CacheInspector

Infrastructure-as-a-Service cloud providers sell virtual machines that are only specified in terms of number of CPU cores, amount of memory, and I/O throughput. Performance-critical aspects such as cache sizes and memory latency are missing or reported in ways that make them hard to compare across cloud providers. It is difficult for users to adapt their application’s behavior to the available resources. In this work, we aim to increase the visibility that cloud users have into shared resources on public clouds. Specifically, we present CacheInspector , a lightweight runtime that determines the performance and allocated capacity of shared caches on multi-tenant public clouds. We validate CacheInspector ’s accuracy in a controlled environment, and use it to study the characteristics and variability of cache resources in the cloud, across time, instances, availability regions, and cloud providers. We show that CacheInspector ’s output allows cloud users to tailor their application’s behavior, including their output quality, to avoid suboptimal performance when resources are scarce.

Download Full-text

eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology

Sensors ◽

10.3390/s18113807 ◽

2018 ◽

Vol 18 (11) ◽

pp. 3807 ◽

Cited By ~ 3

Author(s):

Haonan Sun ◽

Rongyu He ◽

Yong Zhang ◽

Ruiyun Wang ◽

Wai Hung Ip ◽

...

Keyword(s):

Virtual Machines ◽

Trusted Computing ◽

Information Leakage ◽

Research Topic ◽

Cloud Environment ◽

Cloud Platform ◽

Computing Technology ◽

Security Issues ◽

Runtime Environment ◽

Cloud Users

Today cloud computing is widely used in various industries. While benefiting from the services provided by the cloud, users are also faced with some security issues, such as information leakage and data tampering. Utilizing trusted computing technology to enhance the security mechanism, defined as trusted cloud, has become a hot research topic in cloud security. Currently, virtual TPM (vTPM) is commonly used in a trusted cloud to protect the integrity of the cloud environment. However, the existing vTPM scheme lacks protections of vTPM itself at a runtime environment. This paper proposed a novel scheme, which designed a new trusted cloud platform security component, ‘enclave TPM (eTPM)’ to protect cloud and employed Intel SGX to enhance the security of eTPM. The eTPM is a software component that emulates TPM functions which build trust and security in cloud and runs in ‘enclave’, an isolation memory zone introduced by SGX. eTPM can ensure its security at runtime, and protect the integrity of Virtual Machines (VM) according to user-specific policies. Finally, a prototype for the eTPM scheme was implemented, and experiment manifested its effectiveness, security, and availability.

Download Full-text

Semi-Markov's models for availability assessment of an Infrastructure as a Service Cloud with multiple pools of physical and virtual machines

2018 IEEE 9th International Conference on Dependable Systems, Services and Technologies (DESSERT) ◽

10.1109/dessert.2018.8409107 ◽

2018 ◽

Cited By ~ 1

Author(s):

Oleg Ivanchenko ◽

Vyacheslav Kharchenko ◽

Borys Moroz ◽

Leonid Kabak ◽

Kyrylo Smoktii

Keyword(s):

Virtual Machines ◽

Infrastructure As A Service ◽

Availability Assessment ◽

Service Cloud

Download Full-text

A New Conception of Load Balancing in Cloud Computing Using Tasks Classification Levels

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2018100107 ◽

2018 ◽

Vol 8 (4) ◽

pp. 118-133 ◽

Cited By ~ 1

Author(s):

Fahim Youssef ◽

Ben Lahmar El Habib ◽

Rahhali Hamza ◽

Labriji El Houssine ◽

Eddaoui Ahmed ◽

...

