Cloud computing is set of resources and services offered through the Internet. Cloud services are delivered from data centers located throughout the world. Cloud computing facilitates its consumers by providing virtual resources via internet. General example of cloud services is Google apps, provided by Google and Microsoft SharePoint. The rapid growth in field of “cloud computing” also increases severe security concerns. Security has remained a constant issue for Open Systems and internet, when we are talking about security cloud really suffers. Lack of security is the only hurdle in wide adoption of cloud computing. Cloud computing is surrounded by many security issues like securing data, and examining the utilization of cloud by the cloud computing vendors. The wide acceptance www has raised security risks along with the uncountable benefits, so is the case with cloud computing. The boom in cloud computing has brought lots of security challenges for the consumers and service providers. How the end users of cloud computing know that their information is not having any availability and security issues? Every one poses, Is their information secure? This study aims to identify the most vulnerable security threats in cloud computing, which will enable both end users and vendors to know about the key security threats associated with cloud computing. Our work will enable researchers and security professionals to know about users and vendors concerns and critical analysis about the different security models and tools proposed. View full abstract»

Although the cloud computing model is considered to be a very promising internet-based computing platform, it results in a loss of security control over the cloud-hosted assets. This is due to the outsourcing of enterprise IT assets hosted on third-party cloud computing platforms. Moreover, the lack of security constraints in the Service Level Agreements between the cloud providers and consumers results in a loss of trust as well. Obtaining a security certificate such as ISO 27000 or NIST-FISMA would help cloud providers improve consumers trust in their cloud platforms' security. However, such standards are still far from covering the full complexity of the cloud computing model. We introduce a new cloud security management framework based on aligning the FISMA standard to fit with the cloud computing model, enabling cloud providers and consumers to be security certified. Our framework is based on improving collaboration between cloud providers, service providers and service consumers in managing the security of the cloud platform and the hosted services. It is built on top of a number of security standards that assist in automating the security management process. We have developed a proof of concept of our framework using. NET and deployed it on a test bed cloud platform. We evaluated the framework by managing the security of a multi-tenant SaaS application exemplar. View full abstract»

Although cloud computing is generally recognized as a technology which will has a significant impact on IT in the future. However, Cloud computing is still in its infancy, currently, there is not a standard available for it, portability and interoperability is also impossible between different Cloud Computing Service Providers, therefore, handicaps the widely deploy and quick development of cloud computing, there is still a long distance to the fine scenery which theoretically depicted by cloud computing. We analyze the problems in the current state of the art, put forward that Open Cloud Computing Federation is an inevitable approach for the widely use of cloud computing and to realize the greatest value of it. Accordingly, we proposal the MABOCCF (Mobile Agent Based Open Cloud Computing Federation) mechanism in this paper, it combines the advantages of Mobile Agent and cloud computing to provide a realization for the Open Cloud Computing Federation, MABOCCF can span over multiple heterogeneous Cloud Computing platforms and realizes portability and interoperability, it can be a beginning of open cloud computing federation and a future part of cloud computing. We also present in this paper the rationalities and the motivations for the combination of Mobile Agent and Cloud Computing, finally, a prototype is given with a performance analysis. View full abstract»

Cloud computing has become increasingly popular by obviating the need for users to own and maintain complex computing infrastructure. However, due to their inherent complexity and large scale, production cloud computing systems are prone to various runtime problems caused by hardware and software failures. Dependability assurance is crucial for building sustainable cloud computing services. Although many techniques have been proposed to analyze and enhance reliability of distributed systems, there is little work on understanding the dependability of cloud computing environments. As virtualization has been an enabling technology for the cloud, it is imperative to investigate the impact of virtualization on the cloud dependability, which is the focus of this work. In this paper, we present a cloud dependability analysis (CDA) framework with mechanisms to characterize failure behavior in cloud computing infrastructures. We design the failure-metric DAGs (directed a cyclic graph) to analyze the correlation of various performance metrics with failure events in virtualized and non-virtualized systems. We study multiple types of failures. By comparing the generated DAGs in the two environments, we gain insight into the impact of virtualization on the cloud dependability. This paper is the first attempt to study this crucial issue. In addition, we exploit the identified metrics for failure detection. Experimental results from an on-campus cloud computing test bed show that our approach can achieve high detection accuracy while using a small number of performance metrics. View full abstract»

