Open Cloud Environment Research Articles

Runtime reliability fractional distribution change analytics against cloud-based systems DDoS attacks

With the help of the Software as a Service (SaaS) delivery model, the rapid advancement of cloud computing has become the most prevalent distributed computing paradigm. A large number of application vendors and developers choose to integrate cloud-hosted Application Program Interfaces (APIs) into their systems as system components to construct new and value-added cloud-based systems. When executed in an open cloud environment, each system component is constantly at risk of Distributed Denial of Service (DDoS) attacks. Such cloud-based systems are challenged by reliability fluctuations when a system component is attacked. A change in the reliability of the remote system components, e.g., performance decline or runtime anomalies, can threaten the stability of the entire cloud-based system. To enable timely reliability assurance against cloud-based systems DDoS attacks, it is necessary to analyze runtime reliability of its system components. In this paper, we formally present a new model for evaluating the reliability of the system components based on concept drift. Based on the model, we propose a novel method named runtime reliability anomaly detection (RAD), leveraging the Singular Value Decomposition (SVD) technique. RAD analyzes the reliability of a system component during its operation by detecting peaks in Fractional Distribution Change (FDC) within its reliability time series data. Specifically, it calculates the Jensen Shannon divergence between historical and up-to-date reliability data streams, based on feature vectors that are dimensionality-reduced using SVD. The results of extensive experiments conducted on two public cloud APIs performance datasets demonstrate the effectiveness and efficiency of RAD.

Enhanced Symmetric Convergent Encryption for Secured Data Deduplication in Cloud

Cloud storage is a virtual setting that includes an amazing amount of processing power. The resources are in a state where they can serve users. Cloud data centres are the locations where all of this computing is maintained. In order to produce high-performance computing, the data centre houses a sizable number of powerful computers and servers connected to one another. The physical computer resources housed in the cloud data centre are accessible to the user via virtualization. To provide a convergent encryption method that will enhance data security while reducing deduplication's impact on security, encryption, and decryption times. Convergent encryption is used to prevent duplicating data, but the key used to encrypt data for the first time is kept up to date and distributed to all users who have same or closely related content of data to upload to the cloud storage. In an open cloud environment, it's crucial to distribute the key to all users. When using cloud storage services, users encountered numerous issues.

Message sharing scheme based on edge computing in IoV.

With the rapid development of 5G wireless communication and sensing technology, the Internet of Vehicles (IoV) will establish a widespread network between vehicles and roadside infrastructure. The collected road information is transferred to the cloud server with the assistance of roadside infrastructure, where it is stored and made available to other vehicles as a resource. However, in an open cloud environment, message confidentiality and vehicle identity privacy are severely compromised, and current attribute-based encryption algorithms still burden vehicles with large computational costs. In order to resolve these issues, we propose a message-sharing scheme in IoV based on edge computing. To start, we utilize attribute-based encryption techniques to protect the communications being delivered. We introduce edge computing, in which the vehicle outsources some operations in encryption and decryption to roadside units to reduce the vehicle's computational load. Second, to guarantee the integrity of the message and the security of the vehicle identity, we utilize anonymous identity-based signature technology. At the same time, we can batch verify the message, which further reduces the time and transmission of verifying a large number of message signatures. Based on the computational Diffie-Hellman problem, it is demonstrated that the proposed scheme is secure under the random oracle model. Finally, the performance analysis results show that our work is more computationally efficient compared to existing schemes and is more suitable for actual vehicle networking.

PPMCK: Privacy-preserving multi-party computing for K-means clustering

The powerful resource advantage of the cloud provides a suitable computing environment for data processing. By transferring local computing to the cloud, the efficiency of data processing can be improved. However, the open cloud environment has defects in data privacy-preserving. In order to strengthen the protection of data privacy and ensure the security of multi-party interaction, we propose a privacy-preserving multi-party computing scheme for K-means clustering (PPMCK). PPMCK can preserve data privacy in the cloud and in the local side for each party from multi-party computing. In addition, PPMCK uses homomorphic encryption to protect data privacy. To support the division operation and ciphertext value size comparison with which homomorphic encryption cannot handle, the corresponding measurements are adopted, which make homomorphic encryption work smoothly. The experimental results demonstrate that PPMCK is effective in both data processing and privacy-preserving.

Attribute-Based Secure Announcement Sharing Among Vehicles Using Blockchain

Vehicles gather data collected by sensor nodes, combined with messages obtained from the other nodes in vehicular ad hoc networks (VANETs), to achieve safe driving. An announcement type of message is sent in the VANET; it is collected by mobile vehicles, uploaded to a cloud server for storage, and provided to other vehicles for reference. However, in an open cloud environment, plaintext data are vulnerable to unauthorized access and even malicious tampering. To solve this issue, we propose an attribute-based encryption algorithm using blockchain, which is maintained by a roadside unit (RSU). The uploader’s symmetric key is recorded on the blockchain, and all uploaded and accessed transactions are recorded for auditing. Our scheme can achieve the function of securely accessing different types of announcement messages according to different vehicle attributes. Security analysis and experimental results indicate that our scheme has achieved a balance between security and efficiency.