Keyword(s):

Load Balancing ◽

Data Center ◽

Execution Time ◽

Data Centers ◽

Virtual Machines ◽

Service Providers ◽

Cloud Service ◽

Mathematical Functions ◽

Worst Case ◽

Cloud Users

Cloud users can have access to the service based on “pay as you go.” The daily increase of cloud users may decrease the performance, the availability and the profitability of the material and software resources used in cloud service. These challenges were solved by several load balancing algorithms between the virtual machines of the data centers. In order to determine a new load balancing improvement; this article's discussions will be divided into two research axes. The first, the pre-classification of tasks depending on whether their characteristics are accomplished or not (Notion of Levels). This new technique relies on the modeling of tasks classification based on an ascending order using techniques that calculate the worst-case execution time (WCET). The second, the authors choose distributed datacenters between quasi-similar virtual machines and the modeling of relationship between virtual machines using the pre-scheduling levels is included in the data center in terms of standard mathematical functions that controls this relationship. The key point of the improvement, is considering the current load of the virtual machine of a data center and the pre-estimation of the execution time of a task before any allocation. This contribution allows cloud service providers to improve the performance, availability and maximize the use of virtual machines workload in their data centers.

Download Full-text

Adaptive multilevel fuzzy-based authentication framework to mitigate Cache side channel attack in cloud computing

International Journal of Modeling Simulation and Scientific Computing ◽

10.1142/s1793962318500459 ◽

2018 ◽

Vol 09 (05) ◽

pp. 1850045 ◽

Cited By ~ 1

Author(s):

Bharati Ainapure ◽

Deven Shah ◽

A. Ananda Rao

Keyword(s):

Cloud Computing ◽

Private Information ◽

Privacy Preservation ◽

Virtual Machines ◽

Fuzzy Rule ◽

Data Access ◽

Side Channel ◽

Side Channel Attack ◽

Side Channel Attacks ◽

Cloud Providers

Cloud computing supports multitenancy to satisfy the users’ demands for accessing resources and simultaneously it increases revenue for cloud providers. Cloud providers adapt multitenancy by virtualizing the resources, like CPU, network interfaces, peripherals, hard drives and memory using hypervisor to fulfill the demand. In a virtualized environment, many virtual machines (VMs) can run on the same core with the help of the hypervisor by sharing the resources. The VMs running on the same core are the target for the malicious or abnormal attacks like side channel attacks. Among various side channel attacks in cloud computing, cache-based side channel attack is one that leaks private information of the users based on the shared resources. Here, as the shared resource is the cache, a process can utilize the cache usage of another by cache contention. Cache sharing provides a way for the attackers to gain considerable information so that the key used for encryption can be inferred. Discovering this side channel attack is a challenging task. This requires identification of a feature that influences the attack. Even though there are various techniques available in the literature to mitigate such attacks, an effective solution to reduce the cache-based side channel attack is still an issue. Therefore, a novel fuzzy rule-based mechanism is integrated to detect the cache side channel attackers by monitoring the cache data access (CDA). The factor that determines the attack is CDA in a log file created by the framework during authorization. The proposed framework also utilizes certain security properties including ECC and hashing for the privacy preservation and the decision is made with the aid of a fuzzy logic system.

Download Full-text

Interoperable Resource Management for Establishing Federated Clouds

Achieving Federated and Self-Manageable Cloud Infrastructures ◽

10.4018/978-1-4666-1631-8.ch002 ◽

2012 ◽

pp. 18-35 ◽

Cited By ~ 7

Author(s):

Gabor Kecskemeti ◽

Attila Kertesz ◽

Attila Marosi ◽

Peter Kacsuk

Keyword(s):

