Showing papers in "IEEE Cloud Computing in 2018"
TL;DR: The potential to use the Blockchain technology to protect healthcare data hosted within the cloud and the practical challenges of such a proposition are described and further research is described.
Abstract: One particular trend observed in healthcare is the progressive shift of data and services to the cloud, partly due to convenience (e.g. availability of complete patient medical history in real-time) and savings (e.g. economics of healthcare data management). There are, however, limitations to using conventional cryptographic primitives and access control models to address security and privacy concerns in an increasingly cloud-based environment. In this paper, we study the potential to use the Blockchain technology to protect healthcare data hosted within the cloud. We also describe the practical challenges of such a proposition and further research that is required.
590 citations
TL;DR: This paper investigates the energy-aware resource management problem in cloud datacenters, where green energy with unpredictable capacity is connected, and proposes a robust blockchain-based decentralized resource management framework to save the energy consumed by the request scheduler.
Abstract: Nowadays, more and more companies migrate business from their own servers to the cloud. With the influx of computational requests, datacenters consume tremendous energy every day, attracting great attention in the energy efficiency dilemma. In this paper, we investigate the energy-aware resource management problem in cloud datacenters, where green energy with unpredictable capacity is connected. Via proposing a robust blockchain-based decentralized resource management framework, we save the energy consumed by the request scheduler. Moreover, we propose a reinforcement learning method embedded in a smart contract to further minimize the energy cost. Because the reinforcement learning method is informed from the historical knowledge, it relies on no request arrival and energy supply. Experimental results on Google cluster traces and real-world electricity price show that our approach is able to reduce the datacenters cost significantly compared with other benchmark algorithms.
159 citations
TL;DR: In this paper, the authors demonstrate the applicability of blockchain in IoT devices and their data management with an aim of providing end-to-end trust for trading, and give a brief introduction to the topics and challenges for future research towards addressing a grand challenge, i.e. developing a trustworthy trading platform for IoT ecosystems.
Abstract: The Internet of Things (IoT) has already reshaped and transformed our lives in many ways ranging from how we communicate with people or manage our health to how we drive our cars and manage our homes. With the rapid development of the IoT ecosystem in a wide range of applications, IoT devices and data are going to be traded as commodities in the marketplace in near future, similar to cloud services or physical objects. Developing such a trading platform has previously been identified as one of the key grand challenges in integration of IoT and data science in this column. Deployment of such a platform obviously raises public concerns on the security and privacy of both data and devices since their ownerships are hard to trace and manage without a central trusted authority. The central trusted authority is not a viable solution for a fully decentralised and distributed IoT ecosystem with a large number of distributed device vendors and consumers who do not trust each other. Blockchain, as a decentralised system, removes the requirement for a trusted third party by allowing all participants to verify the correctness of the data and ensure their immutability. IoT devices can use blockchain to register themselves and organize, store and share streams of data from them effectively and reliably. In this article, through a case study, we demonstrate the applicability of blockchain in IoT devices and their data management with an aim of providing end-to-end trust for trading. We also give a brief introduction to the topics and challenges for future research towards addressing a grand challenge, i.e. developing a trustworthy trading platform for IoT ecosystems.
112 citations
TL;DR: An architecture of intelligent cloud resource management with deep reinforcement learning is discussed, which makes clouds automatically and efficiently negotiate the most appropriate configuration, directly from complicated cloud environments.
Abstract: The cloud provides low-cost and flexible IT resources (hardware and software) across the Internet. As more cloud providers seek to drive greater business outcomes and the environments of the cloud become more complicated, it is evident that the era of the intelligent cloud has arrived. The intelligent cloud faces several challenges, including optimizing the economic cloud service configuration and adaptively allocating resources. In particular, there is a growing trend toward using machine learning to improve the intelligence of cloud management. This article discusses an architecture of intelligent cloud resource management with deep reinforcement learning. The deep reinforcement learning makes clouds automatically and efficiently negotiate the most appropriate configuration, directly from complicated cloud environments. Finally, we give an example to evaluate and conclude the remarkable ability of the intelligent cloud with deep reinforcement learning.
92 citations
Newcastle University1, Cardiff University2, Commonwealth Scientific and Industrial Research Organisation3, T-Systems4, Swinburne University of Technology5, University of Messina6, University of Tasmania7, University of Melbourne8, Chinese Academy of Sciences9, University of Sydney10, Vienna University of Technology11
TL;DR: This article discusses research challenges related to devising a new IoT programming paradigm for orchestrating IoT application composition and data processing across heterogeneous computing infrastructure (Cloud, Edge, and Things).