The cloud computing is a new computing model which comes from grid computing, distributed computing, parallel computing, virtualization technology, utility computing and other computer technologies and it has more advantage characters such as large scale computation and data storage, virtualization, high expansibility, high reliability and low price service. The security problem of cloud computing is very important and it can prevent the rapid development of cloud computing. This paper introduces some cloud computing systems and analyzes cloud computing security problem and its strategy according to the cloud computing concepts and characters. The data privacy and service availability in cloud computing are the key security problem. Single security method cannot solve the cloud computing security problem and many traditional and new technologies and strategies must be used together for protecting the total cloud computing system. View full abstract»

Cloud computing is one of today's most exciting technologies due to its ability to reduce costs associated with computing while increasing flexibility and scalability for computer processes. During the past few years, cloud computing has grown from being a promising business idea to one of the fastest growing parts of the IT industry. IT organizations have expresses concern about critical issues (such as security) that exist with the widespread implementation of cloud computing. These types of concerns originate from the fact that data is stored remotely from the customer's location; in fact, it can be stored at any location. Security, in particular, is one of the most argued-about issues in the cloud computing field; several enterprises look at cloud computing warily due to projected security risks. The risks of compromised security and privacy may be lower overall, however, with cloud computing than they would be if the data were to be stored on individual machines instead of in a so - called "cloud" (the network of computers used for remote storage and maintenance). Comparison of the benefits and risks of cloud computing with those of the status quo are necessary for a full evaluation of the viability of cloud computing. Consequently, some issues arise that clients need to consider as they contemplate moving to cloud computing for their businesses. In this paper I summarize reliability, availability, and security issues for cloud computing (RAS issues), and propose feasible and available solutions for some of them. View full abstract»

Cloud computing has brought new changes and opportunities to IT industry. It is the result of the evolution of a variety of techniques. And the railway department will use the cloud computing technology to achieve the sharing of the railway information resources and to improve the capacity of information processing. But with the development of the cloud computing, it also faced with many difficulties, cloud computing security has become the leading cause of impeding its development. Cloud computing security has become a hot topic in industry and academic research. This paper will explore the status of the development of cloud computing security, analyze the data privacy, security auditing, data monitoring and other challenges that the cloud computing security faced with. We will describe the solutions which the industry and academia proposed for some key issues of cloud computing security, such as virtualization security and traffic monitoring between virtual machines and so on. And we analyzed the security of cloud computing in railway environment. We proposed a cloud computing security reference framework. The purpose of this paper is attempted to bring greater clarity landscape about cloud computing security. View full abstract»

Cloud Computing is evolving as a key technology for sharing resources. Grid Computing, distributed computing, parallel computing and virtualization technologies define the shape of a new era. Traditional distance learning systems lack reusability, portability and interoperability. This paper sees cloud computing ecosystem as a new opportunity in designing cloud computing educational platforms where learning actors can reuse learning resources handled by cloud educational operating systems. To enhance learning objects portability and interoperability not only cloud computing API standards should be advocated by the key cloud providers but also learning resources standards should be defined by the Open Cloud Computing Education Federation as proposed by this paper. View full abstract»

Cloud computing is becoming as a main choice computing paradigm for the enterprises. Use of cloud computing technologies is increasing by every passing day. It has great advantages of on-demand computing, scalability, proactive resource management, better application throughput, and enhanced security. Due to its openness and adaptability, it can be a good option for voluntary resource computing among non-profit organizations. In this paper, we present a model for cooperative cloud computing among research institutes and universities using Virtual Cloud concepts. The propose model of Cooperative Cloud Computing encompasses the concepts of cloud federation and volunteer computing and is based on our Virtual Cloud architecture. The cooperative cloud computing can be performed at a global scale among universities and research centers (institutes) located in different continents. In this model, institutes get benefited with a much higher computing power available through cloud federation. View full abstract»

