A Pattern-Based and Tool-Supported Risk Analysis Method Compliant to ISO 27001 for Cloud Systems

To benefit from cloud computing and the advantages it offers, obstacles regarding the usage and acceptance of clouds have to be cleared. For cloud providers, one way to obtain customers' confidence is to establish security mechanisms when using clouds. The ISO 27001 standard provides general concepts for establishing information security in an organization. Risk analysis is an essential part in the ISO 27001 standard for achieving information security. This standard, however, contains ambiguous descriptions. In addition, it does not stipulate any method to identify assets, threats, and vulnerabilities. In this paper, the authors present a method for cloud computing systems to perform risk analysis according to the ISO 27001. The authors' structured method is tailored to SMEs. It relies upon patterns to describe context and structure of a cloud computing system, elicit security requirements, identify threats, and select controls, which ease the effort for these activities. The authors' method guides companies through the process of risk analysis in a structured manner. Furthermore, the authors provide a model-based tool for supporting the ISO 27001 standard certification. The authors' tool consists of various plug-ins for conducting different steps of their method.

Download Full-text

Evaluating the E-Health Cloud Computing Systems Adoption in Taiwan’s Healthcare Industry

Life ◽

10.3390/life11040310 ◽

2021 ◽

Vol 11 (4) ◽

pp. 310

Author(s):

Shih-Chia Chang ◽

Ming-Tsang Lu ◽

Tzu-Hui Pan ◽

Chiao-Shan Chen

Keyword(s):

Decision Making ◽

Cloud Computing ◽

Multiple Criteria Decision Making ◽

Cloud Service ◽

Computing System ◽

Healthcare Industry ◽

Computing Systems ◽

Factors Affecting ◽

Cloud Computing System ◽

Health Cloud

Although the electronic health (e-health) cloud computing system is a promising innovation, its adoption in the healthcare industry has been slow. This study investigated the adoption of e-health cloud computing systems in the healthcare industry and considered security functions, management, cloud service delivery, and cloud software for e-health cloud computing systems. Although numerous studies have determined factors affecting e-health cloud computing systems, few comprehensive reviews of factors and their relations have been conducted. Therefore, this study investigated the relations between the factors affecting e-health cloud computing systems by using a multiple criteria decision-making technique, in which decision-making trial and evaluation laboratory (DEMATEL), DANP (DEMATEL-based Analytic Network Process), and modified VIKOR (VlseKriterijumska Optimizacija I Kompromisno Resenje) approaches were combined. The intended level of adoption of an e-health cloud computing system could be determined by using the proposed approach. The results of a case study performed on the Taiwanese healthcare industry indicated that the cloud management function must be primarily enhanced and that cost effectiveness is the most significant factor in the adoption of e-health cloud computing. This result is valuable for allocating resources to decrease performance gaps in the Taiwanese healthcare industry.

Download Full-text

Scheduling under Open stack – The Current State and Future Enhancements

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1481.078219 ◽

2019 ◽

Vol 8 (2) ◽

pp. 375-382

Keyword(s):

Cloud Computing ◽

Open Source ◽

Task Scheduling ◽

Computing System ◽

Important Task ◽

Shared Resources ◽

Computing Systems ◽

Current State ◽

Cloud Computing System ◽

Research Findings

Cloud computing is being heavily used for implementing different kinds of applications. Many of the client applications are being migrated to cloud for the reasons of cost and elasticity. Cloud computing is generally implemented on distributing computing wherein the Physical servers are heavily distributed considering both hardware and software, the connectivity among which is established through Internet. The cloud computing systems as such have many physical servers which contain many resources. The resources can be made to be shared among many users who are the tenants to the cloud computing system. The resources can be virtualized so as to provide shared resources to the clients. Scheduling is one of the most important task of a cloud computing system which is concerned with task scheduling, resource scheduling and scheduling Virtual Machin Migration. It is important to understand the issue of scheduling within a cloud computing system more in-depth so that any improvements with reference to scheduling can be investigated and implemented. For carrying in depth research, an OPEN source based cloud computing system is needed. OPEN STACK is one such OPEN source based cloud computing system that can be considered for experimenting the research findings that are related to cloud computing system. In this paper an overview on the way the Scheduling aspect per say has been implemented within OPEN STACK cloud computing system

Download Full-text

Cryptography in Big Data Security

Advances in Human and Social Aspects of Technology - HCI Challenges and Privacy Preservation in Big Data Security ◽

10.4018/978-1-5225-2863-0.ch004 ◽

2018 ◽

pp. 71-94

Author(s):

Navin Jambhekar ◽

Chitra Anil Dhawale

Keyword(s):

