Admission Control in the Cloud

2014 ◽  
pp. 701-717
Author(s):  
Jose Luis Vazquez-Poletti ◽  
Rafael Moreno-Vozmediano ◽  
Ignacio M. Llorente
Keyword(s):  
Admission Control ◽  
Data Centers ◽  
Service Providers ◽  
Cloud Service ◽  
Service Level ◽  
Control Algorithms ◽  
Net Income ◽  
Business Decision ◽  
Definition Of ◽  
The Impact

Cloud computing is a paradigm that allows the flexible and on-demand provisioning of computing resources. For this reason, many institutions and enterprises have moved their data centers to the Cloud and, in particular, to public infrastructures. Unfortunately, an increase in the demand for Cloud results in resource shortages affecting both providers and consumers. With this factor in mind, Cloud service providers need Admission Control algorithms in order to make a good business decision on the types of requests to be fulfilled. Cloud providers have a desire to maximize the net income derived from provisioning the accepted service requests and minimize the impact of unprovisioned resources. This chapter introduces and compares Admission Control algorithms and proposes a service model that allows the definition of Service Level Agreements for the Cloud.

Broker-based optimization of SLA negotiations in cloud computing

2021 ◽  
Vol 17 (2) ◽  
pp. 179-195
Author(s):  
Priyanka Bharti ◽  
Rajeev Ranjan ◽  
Bhanu Prasad
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Service Level Agreement ◽  
Cloud Service ◽  
Service Level ◽  
Cloud Environment ◽  
Negotiation Strategies ◽  
Sla Negotiation ◽  
Conflicting Interests ◽  
The Impact

Cloud computing provisions and allocates resources, in advance or real-time, to dynamic applications planned for execution. This is a challenging task as the Cloud-Service-Providers (CSPs) may not have sufficient resources at all times to satisfy the resource requests of the Cloud-Service-Users (CSUs). Further, the CSPs and CSUs have conflicting interests and may have different utilities. Service-Level-Agreement (SLA) negotiations among CSPs and CSUs can address these limitations. User Agents (UAs) negotiate for resources on behalf of the CSUs and help reduce the overall costs for the CSUs and enhance the resource utilization for the CSPs. This research proposes a broker-based mediation framework to optimize the SLA negotiation strategies between UAs and CSPs in Cloud environment. The impact of the proposed framework on utility, negotiation time, and request satisfaction are evaluated. The empirical results show that these strategies favor cooperative negotiation and achieve significantly higher utilities, higher satisfaction, and faster negotiation speed for all the entities involved in the negotiation.

scholarly journals Assessing Threats and Vulnerable Attacks of Health Care Data in Cloud-Based Environment

2019 ◽  
Vol 8 (2) ◽  
pp. 567-573
Keyword(s):  
Information Systems ◽  
Access Control ◽  
Service Providers ◽  
Universal Access ◽  
Cloud Service ◽  
Medical Attention ◽  
Medical Systems ◽  
Medical Practitioners ◽  
Mandatory Requirement ◽  
The Impact

What: Healthcare industries have been unified with the advent of cloud computing and Internet of Medical Things in recent past. How: As simplicity in access and transfer of medical reports increased, so does the impact of losing potential information. Adopting a cloud environment has eased the work of medical practitioners and provided world class medical attention to patients from remote corners of a nation. It has added the responsibility of cloud service providers to improvise the existing standards for protecting information in a virtual platform. A number of benefits not limitedto universal access, advice from renowned medical experts for deciding on diagnosis plan, alerting patients and hospitals in real timeand reducing the workload of labor are achieved by cloud environments. Hospital Information Systems (HIS) are the evolved data forms maintained manually in medical institutions and they are preferred in a cloud platform to improve interoperability. The information carried in such medical systems possesses critical information about patients that need to be protected over transmission between independent environments. This becomes a mandatory requirement for designing and implementing an access control mechanism to identify intention of users who enter into the environment. Relaxations in access control architectures will compromise the security of entire architecture and practice. Why: Intention - Demand Tree is proposed in this paper to limit the access rights of users based on their roles, requirements and permissions to monitor the usage of Health Information Systems. Investigative results illustrate that the risks of losing credible information has been limited and convenient than previous standards.