Linked Semantic Model for Information Resource Service Toward Cloud Manufacturing

Information resource services are the key element for resource sharing in cloud manufacturing. Traditional resource service models focus on modeling the attributes, interfaces, and descriptions of the resources into resource information services. Such resource services are suitable for local environment but suffer semantic heterogeneities in open cloud environment. Recently, well-designed ontologies are applied in resource service models to unify the schema and eliminate the semantic heterogeneities among the services. However, the effectiveness of ontology-based models mainly depends on the expertise of the ontology experts in ontology designing. Moreover, it is difficult to catch the dynamic changes in the cloud once the ontology has been embedded. In this paper, a semantic model is presented for information resource service modeling that uses semantic links instead of ontologies. The model takes advantage of semantic links to enable automated integrating and distributed updating in resource service cloud. In the experiment, the model is applied on practical manufacturing resources from a wheel manufacturing company. The case study and experimental results show that the proposed model is suitable for modeling manufacturing resources into cloud services and enables the flexible and distributed manipulation on resource services in the cloud environment.

Secure open cloud in data transmission using reference pattern and identity with enhanced remote privacy checking

To handle the large amount of client’s data in open cloud lots of security issues need to be address. Client’s privacy should not be known to other group members without data owner’s valid permission. Sometime clients are fended to have accessing with open cloud servers due to some restrictions. To overcome the security issues and these restrictions related to storing, data sharing in an inter domain network and privacy checking, we propose a model in this paper which is based on an identity based cryptography in data transmission and intermediate entity which have client’s reference with identity that will take control handling of data transmission in an open cloud environment and an extended remote privacy checking technique which will work at admin side. On behalf of data owner’s authority this proposed model will give best options to have secure cryptography in data transmission and remote privacy checking either as private or public or instructed. The hardness of Computational Diffie–Hellman assumption algorithm for key exchange makes this proposed model more secure than existing models which are being used for public cloud environment.

An Ideal Design and Way Out for Various Service Interoperability and Integration in Open Cloud Environment

An Ideal Design and Way Out for Various Service Interoperability and Integration in Open Cloud Environment

Refined game-theoretic approach to improve authenticity of outsourced databases

The verifiable database (VDB) model is characterized by the fact that the database owner, a computationally weak client, delegates the database management to a database service provider on the cloud, which is considered untrusted third party. In this model, users can query the data and verify the integrity of query results. Motivated by the desire to reduce the computational cost and communication overhead of such a verification process, and to support sophisticated query types, such as aggregated queries, some recent VDB approaches used randomized periodic verifications. These new approaches dedicate a new entity called verifier, whose responsibility is to perform the verification process instead of database users. To improve the randomization effectiveness of the verification operations, our previous work has employed game theory and modeled the VDB problem as a leader–follower Stackelberg security game. The model aimed to randomize what database tables to verify at each verification moment. The main problem of this work is its limitation to only one attacker type, which limits its deployment in real and open cloud environments. In this paper, we extend and refine the Stackelberg security game to be a Bayesian security game which further optimizes the mixed strategy of the verifier by considering multiple follower types. Moreover, we analyze the need for randomization of verification moments and identify the best method allowing us to achieve this randomization. Furthermore, we describe and discuss in detail the implementation settings of each component involved in the model. We have implemented and tested the performance of the Bayesian game model against the single follower-type model and the uniform randomization model. Experiment results show that the Bayesian game model performs better when dealing with multiple attacker types.

Simple Practice Based on the Platform Design for Smart TV & N-Screen Services in Open Cloud Environment

Simple Practice Based on the Platform Design for Smart TV & N-Screen Services in Open Cloud Environment

Cryptographic Cloud Computing Environment as a More Trusted Communication Environment

Cloud Communication Environment is an internet-based computing, where shared resources, software, and information are provided with computers and devices on-demand. They guarantee a way to share distributed resources and services that belong to different organizations. In order to develop cloud computing applications, security and trust to share data through distributed resources must be assured. This paper offers a study of the different mechanisms used in open cloud environments such as keys generation and management, and encryption/decryption algorithms. In addition, the paper proposes a new cryptographic environment, annotated as “CCCE” that deploys the combination between quantum key distribution mechanisms (QKD) and advanced encryption standard (AES), and demonstrates how quantum mechanics can be applied to improve computation.