Abstract: This article discusses research challenges related to devising a new IoT programming paradigm for orchestrating IoT application composition and data processing across heterogeneous computing infrastructure (Cloud, Edge, and Things).
87 citations
TL;DR: A nurse director for the Grampian region, observed Janet Mitchell, theatre staff nurse at NHSgrampian, Aberdeen, and wrote this account of their time together.
Abstract: The field of Cloud Community is broad and deep. This new column will explore various communities progress on Cloud Computing, and will compare and contrast their approaches. Look for supporting material on the IEEE Cloud Computing Website (https://cloudcomputing.ieee.org/communities-of-practice).
63 citations
TL;DR: A secure IoT under the proposed method could resist most attacks from both insiders and outsiders of IoT to break data confidentiality, and meanwhile with constant communication cost for re-encryption anti incremental scale of IoT.
Abstract: Cloud-assisted Internet of Things (IoT) provides a promising solution to data booming problems for the ability constraints of individual objects. However, with the leverage of cloud, IoT faces new security challenges for data mutuality between two parties, which is introduced for the first time in this paper and not currently addressed by traditional approaches. We investigate a secure cloud-assisted IoT data managing method to keep data confidentiality when collecting, storing and accessing IoT data with the assistance of a cloud with the consideration of users increment. The proposed system novelly applies a proxy re-encryption scheme, which was proposed in [5]. Hence, a secure IoT under our proposed method could resist most attacks from both insiders and outsiders of IoT to break data confidentiality, and meanwhile with constant communication cost for re-encryption anti incremental scale of IoT. We further show the method is practical by numerical results.
62 citations
TL;DR: An increasing number of ubiquitous sensing and computing devices worn by military personnel and embedded within military equipment are capable of acquiring a variety of static and dynamic biometrics, which can be used to perform context-adaptive authentication in-the-wild and continuous monitoring of soldier’s psychophysical condition in a dedicated edge computing architecture.
Abstract: Edge computing can potentially play a crucial role in enabling user authentication and monitoring through context-aware biometrics in military/battlefield applications. For example, in Internet of Military Things (IoMT) or Internet of Battlefield Things (IoBT), an increasing number of ubiquitous sensing and computing devices worn by military personnel and embedded within military equipment (combat suit, instrumented helmets, weapon systems, etc.) are capable of acquiring a variety of static and dynamic biometrics (e.g., face, iris, periocular, fingerprints, heart-rate, gait, gestures, and facial expressions). Such devices may also be capable of collecting operational context data. These data collectively can be used to perform context-adaptive authentication in-the-wild and continuous monitoring of soldier’s psychophysical condition in a dedicated edge computing architecture.
55 citations
TL;DR: This paper proposes a blockchain-based approach that enables data owners to control the anonymization process and that enhances the security of the services and relies on blockchain to validate the usage of the privacy budget and adaptively change its allocation through smart contracts, depending on the privacy requirements provided by data owners.
Abstract: Cloud federation is an emergent cloud-computing paradigm that allows services from different cloud systems to be aggregated in a single pool. To support secure data sharing in a cloud federation, anonymization services that obfuscate sensitive datasets under differential privacy have been recently proposed. However, by outsourcing data protection to the cloud, data owners lose control over their data, raising privacy concerns. This is even more compelling in multi-query scenarios in which maintaining privacy amounts to controlling the allocation of the so-called privacy budget. In this paper, we propose a blockchain-based approach that enables data owners to control the anonymization process and that enhances the security of the services. Our approach relies on blockchain to validate the usage of the privacy budget and adaptively change its allocation through smart contracts, depending on the privacy requirements provided by data owners. Prototype implementation with the Hyperledger permissioned blockchain validates our approach with respect to privacy guarantee and practicality.
55 citations
TL;DR: The focus of this Blue Skies piece is to analyze the research challenges involved with developing a new class of holistic distributed deep learning algorithms that are “resource and data aware”, and which are able to account for underlying heterogeneous data and data models, resource (cloud vs. edge vs. mobile edge) models and data availability while executing.