As the new computing service pattern of cloud computing develops rapidly, the security problem of cloud computing has become a hot research topic. Before the user passes important data or computing task to the cloud, the user of the cloud may want to verify the trusted status of the platform which actually carries out the computing task in the cloud. And the remote attestation mechanism in Trusted Computing is suited for the cloud user's verification need. In this paper, the property-based remote attestation mechanism in Trusted Computing is imported into clouding computing, and a property-based remote attestation method oriented to cloud computing is designed based on the characteristics of cloud computing. In this method, through the attestation proxy, the remote attestation of the computing platform's security property is realized without disclosing the platform's configuration, and users can validate the security property of the actual computing platform in the virtual cloud computing environment. View full abstract»

Network-based cloud computing is rapidly expanding as an alternative to conventional office-based computing. As cloud computing becomes more widespread, the energy consumption of the network and computing resources that underpin the cloud will grow. This is happening at a time when there is increasing attention being paid to the need to manage energy consumption across the entire information and communications technology (ICT) sector. While data center energy use has received much attention recently, there has been less attention paid to the energy consumption of the transmission and switching networks that are key to connecting users to the cloud. In this paper, we present an analysis of energy consumption in cloud computing. The analysis considers both public and private clouds, and includes energy consumption in switching and transmission as well as data processing and data storage. We show that energy consumption in transport and switching can be a significant percentage of total energy consumption in cloud computing. Cloud computing can enable more energy-efficient use of computing power, especially when the computing tasks are of low intensity or infrequent. However, under some circumstances cloud computing can consume more energy than conventional computing where each user performs all computing on their own personal computer (PC). View full abstract»

With the advent internet in the 1990s to the present day facilities of ubiquitous computing, the internet has changed the computing world in a drastic way. It has traveled from the concept of parallel computing to distributed computing to grid computing and recently to cloud computing. Although the idea of cloud computing has been around for quite some time, it is an emerging field of computer science. Cloud computing can be defined as a computing environment where computing needs by one party can be outsourced to another party and when need be arise to use the computing power or resources like database or emails, they can access them via internet. Cloud computing is a recent trend in IT that moves computing and data away from desktop and portable PCs into large data centers. The main advantage of cloud computing is that customers do not have to pay for infrastructure, its installation, required man power to handle such infrastructure and maintenance. In this paper we will discuss what makes all this possible, what is the architectural design of cloud computing and its applications. View full abstract»

Cloud computing is considered to be the next generation of information technology framework. It is the next generation computing platforms that can provide dynamic resource pools, virtualization and high availability. The new character brings a lot of new security challenges which have not been taken into account completely in the current cloud computing system. As a consequence, to build a cloud computing data security system is the basis to build cloud computing security system. In this article, the cloud computing technology architecture and the cloud computing data security features are the first to be studied and considered, then the cloud computing data security model is raised. At last, the realization of data security model has been researched. The model adopts a multi-dimension architecture of three - layers defense. First of all, user authentication is required to ensure that user data cannot be tampered. Users who pass the anthentication can get relative operation on the user data, such as addition, modification, deletion. If the unauthorized user use illegal means to deceive the authentication system, the file entered the system encrypt and privacy defense levels. In this layer, user data is encrypted. If key has been got by the intruder. The user data cannot be got valid information even it is obtained through function of privacy protection. It is very important for commercial users of the cloud computing to protect their business secrets. The last is the file quick regeneration layer, user data can get maximum regeneration even it is damaged through rapid regeneration algorithm in this layer. Each layer accomplishes its own job and combines with others to ensure data security in the cloud computing. View full abstract»

Cloud computing provides computing resources as a service over a network. As rapid application of this emerging technology in real world, it becomes more and more important how to evaluate the performance and security problems that cloud computing confronts. Currently, modeling and simulation technology has become a useful and powerful tool in cloud computing research community to deal with these issues. In this paper, to the best of our knowledge, we review the existing results on modeling and simulation of cloud computing. We start from reviewing the basic concepts of cloud computing and its security issues, and subsequently review the existing cloud computing simulators. Furthermore, we indicate that there exist two types of cloud computing simulators, that is, simulators just based on software and simulators based on both software and hardware. Finally, we analyze and compare features of the existing cloud computing simulators. View full abstract»