Slicing, Tokenization, and Encryption Based Combinational Approach to Protect Data-at-Rest in Cloud Using TF-Sec Model

2020 ◽  
Vol 17 (12) ◽  
pp. 5296-5306
Author(s):  
N. Keerthana ◽  
Viji Vinod ◽  
Sudhakar Sengan
Keyword(s):  
Cloud Service ◽  
Service Level ◽  
Cloud Services ◽  
Erasure Coding ◽  
Cloud Data ◽  
Data Usage ◽  
Dispersion Technique ◽  
Definition Of ◽  
The Given ◽  
Cloud Users

Data in the Cloud, which applies to data as a cloud service provider (CSP), transmits stores, or manages it. The company will enforce the same definition of data usage while the data is resident within the enterprise and thus extend the required cryptographic security criteria to data collected, exchanged, or handled by CSP. The CSP Service Level Agreements cannot override the cryptographic access measures. When the data is transferred securely to CSP, it can be securely collected, distributed, and interpreted. Data at the rest position applies to data as it is processed internally in organized and in the unstructured ways like databases and file cabinets. The Data at the Rest example includes the use of cryptography for preserving the integrity of valuable data when processed. For cloud services, computing takes multiple forms from recording units, repositories, and many unstructured items. This paper presents a secure model for Data at rest. The TF-Sec model suggested is planned for use with Slicing, Tokenization, and Encryption. The model encrypts the given cloud data using AES 256 encryption, and then the encrypted block is sliced into the chunks of data fragments using HD-Slicer. Then it applies tokenization algorithm TKNZ to each chunk of data, applies erasure coding technique to tokens, applies the data dispersion technique to scramble encrypted data fragments, and allocates to storage nodes of the multiple CSP. In taking the above steps, this study aims to resolve the cloud security problems found and to guarantee the confidentiality of their data to cloud users due to encryption of data fragments would be of little benefit to a CSP.

Research on System Architecture to Provide Maximum Security, End User Device Independency and User Centric Control over Content in Cloud

2013 ◽  
Vol 4 (3) ◽  
pp. 38-52
Author(s):  
Sai Manoj Marepalli ◽  
Razia Sultana ◽  
Andreas Christ
Keyword(s):  
Cloud Computing ◽  
Detection System ◽  
Cloud Service ◽  
Service Level ◽  
Mobile Technologies ◽  
Communication Structure ◽  
Layered Architecture ◽  
Wide Range ◽  
The Impact ◽  
Cloud User

Cloud computing is the emerging technology providing IT as a utility through internet. The benefits of cloud computing are but not limited to service based, scalable, elastic, shared pool of resources, metered by use. Due to mentioned benefits the concept of cloud computing fits very well with the concept of m-learning which differs from other forms of e-learning, covers a wide range of possibilities opened up by the convergence of new mobile technologies, wireless communication structure and distance learning development. The concept of cloud computing like any other concept has not only benefits but also introduces myriad of security issues, such as transparency between cloud user and provider, lack of standards, security concerns related to identity, Service Level Agreements (SLA) inadequacy etc. Providing secure, transparent, and reliable services in cloud computing environment is an important issue. This paper introduces a secured three layered architecture with an advance Intrusion Detection System (advIDS), which overcomes different vulnerabilities on cloud deployed applications. This proposed architecture can reduce the impact of different attacks by providing timely alerts, rejecting the unauthorized access over services, and recording the new threat profiles for future verification. The goal of this research is to provide more control over data and applications to the cloud user, which are now mainly controlled by Cloud Service Provider (CSP).

A New Conception of Load Balancing in Cloud Computing Using Tasks Classification Levels

2018 ◽  
Vol 8 (4) ◽  
pp. 118-133 ◽  
Author(s):  
Fahim Youssef ◽  
Ben Lahmar El Habib ◽  
Rahhali Hamza ◽  
Labriji El Houssine ◽  
Eddaoui Ahmed ◽  
...  
Keyword(s):  
Load Balancing ◽  
Data Center ◽  
Execution Time ◽  
Data Centers ◽  
Virtual Machines ◽  
Service Providers ◽  
Cloud Service ◽  
Mathematical Functions ◽  
Worst Case ◽  
Cloud Users

Cloud users can have access to the service based on “pay as you go.” The daily increase of cloud users may decrease the performance, the availability and the profitability of the material and software resources used in cloud service. These challenges were solved by several load balancing algorithms between the virtual machines of the data centers. In order to determine a new load balancing improvement; this article's discussions will be divided into two research axes. The first, the pre-classification of tasks depending on whether their characteristics are accomplished or not (Notion of Levels). This new technique relies on the modeling of tasks classification based on an ascending order using techniques that calculate the worst-case execution time (WCET). The second, the authors choose distributed datacenters between quasi-similar virtual machines and the modeling of relationship between virtual machines using the pre-scheduling levels is included in the data center in terms of standard mathematical functions that controls this relationship. The key point of the improvement, is considering the current load of the virtual machine of a data center and the pre-estimation of the execution time of a task before any allocation. This contribution allows cloud service providers to improve the performance, availability and maximize the use of virtual machines workload in their data centers.

