End-User-Driven Approach for Regulatory Compliance in the Public Cloud

Regulatory compliance is equally binding on small and medium business groups. Owing to the small scale and limited budget, such SMBs are unable to seek expert advice. To adequately guard the SMBs in regulatory compliance, the present work proposed a third-party managed-end user-driven approach that renders the list of regulatory acts applicable in one's case according to the country of one's residence, services subscribed, and type of the operations to be carried out in subscribed cloud paradigm. The list of applicable regulatory acts are rendered at the subscriber's end only. In addition, the proposed method notifies the present state of compliance of under-considered cloud providers. Based on the recommendation received, the subscriber can proceed with his decision to subscribe or not to subscribe in the event if desired compliances do not exist. This technological assistance will eliminate the need to possess the required knowledge in regulatory acts or seeking advice from the regulatory expert.

Download Full-text

Regulations and Standards in Public Cloud

Journal of Information Technology Research ◽

10.4018/jitr.2020070102 ◽

2020 ◽

Vol 13 (3) ◽

pp. 21-36

Author(s):

Jitendra Singh ◽

Kamlesh Kumar Raghuvanshi

Keyword(s):

Data Center ◽

Critical Issue ◽

Regulatory Compliance ◽

Cloud Provider ◽

Security Threats ◽

Public Cloud ◽

The Public ◽

Regulatory Standards ◽

The One ◽

Security Standards

Security is a critical issue particularly in public cloud as it rests with the cloud providers. During security implementation, prevailing security threats and regulatory standards are borne in mind. Regulatory compliance varies from one cloud provider to another according to their maturity and location of the data center. Thus, subscribers need to verify the security requirement meeting their objective and the one implemented by the public cloud provider. To this end, subscribers need to visit each cloud provider's site to view the compliance. This is a time-consuming activity at the same time difficult to locate on a website. This work presents the prominent security standards suggested by the leading security institutions including NIST, CSA, ENISA, ISO, etc., that are applicable to the public cloud. A centrally-driven scheme is proposed in order to empower the subscriber to know the regulation and standards applicable according to their services need. The availability of an exhaustive list at one place will lower the users hassle at subscription time.

Download Full-text

Design of a small-scale and failure-resistant IaaS cloud using OpenStack

Applied Computing and Informatics ◽

10.1108/aci-04-2021-0094 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Samuel Heuchert ◽

Bhaskar Prasad Rimal ◽

Martin Reisslein ◽

Yong Wang

Keyword(s):

Small Scale ◽

Scale Production ◽

Proof Of Concept ◽

Public Cloud ◽

Cloud Platform ◽

Private Cloud ◽

Content Type ◽

The Public ◽

Platform As A Service ◽

Data Control

PurposeMajor public cloud providers, such as AWS, Azure or Google, offer seamless experiences for infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS). With the emergence of the public cloud's vast usage, administrators must be able to have a reliable method to provide the seamless experience that a public cloud offers on a smaller scale, such as a private cloud. When a smaller deployment or a private cloud is needed, OpenStack can meet the goals without increasing cost or sacrificing data control.Design/methodology/approachTo demonstrate these enablement goals of resiliency and elasticity in IaaS and PaaS, the authors design a private distributed system cloud platform using OpenStack and its core services of Nova, Swift, Cinder, Neutron, Keystone, Horizon and Glance on a five-node deployment.FindingsThrough the demonstration of dynamically adding an IaaS node, pushing the deployment to its physical and logical limits, and eventually crashing the deployment, this paper shows how the PackStack utility facilitates the provisioning of an elastic and resilient OpenStack-based IaaS platform that can be used in production if the deployment is kept within designated boundaries.Originality/valueThe authors adopt the multinode-capable PackStack utility in favor of an all-in-one OpenStack build for a true demonstration of resiliency, elasticity and scalability in a small-scale IaaS. An all-in-one deployment is generally used for proof-of-concept deployments and is not easily scaled in production across multiple nodes. The authors demonstrate that combining PackStack with the multi-node design is suitable for smaller-scale production IaaS and PaaS deployments.