Cloud computing has been a paradigm shift in the information technology domain. It offers potential benefits to users in terms of instant availability, scalability and resource sharing, while potentially posing security issues. Especially, recent events like Amazons system failure increased the concerns related to cloud computing. Given these security and reliability concerns , we explore the optimal decision rule for moving certain IT function to public clouds. We formulate the problem as an entrepreneurial decision for an optimal stopping time at which the entrepreneur shall migrate to the cloud computing paradigm. Two different models are presented. Recognizing that an important and specific issue related to different computing paradigm is the potential "security" risk posed by each technology, we consider security risks in both models. The first model approaches the optimal adoption problem from assessing the cloud computing adoption under project value uncertainty. The entrepreneur has the timing flexibility and solves his optimal adoption decision under uncertainty. The optimal adoption rule obtained is a threshold strategy. A firm should adopt the cloud computing only if the value from the adoption exceeds the threshold level. The second model builds on a comprehensive assessment of two different computing paradigms. The entrepreneur can either keep the traditional on-site computing paradigm or migrate to the cloud computing paradigm. His problem is to make the paradigm shift optimally. We model such a problem as optimally swapping two "risky" assets, which refer to benefits of the traditional on-site computing paradigm and those of the cloud computing paradigm. The term "risky" captures the fact that actual benefits can only be resolved through time, and thus estimates of benefits are embedded with uncertainty. We obtain the optimal swapping rule as a threshold strategy, defined in terms of the two benefit ratio. A firm should only shift the part of its bus- ness to the cloud computing service if the ratio, the benefit from the cloud computing paradigm over that from the traditional on-site computing paradigm, exceeds the threshold. In both models, both the extent of riskiness (i.e. uncertainty) and the significance of security risks (both in terms of potential occurrence probability and the severity of damage) affect the threshold level, thus the entrepreneurial adoption decision. View full abstract»

Cloud computing, despite its hype, is being widely deployed, with its dynamic scalability and usage of virtualized resources, in many organizations for several applications. It is envisioned that, in the near future, cloud computing will have a significant impact on the educational and learning environment, enabling their own users (i.e., learners, instructors, and administrators) to perform their tasks effectively with less cost by utilizing the available cloud-based applications offered by the cloud service providers. This paper discusses the use of cloud computing in the educational and learning arena, to be called “Education and Learning as a Service” (ELaaS), emphasizing its possible benefits and offerings. It is essential for an educational and learning organization, with its budget restrictions and sustainability challenges, to use the cloud formation best suited for a particular IT activity. The Jericho Forum proposes a cloud computing formation model, called the Cloud Cube Model (CCM), which is based on 4 criteria. To preserve the symmetry of the cube, a new cloud computing formation model, called the Complete Cloud Computing Formations (C³F), is proposed. The IT activities in the educational and learning organizations are then classified with respect to the two criteria: mission criticality and sensitivity. Each class is then mapped into the appropriate position in the C³F, creating ELaaS Quadrant. This essentially establishes a general conceptual framework for ELaaS. View full abstract»

Cloud computing, one of the emerging topic in the field of information technology, is the development of parallel computing, distributed computing and grid computing. By using the internet and central remote services it maintains the data, applications etc which offers much more efficient computing by centralizing storage, memory, processing, bandwidth and so on. It can also concentrate all computation resources and manage automatically through the software without intervene. There are several layers in present cloud computing architecture, service models, platforms, issues i.e. security, privacy, reliability, open standard etc. and types. This paper presents all about the promising cloud computing technology i.e. its architecture, advantages, platforms, issues and challenges, applications, future and research options of cloud computing. There four generations of computing such as mainframe based computing, personal computing, client server based computing and web server based computing respectively. As there are several advantages over present generation of web server based computing such as fast micro processor, huge memory, high-speed network, reliable system architecture etc. we can say that cloud computing will provide the next generation of computing services. View full abstract»