SLA (Service Level Agreement) Driven Orchestration Based New Methodology for Cloud Computing Services

2013 ◽  
Vol 660 ◽  
pp. 196-201 ◽  
Author(s):  
Muhammad Irfan ◽  
Zhu Hong ◽  
Nueraimaiti Aimaier ◽  
Zhu Guo Li
Keyword(s):  
Cloud Computing ◽  
Computer Science ◽  
Service Providers ◽  
Service Level Agreement ◽  
Cloud Service ◽  
Service Level ◽  
Cloud Services ◽  
Computing Services ◽  
Cloud Service Providers ◽  
Cloud Computing Services

Cloud Computing is not a revolution; it’s an evolution of computer science and technology emerging by leaps and bounds, in order to merge all computer science tools and technologies. Cloud Computing technology is hottest to do research and explore new horizons of next generations of Computer Science. There are number of cloud services providers (Amazon EC2), Rackspace Cloud, Terremark and Google Compute Engine) but still enterprises and common users have a number of concerns over cloud service providers. Still there is lot of weakness, challenges and issues are barrier for cloud service providers in order to provide cloud services according to SLA (Service Level agreement). Especially, service provisioning according to SLAs is core objective of each cloud service provider with maximum performance as per SLA. We have identified those challenges issues, as well as proposed new methodology as “SLA (Service Level Agreement) Driven Orchestration Based New Methodology for Cloud Computing Services”. Currently, cloud service providers are using “orchestrations” fully or partially to automate service provisioning but we are trying to integrate and drive orchestration flows from SLAs. It would be new approach to provision cloud service and deliver cloud service as per SLA, satisfying QoS standards.

scholarly journals Dolus : cyber defense using pretense against DDoS attacks in cloud platforms

2017 ◽  
Author(s):  
◽  
Roshan Lal Neupane
Keyword(s):  
Virtual Machines ◽  
Service Providers ◽  
Denial Of Service ◽  
Cloud Service ◽  
Cloud Services ◽  
Ddos Attacks ◽  
Child Play ◽  
Original Target ◽  
Multiple Network ◽  
The Impact

Cloud-hosted services are being increasingly used in online businesses in e.g., retail, healthcare, manufacturing, entertainment due to benefits such as scalability and reliability. These benefits are fueled by innovations in orchestration of cloud platforms that make them totally programmable as Software Defined everything Infrastructures (SDxI). At the same time, sophisticated targeted attacks such as Distributed Denial-of-Service (DDoS) are growing on an unprecedented scale threatening the availability of online businesses. In this thesis, we present a novel defense system called Dolus to mitigate the impact of DDoS attacks launched against high-value services hosted in SDxI-based cloud platforms. Our Dolus system is able to initiate a pretense in a scalable and collaborative manner to deter the attacker based on threat intelligence obtained from attack feature analysis in a two-stage ensemble learning scheme. Using foundations from pretense theory in child play, Dolus takes advantage of elastic capacity provisioning via quarantine virtual machines and SDxI policy co-ordination across multiple network domains. To maintain the pretense of false sense of success after attack identification, Dolus uses two strategies: (i) dummy traffic pressure in a quarantine to mimic target response time profiles that were present before legitimate users were migrated away, and (ii) Scapy-based packet manipulation to generate responses with spoofed IP addresses of the original target before the attack traffic started being quarantined. From the time gained through pretense initiation, Dolus enables cloud service providers to decide on a variety of policies to mitigate the attack impact, without disrupting the cloud services experience for legitimate users. We evaluate the efficacy of Dolus using a GENI Cloud testbed and demonstrate its real-time capabilities to: (a) detect DDoS attacks and redirect attack traffic to quarantine resources to engage the attacker under pretense, and (b) coordinate SDxI policies to possibly block DDoS attacks closer to the attack source(s).

scholarly journals Blockchain-enabled real-time SLA monitoring for cloud-hosted services