Cloud Computing ◽

Big Data ◽

Information Security ◽

Data Security ◽

Computing System ◽

Mobile Client ◽

Security Issues ◽

Cloud Computing System ◽

Cloud Server ◽

Encrypted Search

Information security is a prime goal for every individual and organization. The travelling from client to cloud server can be prone to security issues. The big data storages are available through cloud computing system to facilitate mobile client. The information security can be provided to mobile client and cloud technology with the help of integrated parallel and distributed encryption and decryption mechanism. The traditional technologies include the plaintext stored across cloud and can be prone to security issues. The solution provided by applying the encrypted data upload and encrypted search. The clouds can work in collaboration; therefore, the encryption can also be done in collaboration. Some part of encryption handle by client and other part handled by cloud system. This chapter presents the security scenario of different security algorithms and the concept of mobile and cloud computing. This chapter precisely defines the security features of existing cloud and big data system and provides the new framework that helps to improve the data security over cloud computing and big data security system.

Download Full-text

A simplified reliability analysis method for cloud computing systems considering common-cause failures

Proceedings of the Institution of Mechanical Engineers Part O Journal of Risk and Reliability ◽

10.1177/1748006x17703863 ◽

2017 ◽

Vol 231 (3) ◽

pp. 324-333 ◽

Cited By ~ 1

Author(s):

Ruiying Li ◽

Qiong Li ◽

Ning Huang ◽

Rui Kang

Keyword(s):

Cloud Computing ◽

State Space ◽

Reliability Analysis ◽

Virtual Machines ◽

Single Server ◽

Analysis Method ◽

Computing Systems ◽

Common Cause ◽

Cloud Computing System ◽

Common Cause Failures

Virtualization is one of the main features of cloud computing systems, which enables building multiple virtual machines on a single server. However, this feature brings new challenge in reliability modeling, as the failure of the server will make all its co-located virtual machines inoperable, which is a typical common-cause failure. To satisfy the demand of the cloud computing system, the reliability of the system is defined as the probability that at least a given number of virtual machines are operable. State-space enumeration is one method to calculate such reliability; however, due to the large number of combinations, it is time-consuming and impractical. To solve this problem, we propose a simplified reliability analysis method based on fault tree and state-space models. Two illustrative examples are studied to show the process and the effectiveness of our method. State enumeration and Monte Carlo simulation are also used to prove the correctness of our method as back-to-back verifications. Compared to the reliability analysis without considering common-cause failures, our results are quite different, which illustrates the necessity of considering common-cause failures in the reliability of cloud computing systems.

Download Full-text

Multi-objective hybrid genetic algorithm for task scheduling problem in cloud computing

Neural Computing and Applications ◽

10.1007/s00521-021-06002-w ◽

2021 ◽

Author(s):

Poria Pirozmand ◽

Ali Asghar Rahmani Hosseinabadi ◽

Maedeh Farrokhzad ◽

Mehdi Sadeghilalimi ◽

Seyedsaeid Mirkamali ◽

...

Keyword(s):

Genetic Algorithm ◽

Cloud Computing ◽

Energy Consumption ◽

Scheduling Algorithm ◽

Hybrid Genetic Algorithm ◽

Computing System ◽

Computing Systems ◽

Cloud Computing System ◽

Scheduling Heuristic ◽

The Cost

AbstractThe cloud computing systems are sorts of shared collateral structure which has been in demand from its inception. In these systems, clients are able to access existing services based on their needs and without knowing where the service is located and how it is delivered, and only pay for the service used. Like other systems, there are challenges in the cloud computing system. Because of a wide array of clients and the variety of services available in this system, it can be said that the issue of scheduling and, of course, energy consumption is essential challenge of this system. Therefore, it should be properly provided to users, which minimizes both the cost of the provider and consumer and the energy consumption, and this requires the use of an optimal scheduling algorithm. In this paper, we present a two-step hybrid method for scheduling tasks aware of energy and time called Genetic Algorithm and Energy-Conscious Scheduling Heuristic based on the Genetic Algorithm. The first step involves prioritizing tasks, and the second step consists of assigning tasks to the processor. We prioritized tasks and generated primary chromosomes, and used the Energy-Conscious Scheduling Heuristic model, which is an energy-conscious model, to assign tasks to the processor. As the simulation results show, these results demonstrate that the proposed algorithm has been able to outperform other methods.