Cloud computing is emerging as a prominent computing model. It provides a low-cost, highly accessible alternative to other traditional high-performance computing platforms. It also has many other benefits such as high availability, scalability, elasticity, and free of maintenance. Given these attractive features, it is very desirable if automated planning can exploit the large, affordable computational power of cloud computing. However, the latency in inter-process communication in cloud computing makes most existing parallel planning algorithms unsuitable for cloud computing. In this paper, we propose a portfolio stochastic search framework that takes advantage of and is suitable for cloud computing. We first study the running time distribution of Monte-Carlo Random Walk (MRW) search, a stochastic planning algorithm, and show that the running time distribution usually has remarkable variability. Then, we propose a portfolio search algorithm that is suitable for cloud computing, which typically has abundant computing cores but high communication latency between cores. Further, we introduce an enhanced portfolio with multiple parameter settings to improve the efficiency of the algorithm. We implement the portfolio search algorithm in both a local cloud and the Windows Azure cloud. Experimental results show that our algorithm achieves good, in many cases super linear, speedup in the cloud platforms. Moreover, our algorithm greatly reduces the running time variance of the stochastic search and improves the solution quality. We also show that our scheme is economically sensible and robust under processor failures. View full abstract»

Agent-based cloud computing is concerned with the design and development of software agents for bolstering cloud service discovery, service negotiation, and service composition. The significance of this work is introducing an agent-based paradigm for constructing software tools and testbeds for cloud resource management. The novel contributions of this work include: 1) developing Cloudle: an agent-based search engine for cloud service discovery, 2) showing that agent-based negotiation mechanisms can be effectively adopted for bolstering cloud service negotiation and cloud commerce, and 3) showing that agent-based cooperative problem-solving techniques can be effectively adopted for automating cloud service composition. Cloudle consists of 1) a service discovery agent that consults a cloud ontology for determining the similarities between providers' service specifications and consumers' service requirements, and 2) multiple cloud crawlers for building its database of services. Cloudle supports three types of reasoning: similarity reasoning, compatibility reasoning, and numerical reasoning. To support cloud commerce, this work devised a complex cloud negotiation mechanism that supports parallel negotiation activities in interrelated markets: a cloud service market between consumer agents and broker agents, and multiple cloud resource markets between broker agents and provider agents. Empirical results show that using the complex cloud negotiation mechanism, agents achieved high utilities and high success rates in negotiating for cloud resources. To automate cloud service composition, agents in this work adopt a focused selection contract net protocol (FSCNP) for dynamically selecting cloud services and use service capability tables (SCTs) to record the list of cloud agents and their services. Empirical results show that using FSCNP and SCTs, agents can successfully compose cloud services by autonomously selecting services. View full abstract»

A Cloud computing system provides infrastructure layer services to users by managing virtualized infrastructure resources. The infrastructure resources include CPU, hyper visor, storage, and networking. Each category of infrastructure resources is a subsystem in a cloud computing system. The cloud computing system coordinates infrastructure subsystems to provide services to users. Most current cloud computing systems lacks pluggability in their infrastructure subsystems and decision algorithms, which restricts the development of infrastructure subsystems and decision algorithms in cloud computing system. A cloud computing system should have the flexibility to switch from one infrastructure subsystem to another, and one decision algorithm to another with ease. This paper describes Roystonea, a hierarchical distributed cloud computing system with plug gable component architecture. The component pluggability ability gives administrators the flexibility to use the most appropriate subsystem as they wish. The component pluggability of Roystonea is based on a specifically designed interfaces among Roystonea controlling system and infrastructure subsystems components. The component pluggability also encourages the development of infrastructure subsystems in cloud computing. Roystonea provides a test bed for designing decision algorithms used in cloud computing system. The decision algorithms are totally isolated from other components in Roystonea architecture, so the designers of the decision algorithms can focus on algorithm design without worrying about how his algorithm will interact with other Roystonea components. We believed that component pluggability will be one of the most important issues in the research of cloud computing system. View full abstract»

The greatest environmental challenge today is global warming, which is caused by carbon emissions. Energy crisis brings green computing, and green computing needs algorithms and mechanisms to be redesigned for energy efficiency. Green IT refers to the study and practice of using computing resources in an efficient, effective and economic way. The various approaches of the green IT are Virtualization, Power Management, Material Recycling and Telecommuting. The basic principles of cloud computing is to make the computing be assigned in a great number of distributed computers rather than local computer or remote server. In fact, cloud computing is an extend of Grid Computing, Distributed Computing and Parallel Computing. It's foreground is to provide secure, quick, convenient data storage and net computing service centered by internet. Currently, a large number of cloud computing systems waste a tremendous amount of energy and emit a considerable amount of carbon dioxide. Thus, it is necessary to significantly reduce pollution and substantially lower energy usage. The analysis of energy consumption in cloud computing consider both public and private clouds. Cloud computing with green algorithm can enable more energy-efficient use of computing power. View full abstract»