2021 ◽  
Author(s):  
Kashif Mehboob Khan ◽  
Junaid Arshad ◽  
Waheed Iqbal ◽  
Sidrah Abdullah ◽  
Hassan Zaib
Keyword(s):  
Cloud Computing ◽  
Real Time ◽  
Service Providers ◽  
Response Times ◽  
Cloud Service ◽  
Service Level ◽  
Cloud Services ◽  
Blockchain Technology ◽  
Manual Processing ◽  
And Performance

AbstractCloud computing is an important technology for businesses and individual users to obtain computing resources over the Internet on-demand and flexibly. Although cloud computing has been adopted across diverse applications, the owners of time-and-performance critical applications require cloud service providers’ guarantees about their services, such as availability and response times. Service Level Agreements (SLAs) are a mechanism to communicate and enforce such guarantees typically represented as service level objectives (SLOs), and financial penalties are imposed on SLO violations. Due to delays and inaccuracies caused by manual processing, an automatic method to periodically verify SLA terms in a transparent and trustworthy manner is fundamental to effective SLA monitoring, leading to the acceptance and credibility of such service to the customers of cloud services. This paper presents a blockchain-based distributed infrastructure that leverages fundamental blockchain properties to achieve immutable and trustworthy SLA monitoring within cloud services. The paper carries out an in-depth empirical investigation for the scalability of the proposed system in order to address the challenge of transparently enforcing real-time monitoring of cloud-hosted services leveraging blockchain technology. This will enable all the stakeholders to enforce accurate execution of SLA without any imprecisions and delays by maintaining an immutable ledger publicly across blockchain network. The experimentation takes into consideration several attributes of blockchain which are critical in achieving optimum performance. The paper also investigates key characteristics of these factors and their impact to the behaviour of the system for further scaling it up under various cases for increased service utilization.

scholarly journals Mitigating the Threat due to Data Deduplication Attacks in Cloud Migration using User Layer Authentication with Light Weight Cryptography

2020 ◽  
Vol 9 (3) ◽  
pp. 2539-2545
Keyword(s):  
Data Security ◽  
Service Providers ◽  
Data Integrity ◽  
Cloud Service ◽  
Behavioral Pattern ◽  
Data Migration ◽  
Data Deduplication ◽  
Cloud Data ◽  
Template Attacks ◽  
The Impact

The widespread adoption of multi-cloud in enterprises is one of the root causes of cost-effectiveness. Cloud service providers reduce storage costs through advanced data de-duplication, which also provides vulnerabilities for attackers. Traditional approaches to authentication and data security for a single cloud need to be upgraded to be best suitable for cloud-to-cloud data migration security in order to mitigate the impact of dictionary and template attacks on authentication and data integrity, respectively. This paper proposes a scheme of user layer authentication along with lightweight cryptography. The proposed simulates its mathematical model to analyze the behavioral pattern of time-complexity of data security along with user auth protection. The performance pattern validates the model for scalability and reliability against both authentication and data integrity.

scholarly journals Energy-Aware Autonomic Resource Scheduling Framework for Cloud

2019 ◽  
Vol 4 (1) ◽  
pp. 41-55 ◽  
Author(s):  
Bhupesh Kumar Dewangan ◽  
Amit Agarwal ◽  
Venkatadri M. ◽  
Ashutosh Pasricha
Keyword(s):  
Energy Consumption ◽  
Resource Utilization ◽  
Data Centers ◽  
Virtual Machines ◽  
Service Providers ◽  
Optimal Solution ◽  
Cloud Service ◽  
Cloud Services ◽  
Energy Aware ◽  
Increasing Demand

Cloud computing is a platform where services are provided through the internet either free of cost or rent basis. Many cloud service providers (CSP) offer cloud services on the rental basis. Due to increasing demand for cloud services, the existing infrastructure needs to be scale. However, the scaling comes at the cost of heavy energy consumption due to the inclusion of a number of data centers, and servers. The extraneous power consumption affects the operating costs, which in turn, affects its users. In addition, CO2 emissions affect the environment as well. Moreover, inadequate allocation of resources like servers, data centers, and virtual machines increases operational costs. This may ultimately lead to customer distraction from the cloud service. In all, an optimal usage of the resources is required. This paper proposes to calculate different multi-objective functions to find the optimal solution for resource utilization and their allocation through an improved Antlion (ALO) algorithm. The proposed method simulated in cloudsim environments, and compute energy consumption for different workloads quantity and it increases the performance of different multi-objectives functions to maximize the resource utilization. It compared with existing frameworks and experiment results shows that the proposed framework performs utmost.

Sign in / Sign up

Export Citation Format

Share Document