An Efficient Framework for a Third Party Auditor in Cloud Computing Environments

2019 ◽  
Vol 63 (9) ◽  
pp. 1285-1297 ◽  
Author(s):  
S Mahdavi-Hezavehi ◽  
Y Alimardani ◽  
R Rahmani
Keyword(s):  
Service Providers ◽  
Cloud Service ◽  
Service Level ◽  
Cloud Services ◽  
Third Party ◽  
Cloud Environment ◽  
Cloud Service Providers ◽  
Cloud Environments ◽  
Cost Efficient ◽  
Monitoring Service

Abstract Cloud Service Providers supply services to clients in terms of their demands. They need to be constantly under monitoring for their services with respect to consensus agreements between clients and service providers. A Third Party Auditor or TPA as a trusted organization appears to be necessary to monitor executing agreements of cloud services. Using a third party as an extra component creates cost overheads for clients in a cloud environment. Thus, introducing a cost efficient framework for a cloud environment which includes a third party is an eminent achievement to make a TPA feasible and practical in cloud environments. In this paper, we propose a TPA framework for monitoring service level agreements between cloud service providers and cloud clients using several cloud resources. This framework employs different types of service deployments from various cloud service providers excluding the cloud service provider which is being monitored. Then, we demonstrate that the framework can mitigate costs of a third party auditor in a cloud environment. Simulations of trends for costs exhibits cost efficiency of at least forty percent over ten years when a TPA follows our proposed framework in comparison to other frameworks. Finally, we provide an analysis to compare characteristics of our framework with other frameworks and discuss the advantages of our proposed framework. Our results indicate that TPA as a component of the framework not only reduces overall costs of its presentation in a cloud environment but additionally improves management efficiency and security.

scholarly journals Addressing Semantics Standards for Cloud Portability and Interoperability in Multi Cloud Environment

Symmetry ◽  
2021 ◽  
Vol 13 (2) ◽  
pp. 317
Author(s):  
Chithambaramani Ramalingam ◽  
Prakash Mohan
Keyword(s):  
Service Providers ◽  
Research Work ◽  
Cloud Service ◽  
Cloud Services ◽  
Cloud Environment ◽  
Cloud Service Providers ◽  
Application Programming ◽  
Increasing Demand ◽  
Programming Interfaces ◽  
Multi Cloud

The increasing demand for cloud computing has shifted business toward a huge demand for cloud services, which offer platform, software, and infrastructure for the day-to-day use of cloud consumers. Numerous new cloud service providers have been introduced to the market with unique features that assist service developers collaborate and migrate services among multiple cloud service providers to address the varying requirements of cloud consumers. Many interfaces and proprietary application programming interfaces (API) are available for migration and collaboration services among cloud providers, but lack standardization efforts. The target of the research work was to summarize the issues involved in semantic cloud portability and interoperability in the multi-cloud environment and define the standardization effort imminently needed for migrating and collaborating services in the multi-cloud environment.

SLA (Service Level Agreement) Driven Orchestration Based New Methodology for Cloud Computing Services

2013 ◽  
Vol 660 ◽  
pp. 196-201 ◽  
Author(s):  
Muhammad Irfan ◽  
Zhu Hong ◽  
Nueraimaiti Aimaier ◽  
Zhu Guo Li
Keyword(s):  
Cloud Computing ◽  
Computer Science ◽  
Service Providers ◽  
Service Level Agreement ◽  
Cloud Service ◽  
Service Level ◽  
Cloud Services ◽  
Computing Services ◽  
Cloud Service Providers ◽  
Cloud Computing Services

Cloud Computing is not a revolution; it’s an evolution of computer science and technology emerging by leaps and bounds, in order to merge all computer science tools and technologies. Cloud Computing technology is hottest to do research and explore new horizons of next generations of Computer Science. There are number of cloud services providers (Amazon EC2), Rackspace Cloud, Terremark and Google Compute Engine) but still enterprises and common users have a number of concerns over cloud service providers. Still there is lot of weakness, challenges and issues are barrier for cloud service providers in order to provide cloud services according to SLA (Service Level agreement). Especially, service provisioning according to SLAs is core objective of each cloud service provider with maximum performance as per SLA. We have identified those challenges issues, as well as proposed new methodology as “SLA (Service Level Agreement) Driven Orchestration Based New Methodology for Cloud Computing Services”. Currently, cloud service providers are using “orchestrations” fully or partially to automate service provisioning but we are trying to integrate and drive orchestration flows from SLAs. It would be new approach to provision cloud service and deliver cloud service as per SLA, satisfying QoS standards.