Download Full-text

IP Spoofing In and Out of the Public Cloud: From Policy to Practice

Computers ◽

10.3390/computers8040081 ◽

2019 ◽

Vol 8 (4) ◽

pp. 81 ◽

Cited By ~ 1

Author(s):

Natalija Vlajic ◽

Mashruf Chowdhury ◽

Marin Litoiu

Keyword(s):

Real World ◽

Service Providers ◽

Denial Of Service ◽

Research Literature ◽

Third Party ◽

Cloud Provider ◽

Public Cloud ◽

The Public ◽

Cloud Providers ◽

Ip Spoofing

In recent years, a trend that has been gaining particular popularity among cybercriminals is the use of public Cloud to orchestrate and launch distributed denial of service (DDoS) attacks. One of the suspected catalysts for this trend appears to be the increased tightening of regulations and controls against IP spoofing by world-wide Internet service providers (ISPs). Three main contributions of this paper are (1) For the first time in the research literature, we provide a comprehensive look at a number of possible attacks that involve the transmission of spoofed packets from or towards the virtual private servers hosted by a public Cloud provider. (2) We summarize the key findings of our research on the regulation of IP spoofing in the acceptable-use and term-of-service policies of 35 real-world Cloud providers. The findings reveal that in over 50% of cases, these policies make no explicit mention or prohibition of IP spoofing, thus failing to serve as a potential deterrent. (3) Finally, we describe the results of our experimental study on the actual practical feasibility of IP spoofing involving a select number of real-world Cloud providers. These results show that most of the tested public Cloud providers do a very good job of preventing (potential) hackers from using their virtual private servers to launch spoofed-IP campaigns on third-party targets. However, the same very own virtual private servers of these Cloud providers appear themselves vulnerable to a number of attacks that involve the use of spoofed IP packets and/or could be deployed as packet-reflectors in attacks on third party targets. We hope the paper serves as a call for awareness and action and motivates the public Cloud providers to deploy better techniques for detection and elimination of spoofed IP traffic.

Download Full-text

A Review on Load Balancing Model Using Best Partition Technique

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v7i8.69 ◽

2017 ◽

Vol 7 (8) ◽

pp. 284

Author(s):

M. Chaitanya ◽

K. Durga Charan

Keyword(s):

Cloud Computing ◽

Fault Tolerance ◽

Load Balancing ◽

Load Balance ◽

Large Impact ◽

Cloud Environment ◽

Public Cloud ◽

The Public ◽

Partition Technique ◽

Textual Content

Load balancing makes cloud computing greater knowledgeable and could increase client pleasure. At reward cloud computing is among the all most systems which offer garage of expertise in very lowers charge and available all the time over the net. However, it has extra vital hassle like security, load administration and fault tolerance. Load balancing inside the cloud computing surroundings has a large impact at the presentation. The set of regulations relates the sport idea to the load balancing manner to amplify the abilties in the public cloud environment. This textual content pronounces an extended load balance mannequin for the majority cloud concentrated on the cloud segregating proposal with a swap mechanism to select specific strategies for great occasions.

Download Full-text

A Study on the Public Service Activity Performances of Nonprofit Foundations belonging to Korean Large Business Groups

KOREAN JOURNAL OF MANAGEMENT ACCOUNTING RESEARCH ◽

10.31507/kjmar.2019.12.19.3.57 ◽

2019 ◽

Vol 19 (3) ◽

pp. 57-82

Author(s):

Jong Ik Yang ◽

Kook Jae Hwang

Keyword(s):

Public Service ◽

Business Groups ◽

The Public ◽

Service Activity

Download Full-text

Big Business and the State in the Neoliberal Era

10.1093/oso/9780198793021.003.0003 ◽

2017 ◽

Author(s):

Daniel Maman

Keyword(s):

Financial Liberalization ◽

Business Groups ◽

State Agencies ◽

Private Capital ◽

Dominant Position ◽

Big Business ◽

The Public ◽

Neoliberal Policies ◽

State Subsidies

The chapter documents patterns of both change and continuity in the structure of big business in Israel in the neoliberal era, and the role of state agencies vis-à-vis big business. Specifically, it discusses how privatization, financial liberalization, and direct and indirect state subsidies have contributed to the dominant position of large enterprises and business groups in the Israeli political economy. While neoliberal policies have served the interests of private capital and business groups, they were actively driven by state agencies seeking to regain autonomy by withdrawing unselective and burdensome state subsidies, and by shrinking and depoliticizing the public sector.

Download Full-text

Health Care

10.1093/oso/9780198817055.003.0011 ◽

2018 ◽

Author(s):

Pierre Pestieau ◽

Mathieu Lefebvre

Keyword(s):

Health Care ◽

Technological Progress ◽

Health Care Systems ◽

Third Party ◽

Medical Expenditure ◽

Public Health Care ◽

The Public ◽

Common Features ◽

Care Systems

This chapter reviews the public health care systems as well as their challenges. It first shows how expenditure on health care has evolved in previous decades and deals with the reasons for the growth observed in almost every European country. It emphasizes the role of technological progress as a main explanatory factor of the increase in medical expenditure but also points to the challenges facing cost-containment policies. Especially, the main common features of health care systems in Europe, such as third-party payment, single provider approach and cost-based reimbursement are discussed. Finally the chapter shows that although inequalities in health exist in the population, health care systems are redistributive. Reforms are thus needed but the trade-off between budgetary efficiency and equity is difficult.