Download Full-text

EVALUATION OF CLOUD COMPUTING CLUSTER PERFORMANCE

T-Comm ◽

10.36724/2072-8735-2020-14-12-72-79 ◽

2020 ◽

Vol 14 (12) ◽

pp. 72-79

Author(s):

Aleksandr O. Volkov ◽

Keyword(s):

Cloud Computing ◽

Quality Of Service ◽

Service Providers ◽

Poisson Model ◽

Cloud Service ◽

Computing System ◽

Processor Sharing ◽

Cloud Systems ◽

Cloud Computing System

For cloud service providers, one of the most relevant tasks is to maintain the required quality of service (QoS) at an acceptable level for customers. This condition complicates the work of providers, since now they need to not only manage their resources, but also provide the expected level of QoS for customers. All these factors require an accurate and well-adapted mechanism for analyzing the performance of the service provided. For the reasons stated above, the development of a model and algorithms for estimation the required resource is an urgent task that plays a significant role in cloud systems performance evaluation. In cloud systems, there is a serious variance in the requirements for the provided resource, as well as there is a need to quickly process incoming requests and maintain the proper level of quality of service – all of these factors cause difficulties for cloud providers. The proposed analytical model for processing requests for a cloud computing system in the Processor Sharing (PS) service mode allows us to solve emerging problems. In this work, the flow of service requests is described by the Poisson model, which is a special case of the Engset model. The proposed model and the results of its analysis can be used to evaluate the main characteristics of the performance of cloud systems.

Download Full-text

Cryptography in Big Data Security

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch032 ◽

2019 ◽

pp. 639-656

Author(s):

Navin Jambhekar ◽

Chitra Anil Dhawale

Keyword(s):

Cloud Computing ◽

Big Data ◽

Information Security ◽

Data Security ◽

Computing System ◽

Mobile Client ◽

Security Issues ◽

Cloud Computing System ◽

Cloud Server ◽

Encrypted Search

Information security is a prime goal for every individual and organization. The travelling from client to cloud server can be prone to security issues. The big data storages are available through cloud computing system to facilitate mobile client. The information security can be provided to mobile client and cloud technology with the help of integrated parallel and distributed encryption and decryption mechanism. The traditional technologies include the plaintext stored across cloud and can be prone to security issues. The solution provided by applying the encrypted data upload and encrypted search. The clouds can work in collaboration; therefore, the encryption can also be done in collaboration. Some part of encryption handle by client and other part handled by cloud system. This chapter presents the security scenario of different security algorithms and the concept of mobile and cloud computing. This chapter precisely defines the security features of existing cloud and big data system and provides the new framework that helps to improve the data security over cloud computing and big data security system.

Download Full-text

Research on New Algorithm of Network Topology Design Based on Cloud Integration

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.190-191.360 ◽

2012 ◽

Vol 190-191 ◽

pp. 360-363

Author(s):

Xiao Yuan Qu ◽

Feng Zhang ◽

Hui Feng Xue

Keyword(s):

Cloud Computing ◽

Adaptive Algorithm ◽

Optimization Theory ◽

Computing System ◽

Logical Structure ◽

Topology Design ◽

Stable Operation ◽

Computing Systems ◽

Cloud Computing System ◽

Key Issues

Analyzed integrated logical structure of the cloud, back-end cloud computing systems, tens of thousands of servers, how to organize such a large number of servers is the cloud computing system efficient and stable operation of one of the key issues. We surveyed the requirement of cloud computing networking. Analyzed the architecture of cloud computing networking topology, and thought that the networking topology should be composed of two parts the center switch trunk and some tree shape branch subnet. Then we proposed the Self Adaptive Algorithm for the center swish trunk’s topology design based on the graph theory, optimization theory and classic greedy algorithm. Finally we do some experiments and comparison to verify the algorithm’s usability and advantages.

Download Full-text

Performance Evaluation of Various Scheduling Algorithm Based on Cloud Computing System

Asian Journal of Research in Computer Science ◽

10.9734/ajrcos/2018/v2i124768 ◽

2018 ◽

pp. 1-6

Author(s):

Nobo Chowdhury ◽

K. M. Aslam Uddin ◽

Sadia Afrin ◽

Apurba Adhikary ◽

Fazly Rabbi

Keyword(s):

Cloud Computing ◽

Scheduling Algorithm ◽

Computing System ◽

System Throughput ◽

Cloud Environment ◽

Cloud Systems ◽

Cloud Computing System ◽

Different Types ◽

High Level ◽

Working Procedure

Cloud computing is an information technology archetype which has been used significantly for providing various services through Internet. It ensures easier access to resources and high-level services. The working procedure of cloud systems must be scheduled, so as to efficiently provide services to people. The goal of task scheduling is to acquire best system throughput and to allocate various computing resources to applications. The unpredictable situation increases with the size of the task and becomes high potential to solve effectively. Numerous intellectual methods are recommended to clarify this situation in the territory of scheduling of cloud computing. In this research, a comparative analysis has been conducted for different types of existing scheduling algorithms in the cloud environment with their respective parameters.

Download Full-text