access to VM information
and direct access to the virtual network switches as well as
virtualized network interfaces moving packet traffic between
VMs. The hypervisor-resident VF can use the same hooks to
then perform all firewall functions like packet inspection,
dropping, and forwarding but without actually touching the
virtual network at any point [16].
B. Securing the Physical Layer
Physical layer is secured by a TPM. Its implementation is
available as a chip that is physically attached to a
platform's motherboard and controlled by software running
on the system using well-defmed commands. It provides
cryptographic operations such as asymmetric key generation,
decryption, encryption, signing and migration of keys
between TPMs, as well as random number generation and
hashing [17]. TPM also provides secure storage for small
amounts of information such as cryptographic keys. Because it
is implemented in hardware and presents a carefully designed
interface, TPM is resistant to software attacks [18]. Physical
layer is secure proof mainly by TPM's Trusted Execution
Technology (TXT). It is a feature of Intel's microprocessors
and chipsets commonly referred to as Intel vPro. It provides a
late launch capability for the secure creation and launch of
virtual execution environments called Measured Launch
Environments (MLEs) that can be launched anytime after a
platform is booted. Hardware protections are provided by TXT
against software based attacks on MLEs during launch and
while the MLE is executing [6]. The use of MLEs will monitor
the performance of computing infrastructure and block any
possible threats by outsider attackers to underlying hardware.
C. Security as a Service / (Bit-Locker as a Service)
By acquiring SECaaS, administrator from an EO will be
able to protect their particular data storage disks by performing
cryptographic encryption and decryption operations. This
target will be achieved by providing remote access of TPM
enabled software i.e. Bit-Locker Drive Encryption as a service
to the client. It is a new security feature that provides better
data protection by encrypting all data stored on the OS volume.
For-example if client's data is stored on drive C, the CSP
must enable the client to encrypt that particular drive via BitLocker
as a Service. Once the client's admin activates BitLocker
on their volume, a password will be required that will
use a master or private key for the client and upon successful
activation, a recovery file will be generated by the software,
this file can be used in case of forgetting or losing the master
key, the master key and recovery file must be only known to a
highly privileged person from the EO such as administrator and
should be stored on an isolated device not on the machine at
which encryption has taken place. Once the data is sealed by
the client the volume will be displayed with golden lock [18] as
shown in Fig. I. However, Bit-Locker can only be used with
TPM to perform the required tasks such as sealing and
unsealing to protect the user's data. Under this mechanism of
SECaaS, the clients will be confident that their data are
protected from any insider threat at CSP side.
VII. CONCLUSION AND FUTURE WORK
Cloud computing is considered as a key enabler to develop
an EEP that will be used for supporting globalized and
collaborative education. Current educational platform are costconsuming,
whereas an educational platform on CCI will be
cost-effective in-terms of scalability, availability, on-demand
self service, recovery and flexibility. However, there are
certain barriers of security that are blocking the EOs from
adopting cloud computing. In order to contribute in the field of
cloud computing security, we have designed a conceptual
security model to support the deployment of education
platform on CCI. This model is based on analysis, concepts
and theories. However we will focus on providing a practical
prototype by implementing the proposed model in our
upcoming research publication.
ACK NOWLEDGMENT
We are thankful to God Almighty for glvmg us the
knowledge and wisdom to complete this work. We are also
thankfu I to our parents for their encouraging support.
REFERENCES
[1] UNESCO, 2010. Cloud Computing in Education, Availab le from
http: //iite. unesco. org/pi cs/pu b li cations/enlfi les/321467 4. pdf.
[2] M. Erkoc, K ert, 2011. Cloud Computing for Distrib uted University
Campus: A Prototype Suggestion, in International conference on the
future of Education.
[3] Sultan Nab i, 2010. Cloud Computing for Education: A new dawn? In
International Journal of Information Management: Elsevier, pp. 109-
119.
Proceedings of 20121nternational of Cloud Computing, Technologies, Applications Management 149
6. 15 4741227: Towards an Efficient and Secure Educational Platform on Cloud Inrrastructure
[4 ] Filip A., Rolul, 2011. Stakeholderilor in teoria de marketing relational
(The role of stakeholders in relationship marketing theory in Romanian) ,
Calitatea - access la success Journal (Quality I access to success) , no. 3,
2011, pp. 27130.
[5 ] S. Pearson and A. Benameur, 2010. Privacy, Security and Trust Issues
Arising from Cloud Computing, in Cloud Computing Technology and
Science (CloudCom) , 2010 IEEE Second International Conference, pp.
693-702.
[6 ] F. John K rautheim, 2009. T Private virtual inrrastructure for cloud
computing, in TRUST'IO Proceedings of the 3rd international
conference on Trust and trustworthy computing.
[7 ] K atz , R., et aI., 2009. Demystifying Cloud Computing for Higher
Education (Research Bulletin, Issue 19) . Boulder, CO: EDUCAUSE
Center for Applied Research, Availab le from
http: //www.educause.edu/ecar.
[8 ] z. Yang, 2011. Study on an interoperab le cloud rramework for eEducation,
In International Conference on E -Business and EGovernment
(ICEE) , pp. 1-4.
[9] R. Elumalai, V. Ramachandran, A Cloud Model for Educational eContent
Sharing, In European Journal of Scientific Research, ISSN
145 0-216X Vol.59 No.2 (2011) , pp.200-207. Page 6 of 6 IEEE Security
Privacy.
[10] Sengmei Luo, et aI., 2011. Virtualiz ation security for cloud computing
service, In International Conference on Cloud and Service Computing
(CSC) , vol., no., pp. I 74-179, 12-14.
[11] CSA, 2009. Security guidance for critical areas of focus in cloud
computing V3.0, Availab le from
https: llcloudsecurityalliance.org/guidance/csaguide. v3.0. pdf.
[12] Srinivasan, et aI., 2012. State-of-the-art Cloud Computing Security
Taxonomies A classification of security challenges in the present cloud
computing environment, In: International Conference on Advances in
Computing, Communications and Informatics (ICACCI-2012) , ICACCI
'12, ACM, 2012, Chennai, India.
[13] Harley K oz ushko, 2003. Intrusion Detection: Host-Based and NetworkBased
Intrusion Detection Systems, Availab le from
http: //infohost.nmt.edu/-sfs/Students/HarleyK oz ushkolPaperslIntrusion
Detectio nP aper.p df
[14 ] Luigi, c., et al. Trusted Virtual Domains - Design, Implementation and
Lessons Learned, Availab le from
http: //infohost.nmt.edu/-sfs/Students/HarleyK oz ush k o/Papers/1 ntrus ion
Detecti onP aper. pdf
[15 ] Microsoft, 2007. TPM Driver, Availab le from
http: //technet.microsoft.com/en-us/lib rary/cc734122(v=ws.1O ) .aspxx
[16] Clement Berthelot, 2011. Evaluation of a Virtual Firewall in a Cloud
Environment, Availab le from
http: //b uchananweb .co.ukl09014406_MSc_VirtuaIFirewall.pdt
[17 ] Common Criteria. Trusted Computing Group (TCG) Personal Computer
(PC) Specific Trusted Building Block (TBB) Protection Profile and
TCG PC Specific TBB With Maintenance Protection Profile, July 2004.
[18 ] Microsoft, 2012. Trusted Platform Module Administration Technical
Overview, Availab le from
http: //technet.microsoft.com/enus/lib rary/ cc7 66159(v=ws.l O).aspx
Proceedings of 20121nternational of Cloud Computing, Technologies, Applications Management 15 0