scholarly journals A Study on Federated Cloud Computing Environment

2021 ◽  
Vol 10 (2) ◽  
pp. 187-193
Author(s):  
Sapana Sanjay Bhuskute ◽  
◽  
Sujata Kadu ◽  
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Geographical Location ◽  
Cloud Service ◽  
Service Level ◽  
Research Area ◽  
Future Research ◽  
Cloud Environment ◽  
Computing Paradigm ◽  
Cloud Service Providers

Federated cloud computing is the advancement in the area of the general cloud computing paradigm. In a federated cloud environment, multiple cloud service providers share their computing assets, servers, and various facilities to fulfill customer demands. Federated cloud computing terminology consists of the aggregation of services considered by interoperability characteristics and creates the integration of several cloud service providers regardless of any geographical location. It improves the performance, utilization of facilities, minimizes response time and pricing model by partial subcontracting various computing resources and facilities from the nearby cost-efficient province. Customers also get profited from service level agreements signed between the cloud service providers through intermediator cloud brokers. This work aims to survey the federated cloud environment, its various architectural types, advantages associated with the federation, challenges associated with a federated cloud environment, and future research directions in the federated cloud computing research area.

scholarly journals A Generic Model for Identifying QoS Parameters Interrelations in Cloud Services Selection Ontology during Runtime

Symmetry ◽  
2021 ◽  
Vol 13 (4) ◽  
pp. 563
Author(s):  
Babu Rajendiran ◽  
Jayashree Kanniappan
Keyword(s):  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Operating Costs ◽  
Generic Model ◽  
Business Organizations ◽  
Cloud Environment ◽  
Cloud Service Provider ◽  
Qos Parameters ◽  
Computer Based

Nowadays, many business organizations are operating on the cloud environment in order to diminish their operating costs and to select the best service from many cloud providers. The increasing number of Cloud Services available on the market encourages the cloud consumer to be conscious in selecting the most apt Cloud Service Provider that satisfies functionality, as well as QoS parameters. Many disciplines of computer-based applications use standardized ontology to represent information in their fields that indicate the necessity of an ontology-based representation. The proposed generic model can help service consumers to identify QoS parameters interrelations in the cloud services selection ontology during run-time, and for service providers to enhance their business by interpreting the various relations. The ontology has been developed using the intended attributes of QoS from various service providers. A generic model has been developed and it is tested with the developed ontology.

scholarly journals АНАЛИЗ ПОДХОДОВ К ОБЕСПЕЧЕНИЮ БЕЗОПАСНОСТИ ОБЛАЧНЫХ СЕРВИСОВ

2020 ◽  
pp. 70-82
Author(s):  
Вячеслав Вікторович Фролов
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Geographical Location ◽  
Cloud Service ◽  
Cloud Services ◽  
Cloud Infrastructure ◽  
Critical System ◽  
Cloud Service Providers ◽  
Safety And Reliability ◽  
Cloud Resources

The article is devoted to the analysis of modern approaches that ensure the security of cloud services. Since cloud computing is one of the fastest growing areas among information technology, it is extremely important to ensure the safety and reliability of processes occurring in the clouds and to secure the interaction between the client and the provider of cloud services. Given that fears about data loss and their compromise are one of the main reasons that some companies do not transfer their calculations to the clouds. The object of research and analysis of this work are cloud services, which are provided by various cloud service providers. The aim of the study of this work is to compare existing approaches that provide information security for cloud services, as well as offer a new approach based on the principle of diversity. There are many approaches that ensure their safety, using both traditional and cloud-specific. The multi-cloud approach is one of the most promising strategies for improving reliability by reserving cloud resources on the servers of various cloud service providers. It is shown that it is necessary to use diversity to ensure the reliability and safety of critical system components. The principle of diversity is to use a unique version of each resource thanks to a special combination of a cloud computing provider, the geographical location of data centers, cloud service presentation models, and cloud infrastructure deployment models. The differences between cloud providers and which combination of services are preferable to others in terms of productivity are discussed in detail. In addition, best practices for securing cloud resources are reviewed. As a result, this paper concludes that there is a problem of insufficient security and reliability of cloud computing and how to reduce threats in order to avoid a common cause failure and, as a result, loss of confidential data or system downtime using diversity of cloud services.