Download Full-text

The impact of end-userś participation (cancer patients) during the optimization process

European Journal of Public Health ◽

10.1093/eurpub/ckaa165.1437 ◽

2020 ◽

Vol 30 (Supplement_5) ◽

Author(s):

S Houwaart

Keyword(s):

End Users ◽

Public Health Care ◽

Optimization Process ◽

Patient Organization ◽

End User ◽

The Public ◽

Patient Organizations ◽

Crucial Information ◽

The Individual ◽

The Impact

Abstract End-user (e.g. patients or the public) testing of information material is becoming more common in the German public health care system. However, including the end-user (in this case patients) in an optimisation process and thus enabling a close collaboration while developing PIMs is still rare. This is surprising, given the fact that patients provide the exact perspective one is trying to address. Within the isPO project, a patient organization is included as a legal project partner to act as the patient representative and provide the patient's perspective. As such, the patient organization was included in the PHR approach as part of the PIM-optimisation team. During the optimisation process, the patients gave practical insights into the procedures of diagnosing and treating different types of cancer as well as into the patient's changing priorities and challenges at different time points. This was crucial information for the envisioned application of the individual PIMs and their hierarchical overview. Moreover, the developed PIM-checklist enabled the patients to give detailed feedback to the PIMs. With their experience of being in the exact situation in which the PIMs will be applied, their recommendations, especially on the wording and layout of the materials, have been a valuable contribution to the PIM optimisation process. In this part of the seminar, we will take a closer look at the following skill building aspects: What is gained from including patients as end-users in the development and optimization of PIM?How can we reach patients to contribute to a PIM optimization process? Which requirements and prerequisites do patients have to provide to successfully work on an optimisation team?How to compromise and weigh opinions when different ideas occur? Altogether, this part will construct a structured path of productive patient involvement and help to overcome uncertainties regarding a collaboration with patient organizations.

Download Full-text

Third Party Certification of Agri-Food Supply Chain Using Smart Contracts and Blockchain Tokens

Sensors ◽

10.3390/s21165307 ◽

2021 ◽

Vol 21 (16) ◽

pp. 5307

Author(s):

Ricardo Borges dos Santos ◽

Nunzio Marco Torrisi ◽

Rodrigo Palucci Pantoni

Keyword(s):

Supply Chain ◽

Mobile Application ◽

Consumer Behaviour ◽

Economic Incentives ◽

Third Party ◽

Smart Contracts ◽

Proof Of Concept ◽

Socially Responsible ◽

The Public ◽

Blockchain Technology

Every consumer’s buying decision at the supermarket influences food brands to make first party claims of sustainability and socially responsible farming methods on their agro-product labels. Fine wines are often subject to counterfeit along the supply chain to the consumer. This paper presents a method for efficient unrestricted publicity to third party certification (TPC) of plant agricultural products, starting at harvest, using smart contracts and blockchain tokens. The method is capable of providing economic incentives to the actors along the supply chain. A proof-of-concept using a modified Ethereum IGR token set of smart contracts using the ERC-1155 standard NFTs was deployed on the Rinkeby test net and evaluated. The main findings include (a) allowing immediate access to TPC by the public for any desired authority by using token smart contracts. (b) Food safety can be enhanced through TPC visible to consumers through mobile application and blockchain technology, thus reducing counterfeiting and green washing. (c) The framework is structured and maintained because participants obtain economical incentives thus leveraging it´s practical usage. In summary, this implementation of TPC broadcasting through tokens can improve transparency and sustainable conscientious consumer behaviour, thus enabling a more trustworthy supply chain transparency.

Download Full-text

The platformisation of public service broadcasting in Germany: The network ‘funk’ and the case of Druck/Skam Germany

Critical Studies in Television The International Journal of Television Studies ◽

10.1177/1749602021996536 ◽

2021 ◽

Vol 16 (2) ◽

pp. 126-144

Author(s):

Sven Stollfuß

Keyword(s):

Social Media ◽

Public Service ◽

Third Party ◽

Mobile Media ◽

Media Environment ◽

The Public ◽

Public Service Broadcasting ◽

Web Series ◽

Production And Distribution ◽

German Adaptation

This article investigates how platformisation changes the practices of content production and distribution through the case of the web series, Druck (tr. Pressure (2018–), for the public service content network ‘funk’ (ARD and ZDF). An analysis of the German adaptation of the Norwegian television and web series Skam (tr. Shame) (NRK3, 2015–2017) shows how public service broadcasting (PSB) in Germany is changing due to the influence of social media. To reach a younger audience, PSB has to meet them on third-party platforms. Consequently, PSB must provide content that fits the mobile media environment of social media.

Download Full-text