MISP: Model for IaaS Security and Privacy

Paradigm shift towards cloud computing offers plethora of advantages both for cloud users and Cloud Service Provider (CSP). For cloud users, it offers saving of cost, scaling of resources, pay per use, elastic and on-demand services. On the other hand, it offers centralized resource management and provisioning of operations, safety and security for CSP. By holding multiple virtual IT resources (CPUs, storage servers, network components and software) over the internet, Infrastructure-as-a-Service (IaaS) serves as fundamental layer for all other delivery models. Along with benefits of IaaS, there exists several security and privacy issues and threats to confidentiality, integrity, authentication, access control and availability. In this paper, detailed study of IaaS components, associated security and privacy issues are explored and counter measures for the same are determined. Furthermore, as a result of the study, Model for IaaS Security and Privacy (MISP) is proposed. The model presents a cubical structure and adds more features than the existing models to enhance the security and privacy of data and operations and guide security assessment for safer adoption by enterprises.

MISP: Model for IaaS Security and Privacy

Paradigm shift towards cloud computing offers plethora of advantages both for cloud users and Cloud Service Provider (CSP). For cloud users, it offers saving of cost, scaling of resources, pay per use, elastic and on-demand services. On the other hand, it offers centralized resource management and provisioning of operations, safety and security for CSP. By holding multiple virtual IT resources (CPUs, storage servers, network components and software) over the internet, Infrastructure-as-a-Service (IaaS) serves as fundamental layer for all other delivery models. Along with benefits of IaaS, there exists several security and privacy issues and threats to confidentiality, integrity, authentication, access control and availability. In this paper, detailed study of IaaS components, associated security and privacy issues are explored and counter measures for the same are determined. Furthermore, as a result of the study, Model for IaaS Security and Privacy (MISP) is proposed. The model presents a cubical structure and adds more features than the existing models to enhance the security and privacy of data and operations and guide security assessment for safer adoption by enterprises

Quality-preserving low-cost probabilistic 3D denoising with applications to Computed Tomography

We propose a pipeline for a synthetic generation of personalized Computer Tomography (CT) images, with a radiation exposure evaluation and a lifetime attributable risk (LAR) assessment. We perform a patient-specific performance evaluation for a broad range of denoising algorithms (including the most popular Deep Learning denoising approaches, wavelets-based methods, methods based on Mumford-Shah denoising etc.), focusing both on accessing the capability to reduce the patient-specific CT-induced LAR and on computational cost scalability. We introduce a parallel probabilistic Mumford-Shah denoising model (PMS), showing that it markedly-outperforms the compared common denoising methods in denoising quality and cost scaling. In particular, we show that it allows an approximately 22-fold robust patient-specific LAR reduction for infants and a 10-fold LAR reduction for adults. Using a normal laptop the proposed algorithm for PMS allows a cheap and robust (with the Multiscale Structural Similarity index > 90%) denoising of very large 2D videos and 3D images (with over 10^7 voxels) that are subject to ultra-strong Gaussian and various non-Gaussian noises, also for Signal-to-Noise Ratios much below 1.0. The code is provided for open access.

One-Seq: A Highly Scalable Sequencing-Based Diagnostic for SARS-CoV-2 and Other Single-Stranded Viruses

The management of pandemics such as COVID-19 requires highly scalable and sensitive viral diagnostics, together with variant identification. Next-generation sequencing (NGS) has many attractive features for highly multiplexed testing, however current sequencing-based methods are limited in throughput by early processing steps on individual samples (e.g. RNA extraction and PCR amplification). Here we report a new method, "One-Seq", that eliminates the current bottlenecks in scalability by enabling early pooling of samples, before any extraction or amplification steps. To enable early pooling, we developed a one-pot reaction for efficient reverse transcription (RT) and upfront barcoding in extraction-free clinical samples, and a "protector" strategy in which carefully designed competing oligonucleotides prevent barcode crosstalk and preserve detection of the high dynamic range of viral load in clinical samples. This method is highly sensitive, achieving a limit of detection (LoD) down to 2.5 genome copy equivalent (gce) in contrived RT samples, 10 gce in multiplexed sequencing, and 2-5 gce with multi-primer detection, suggesting an LoD of 200-500 gce/ml for clinical testing. In clinical specimens, One-Seq showed quantitative viral detection against clinical Ct values with 6 logs of linear dynamic range and detection of SARS-CoV-2 positive samples down to ~360 gce/ml. In addition, One-Seq reports a number of hotspot viral mutations at equal scalability at no extra cost. Scaling up One-Seq would allow a throughput of 100,000-1,000,000 tests per day per single clinical lab, at an estimated amortized reagent cost of $1.5 per test and turn-around time of 7.5-15 hr.

Breaking-Down and Parameterising Wave Energy Converter Costs Using the CapEx and Similitude Methods

Wave energy converters (WECs) can play a significant role in the transition towards a more renewable-based energy mix as stable and unlimited energy resources. Financial analysis of these projects requires WECs cost and WEC capital expenditure (CapEx) information. However, (i) cost information is often limited due to confidentiality and (ii) the wave energy field lacks flexible methods for cost breakdown and parameterisation, whereas they are needed for rapid and optimised WEC configuration and worldwide site pairing. This study takes advantage of the information provided by Wavepiston to compare different costing methods. The work assesses the Froude-Law-similarities-based “Similitude method” for cost-scaling and introduces the more flexible and generic “CapEx method” divided into three steps: (1) distinguishing WEC’s elements from the wave energy farm (WEF)’s; (2) defining the parameters characterising the WECs, WEFs, and site locations; and (3) estimating elements that affect WEC and WEF elements’ cost and translate them into factors using the parameters defined in step (2). After validation from Wavepiston manual estimations, the CapEx method showed that the factors could represent up to 30% of the cost. The Similitude method provided slight cost-overestimations compared to the CapEx method for low WEC up-scaling, increasing exponentially with the scaling.