Virtual Machine ◽

Virtual Machines ◽

Research Areas ◽

Computing Paradigm ◽

Virtual Appliance ◽

Service Deployment ◽

Cloud Providers ◽

Service Oriented ◽

Cloud Infrastructures ◽

Privately Owned

Cloud Computing builds on the latest achievements of diverse research areas, such as Grid Computing, Service-oriented computing, business process modeling and virtualization. As this new computing paradigm was mostly lead by companies, several proprietary systems arose. Recently, alongside these commercial systems, several smaller-scale privately owned systems are maintained and developed. This chapter focuses on issues faced by users with interests in Multi-Cloud use and by Cloud providers with highly dynamic workloads. The authors propose a Federated Cloud Management architecture that provides unified access to a federated Cloud that aggregates multiple heterogeneous IaaS Cloud providers in a transparent manner. The architecture incorporates the concepts of meta-brokering, Cloud brokering, and on-demand service deployment. The meta-brokering component provides transparent service execution for the users by allowing the interconnection of various Cloud brokering solutions. Cloud-Brokers manage the number and the location of the Virtual Machines performing the user requests. In order to decrease Virtual Machine instantiation time and increase dynamism in the system, the service deployment component optimizes service delivery by encapsulating services as virtual appliances allowing their decomposition and replication among IaaS Cloud infrastructures. The architecture achieves service provider level transparency through automatic virtual appliance replication and Virtual Machine management of Cloud-Brokers.

Download Full-text

An Infrastructure-as-a-Service Cloud

Principles, Methodologies, and Service-Oriented Approaches for Cloud Computing ◽

10.4018/978-1-4666-2854-0.ch013 ◽

2013 ◽

pp. 302-324 ◽

Cited By ~ 3

Author(s):

Weijia Song ◽

Zhen Xiao

Keyword(s):

Cloud Model ◽

Scale Up ◽

Resource Provisioning ◽

Prediction Algorithm ◽

Load Prediction ◽

Accounting Model ◽

Cloud Elasticity ◽

Business Customers ◽

Cloud Users ◽

Service Cloud

Cloud computing allows business customers to elastically scale up and down their resource usage based on needs. This feature eliminates the dilemma of planning IT infrastructures for Cloud users, where under-provisioning compromises service quality while over-provisioning wastes investment as well as electricity. It offers virtually infinite resource. It also made the desirable “pay as you go” accounting model possible. The above touted gains in the Cloud model come from on-demand resource provisioning technology. In this chapter, the authors elaborate on such technologies incorporated in a real IaaS system to exemplify how Cloud elasticity is implemented. It involves the resource provisioning technologies in hypervisor, Virtual Machine (VM) migration scheduler and VM replication. The authors also investigate the load prediction algorithm for its significant impacts on resource allocation.

Download Full-text

Hierarchical Scheduling Optimization Scheme in Hybrid Cloud Computing Environments

Journal of Circuits System and Computers ◽

10.1142/s021812661550111x ◽

2015 ◽

Vol 24 (08) ◽

pp. 1550111 ◽

Cited By ~ 1

Author(s):

Chunlin Li ◽

LaYuan Li

Keyword(s):

Virtual Machines ◽

Scheduling Algorithm ◽

Cloud Provider ◽

Hybrid Cloud ◽

Public Cloud ◽

Private Cloud ◽

Optimization Scheme ◽

Scheduling Optimization ◽

Hierarchical Scheduling ◽

Cloud Users

The paper proposes hierarchical scheduling optimization scheme in hybrid cloud. Our proposed hierarchical scheduling takes advantage of the interaction of cloud users, private cloud and public cloud. For high level optimization in hybrid cloud, the objective of public cloud provider optimization is to maximize the revenue of providing virtual machines (VMs) and minimize the energy cost. The private cloud users' applications give the unique optimal payment to public cloud providers under deadline and cost constraint to maximize the satisfaction of private cloud user applications. The objective of low-level scheduling optimization is to minimize the cost and execution time of private cloud application. From the simulation results, the revenue, execution success ratio and resource utilization of our proposed hierarchical scheduling algorithm are better than other related works.