scholarly journals Selection of optimal data placement using cloud infrastructure

2021 ◽  
pp. 34-42
Author(s):  
Vladimir Meikshan ◽  
◽  
Natalia Teslya ◽  
Keyword(s):  
Mathematical Model ◽  
Data Storage ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Information Storage ◽  
Cloud Infrastructure ◽  
Digital Ecosystem ◽  
Cloud Service Providers ◽  
The Cost

Benefits of using cloud technology are obvious, their application is expanding, as a result, it determines the steady growth of demand. Cloud computing has acquired particular relevance for large companies connected with Internet services, retailing, logistics that generate large volume of business and other information. The use of cloud technologies allows organizing the joint consumption of resources, solving the problems of storing and transferring significant amounts of data. Russian consumer cooperation refers to large territory distributed organizations actively forming their own digital ecosystem. The issue of data storing and processing for consumer coo-peration organizations is very relevant. At the same time, the prices of cloud service providers are significantly different and require solving the problem of minimizing the cost of storing and transferring significant amounts of data. The application of the linear programming method is considered to select the optimal data storage scheme for several cloud service providers having different technical and economic parameters of the package (maximum amount of storage, cost of allocated resources). Mathematical model includes the equation of costs for data storing and transferring and restrictions on the amount of storage, the amount of data and its safety. Software tool that allows to perform numerical calculations is selected Microsoft Excel in combination with the "search for solutions" add-on. In accordance with the mathematical model, the conditions for minimizing the amount of cloud storage costs and the necessary restrictions are established. Initial data are set for three data forming centers, storages of certain size for five cloud service providers and nominal price for information storage and transmission. Calculations of expenses are performed in several variants: without optimization, with the solution of the optimization problem, with price increase by cloud service providers. Results of the calculations confirm the necessity to solve the problem of minimizing the cost of cloud services for corporate clients. The presented model can be expanded for any cost conditions as well as for different areas of cloud applications.

Broker-based optimization of SLA negotiations in cloud computing

2021 ◽  
Vol 17 (2) ◽  
pp. 179-195
Author(s):  
Priyanka Bharti ◽  
Rajeev Ranjan ◽  
Bhanu Prasad
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Service Level Agreement ◽  
Cloud Service ◽  
Service Level ◽  
Cloud Environment ◽  
Negotiation Strategies ◽  
Sla Negotiation ◽  
Conflicting Interests ◽  
The Impact

Cloud computing provisions and allocates resources, in advance or real-time, to dynamic applications planned for execution. This is a challenging task as the Cloud-Service-Providers (CSPs) may not have sufficient resources at all times to satisfy the resource requests of the Cloud-Service-Users (CSUs). Further, the CSPs and CSUs have conflicting interests and may have different utilities. Service-Level-Agreement (SLA) negotiations among CSPs and CSUs can address these limitations. User Agents (UAs) negotiate for resources on behalf of the CSUs and help reduce the overall costs for the CSUs and enhance the resource utilization for the CSPs. This research proposes a broker-based mediation framework to optimize the SLA negotiation strategies between UAs and CSPs in Cloud environment. The impact of the proposed framework on utility, negotiation time, and request satisfaction are evaluated. The empirical results show that these strategies favor cooperative negotiation and achieve significantly higher utilities, higher satisfaction, and faster negotiation speed for all the entities involved in the negotiation.