Cloud computing has changed the whole picture that distributed computing used to present e.g. Grid computing, server client computing. Cloud has given a new meaning to distributed, and off-premises computing. Although, Cloud offers great benefits, it also introduces a myriad of security threats to the information and data which is now being ported from on-premises to off-premises. Where cloud computing can help organizations accomplish more by paying less (in the longer run) and breaking the physical boundaries between IT infrastructure and its users, due to openness of accessible information and data relying on trust between cloud provider and customer, heightened security threats must be overcome in order to benefit fully from this new computing exemplar. Breach in the security of any component in the cloud can be both disaster for the organization (the customer) and defacing for the provider. This paper explores the security issues related to the cloud. The paper also discusses the existing security approaches to secure the cloud infrastructure and applications and their drawbacks. Finally, we explore some key research challenges of implementing new cloud-aware security solutions that can provide the likes of pre-emptive protection for complex and ever dynamic Cloud infrastructure, followed by conclusion where we try to entail the whole research and try to formulate a security strategy which will enable the Cloud providers and customers alike to fight against ever emerging security threats. View full abstract»

Summary form only given. Secure Multiparty Computation (SMC) allows multiple parties to perform computation on their private data to evaluate some function of their common interest. In this paradigm the individual data should be kept secret from other parties and the result of the computation should be available to all the parties. This subject of information security has created enormous interest among researchers. Many SMC models were devised and analyzed. The subject is becoming more relevant in this scenario of huge online transactions on the Internet. Many solutions, from earlier Millionaires Problem to recent Anonymity based computation on encrypted data are available in the literature. Cloud Computing is a paradigm shift from the distributed computing where an organization uses resources as service. This is a sort of "utility computing" where you pay-as-you-go like electricity bill. Cloud providers are the companies which manage large datacenters and have expertise of operating these datacenters. Cloud users are the organizations which use services from providers. Cloud users need not to deploy computing resources at their site. These resources are available from the cloud providers on utility basis and charged on usage basis. Thus an organization can improve efficiency while minimizing the expenditure and the operation overhead. They can focus on their core competencies. In this paradigm users send their data to the provider for computation and the result is provided by the provider. Many companies like Amazon, Google, IBM etc. are already in the market working as the cloud provider. As the services are gaining more popularity, concerns regarding the privacy of these data are also arising. They users of the cloud are worrying about the privacy of their data that has been supplied to the cloud provider. The solutions to these problems can be provided by the protocols of the SMC. In this tutorial, we propose SMC solution techniques that can be embedded while - esigning architecture of cloud computing especially when multiple cloud providers or multiple cloud users jointly compute some function of their private data inputs. Each of the users or providers of the cloud is worried about the privacy of the individual data but due to the mutual interest all of them want to know the value of the common function. With our experience of developing protocols and devising algorithms for various SMC problems we anticipate a crucial role of SMC in cloud computing. For example consider a case where multiple cloud users jointly work on a project and utilize the services of the same cloud provider. All of them want to simultaneously evaluate their equations without revealing individual equations to one another. In such scenarios the SMC solutions can be highly useful to provide privacy. In this tutorial, we explore such scenarios while discussing various protocols of SMC and their applicability in cloud computing. View full abstract»

With rapid development of cloud computing, the need for an architecture to follow in developing cloud computing applications is necessary. Existing architectures lack the way cloud applications are developed. They focus on clouds' structure and how to use clouds as a tool in developing cloud computing applications rather than focusing on how applications themselves are developed using clouds. This paper presents a survey on key cloud computing concepts, definitions, characteristics, development phases, and architectures. Also, it proposes and describes a novel architecture, which aid developers to develop cloud computing applications in a systematic way. It discusses how cloud computing transforms the way applications are developed/delivered and describes the architectural considerations that developers must take when adopting and using cloud computing technology. View full abstract»