Download Full-text

A Threshold-based Tournament Resource Allocation in Cloud Computing Environment

Asian Journal of Research in Computer Science ◽

10.9734/ajrcos/2021/v7i130169 ◽

2021 ◽

pp. 1-13

Author(s):

I. P. Oladoja ◽

O. S. Adewale ◽

S. A. Oluwadare ◽

E. O. Oyekanmi

Keyword(s):

Cloud Computing ◽

Virtual Machines ◽

Scheduling Algorithm ◽

Selection Probability ◽

Cloud Computing Environment ◽

High Resource ◽

Performance Requirements ◽

Tournament Selection ◽

Computing Environments ◽

Cloud Users

Cloud computing environments provide an apparition of infinite computing resources to cloud users so that they can increase or decrease resource consumption rate according to their demands. In the Cloud, computing resources need to be allocated and scheduled in a way that providers can achieve high resource utilization and users can meet their applications’ performance requirements with minimum expenditure. Due to these different intentions, there is the need to develop a scheduling algorithm to outperform appropriate allocation of tasks on resources. The paper focuses on the resource optimization using a threshold-based tournament selection probability for virtual machines used in the execution of tasks. The proposed approach was designed to create metatask and the proposed algorithm used was Median-Based improved Max-Min algorithm. The experimental results showed that the algorithm had better performance in terms of makespan, utilization of resources and throughput. The load balance of tasks was also fairly distributed on the two datacenters.

Download Full-text

Enhance the Security of Data Storage and Retrieval in Cloud Computing Through Authentication Based Encryption

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d9802.118419 ◽

2019 ◽

Vol 8 (4) ◽

pp. 11927-11931

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Virtual Machines ◽

Public Key ◽

Sensitive Data ◽

Cloud Data ◽

Finger Print ◽

Additional Level ◽

Cloud Users ◽

Cloud User

The digital computing infrastructure is rapidly moving towards cloud based architecture. The protection of data is becoming a difficult task in the current scenario as more and more confidential and sensitive data is stored in cloud environment and transmitted between cloud users. In a cloud computing environment, the entire data reside over a set of networked resources of remote servers and locations. These data has been accessed by unauthorized cloud users through virtual machines. To provide additional level of cloud data security, Biometric based authentication with encryption using public key cryptography is proposed in this paper. The proposed model Authentication Based Encryption (ABE) helps to enhance the security of data as well as the authentication of cloud user. The sensitive data is initially encrypted and then stored secretly with biometric finger print image. The resultant image is transmitted through the in-secured channel. However to avoid unauthorized access, the image is decomposed and stored in cloud separately as encrypted message and finger print. Before beginning the decryption process, the finger print of the cloud user is being compared with the stored image for authentication. If the match is found, the encrypted data is decrypted by the authenticated cloud user. Otherwise access to the data is denied to ensure security. Thus, the proposed framework provides an additional level of protection to public key algorithm with authentication

Download Full-text

IoT Edge Data Retrieval System for Big Data Analytics in Smart Retail Stores

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.e2722.039520 ◽

2020 ◽

Vol 9 (5) ◽

pp. 1615-1619

Keyword(s):

Big Data ◽

User Interfaces ◽

High Speed ◽

Virtual Machines ◽

Big Data Analytics ◽

Data Retrieval ◽

Retail Stores ◽

Cloud Platform ◽

Shared Resources ◽

Building Management

An IoT Edge system is to collect the sensor, set point and other device data with the help of micro controller and send those to IoT Hub via Edge Hub. The Building Management System (BMS) playing major role to control, communicate between various devices such as sensors, actuators with user interfaces, consumers and other technical devices. Commercial buildings like retail stores have two important systems called HVAC (Heating, Ventilating, and Air Conditioning) and refrigeration control. The proposed IoT Edge system collects the various device data via BAS and send it to IoT Hub. IoT Hub is a secure and two-way communication service system between the IoT Edge and the cloud platform where we can process telemetry data generated from sensor devices. IoT Edge helps to a computing near datasource. IoT Edge agent monitor and control all the modules running on it. With high speed internet connection users can access information and computational resources from anywhere in the world. Cloud platform can supply a range of Virtual machines with shared resources with big power and storage using inexpensive disks, which are much necessary for enterprise applications with Big Data. Disks.

Download Full-text