An Analysis on the Terms and Conditions of the Clickwrap Agreement and the Benefits of Maintaining the Click Wrap Agreement in Cloud Computing

2022 ◽  
pp. 205-224
Author(s):  
Dhiviya Ram
Keyword(s):  
Cloud Computing ◽  
Service Provider ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
End User ◽  
Cloud Service Provider ◽  
Novel Approach ◽  
Cloud Service Providers ◽  
Provider Perspective

One of the most unique forms of contracting is apparent in cloud computing. Cloud computing, unlike other conventional methods, has adopted a different approach in the formation of binding contract that will be used for the governance of the cloud. This method is namely the clickwrap agreement. Click wrap agreement follows a take it or leave it basis in which the end users are provided with limited to no option in terms of having a say on the contract that binds them during the use of cloud services. The terms found in the contract are often cloud service provider friendly and will be less favourable to the end user. In this article, the authors examine the terms that are often found in the cloud computing agreement as well as study the benefit that is entailed in adopting this contracting method. This chapter has undertaken a qualitative study that comprises interviews of cloud service providers in Malaysia. Hence, this study is a novel approach that also provides insight in terms of the cloud service provider perspective regarding the click wrap agreement.

scholarly journals Heterogeneous Cross-Domain Identity Authentication Scheme Based on Proxy Resignature in Cloud Environment

2020 ◽  
Vol 2020 ◽  
pp. 1-12
Author(s):  
Yongyang Lv ◽  
Wenju Liu ◽  
Ze Wang
Keyword(s):  
Simulation Experiment ◽  
Service Providers ◽  
Cloud Service ◽  
Identity Authentication ◽  
Cloud Environment ◽  
Cross Domain ◽  
Replay Attacks ◽  
Man In The Middle ◽  
Cloud Service Providers ◽  
Computing Performance

Based on proxy resignature, the signature transformation between trust domains of different cryptographic systems is realized with the help of the cloud authentication center, so as to achieve cross-domain access between users and cloud service providers in heterogeneous environment. Hierarchical ID tree realizes the uniqueness of identity in communication, and the security of heterogeneous cross-domain identity authentication is enhanced by the two-factor authentication of “password + key” and temporary identity replacing real identity. The security of the scheme is proved under the CK model, which can anonymously trace entity identity, resist replay attacks, replacement attacks, and man-in-the-middle attacks, and the simulation experiment is carried out. By searching it in related fields, no paper on heterogeneous cross-domain identity authentication based on proxy resignature has been published yet. The results of this paper show that the proposed scheme has better computing performance and higher security.

scholarly journals Secure and Selective Cloud Data Auditing using Deep Machine Learning

2019 ◽  
Vol 9 (2) ◽  
pp. 5471-5479
Keyword(s):  
Machine Learning ◽  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Third Party ◽  
Cloud Data ◽  
Data Centre ◽  
Cloud Service Providers ◽  
Characteristics Analysis ◽  
Data Centres

The tradition of moving applications, data to be consumed by the applications and the data generated by the applications is increasing and the increase is due to the advantages of cloud computing. The advantages of cloud computing are catered to the application owners, application consumers and at the same time to the cloud datacentre owners or the cloud service providers also. Since IT tasks are vital for business progression, it for the most part incorporates repetitive or reinforcement segments and framework for power supply, data correspondences associations, natural controls and different security gadgets. An extensive data centre is a mechanical scale task utilizing as much power as a community. The primary advantage of pushing the applications on the cloud-based data centres are low infrastructure maintenance with significant cost reduction for the application owners and the high profitability for the data centre cloud service providers. During the application migration to the cloud data centres, the data and few components of the application become exposed to certain users. Also, the applications, which are hosted on the cloud data centres must comply with the certain standards for being accepted by various application consumers. In order to achieve the standard certifications, the applications and the data must be audited by various auditing companies. Few of the cases, the auditors are hired by the data centre owners and few of times, the auditors are engaged by application consumers. Nonetheless, in both situations, the auditors are third party and the risk of exposing business logics in the applications and the data always persists. Nevertheless, the auditor being a third-party user, the data exposure is a high risk. Also, in a data centre environment, it is highly difficult to ensure isolation of the data from different auditors, who may not be have the right to audit the data. Significant number of researches have attempted to provide a generic solution to this problem. However, the solutions are highly criticized by the research community for making generic assumptions during the permission verification process. Henceforth, this work produces a novel machine learning based algorithm to assign or grant audit access permissions to specific auditors in a random situation without other approvals based on the characteristics of the virtual machine, in which the application and the data is deployed, and the auditing user entity. The results of the proposed algorithm are highly satisfactory and demonstrates nearly 99% accuracy on data characteristics analysis, nearly 98% accuracy on user characteristics analysis and 100% accuracy on secure auditor selection process

Sign in / Sign up

Export Citation Format

Share Document