Abstract: Emerging availability (and varying complexity and types) of Internet of Things (IoT) devices, along with large data volumes that such devices (can potentially) generate, can have a significant impact on our lives, fuelling the development of critical next-generation services and applications in a variety of application domains (e.g. healthcare, smart grids, finance, disaster management, agriculture, transportation and water management). Deep learning technology, which has in the past been used successfully in computer vision and language modelling is now finding application in new domains driven by availability of diverse and large datasets. One such example is the advances in medical diagnostics and prediction by using Deep Learning technologies to improve human health. However, transferring large data streams (a requirement of Deep Learning technologies for achieving high accuracy) to centralised locations such as Cloud datacentre environments, in a timely and reliable manner, is being seen as a key limitation of expanding the application horizons of such technologies. To this end, various paradigms, including Osmotic Computing, have been proposed that promotes distribution of data analysis tasks across Cloud and Edge computing environments. However, these existing paradigms fail to provide a detailed account of how technologies such as deep learning can be orchestrated and take advantage of the cloud, edge and mobile edge environments in a holistic manner. In other words, the focus of this Blue Skies piece is to analyze the research challenges involved with developing a new class of holistic distributed deep learning algorithms that are “resource and data aware”, and which are able to account for underlying heterogeneous data and data models, resource (cloud vs. edge vs. mobile edge) models and data availability while executing – trading accuracy for execution time, etc.
49 citations
TL;DR: A conceptual model for fusing blockchains and cloud computing for additional value creation is proposed and comprises three deployment modes: Cloud over Blockchain (CoB), Blockchain over Cloud (BoC), and Mixed Blockchain-Cloud (MBC).
Abstract: Blockchains, a decentralized storage technique, have many applications, including in reengineering cloud datacenters. This article proposes a conceptual model for fusing blockchains and cloud computing for additional value creation. The proposed model comprises three deployment modes: Cloud over Blockchain (CoB), Blockchain over Cloud (BoC), and Mixed Blockchain-Cloud (MBC). The article also highlights the potential benefits of such a fusion and outlines a number of future research directions.
TL;DR: The design targets and technical challenges lie in constructing cloud-based privacy-preserving image processing system, and the state-of-the-art techniques, including secure multiparty computation, and homomorphic encryption are investigated.
Abstract: Millions of private images are generated in various digital devices every day. The consequent massive computational workload makes people turn to cloud computing platforms for their economical computation resources. Meanwhile, the privacy concerns over the sensitive information contained in outsourced image data arise in public. In fact, once uploaded to cloud, the security and privacy of the image content can only presume upon the reliability of the cloud service providers. Lack of assuring security and privacy guarantees becomes the main barrier to further deployment of cloud-based image processing systems. This paper studies the design targets and technical challenges lie in constructing cloud-based privacy-preserving image processing system. We explore various image processing tasks, including image feature detection, digital watermarking, content-based image search. The state-of-the-art techniques, including secure multiparty computation, and homomorphic encryption are investigated. A detailed taxonomy of the problem statement and the corresponding solutions is provided
TL;DR: The challenges of emergent failures in cloud datacenters at scale and their impact on system resource management are identified, and potential directions of further study for Internet of Things integration and holistic fault tolerance are discussed.
Abstract: Since the conception of cloud computing, ensuring its ability to provide highly reliable service has been of the upmost importance and criticality to the business objectives of providers and their customers. This has held true for every facet of the system, encompassing applications, resource management, the underlying computing infrastructure, and environmental cooling. Thus, the cloud-computing and dependability research communities have exerted considerable effort toward enhancing the reliability of system components against various software and hardware failures. However, as these systems have continued to grow in scale, with heterogeneity and complexity resulting in the manifestation of emergent behavior, so too have their respective failures. Recent studies of production cloud datacenters indicate the existence of complex failure manifestations that existing fault tolerance and recovery strategies are ill-equipped to effectively handle. These strategies can even be responsible for such failures. These emergent failures-frequently transient and identifiable only at runtime-represent a significant threat to designing reliable cloud systems. This article identifies the challenges of emergent failures in cloud datacenters at scale and their impact on system resource management, and discusses potential directions of further study for Internet of Things integration and holistic fault tolerance.
TL;DR: An edge cloud-assisted CPSS (cyber-physical-social system) framework for smart cities is proposed, which migrates some tasks from the cloud center to network edge devices and puts the services and resources closer to users, so as to provide lower-latency, real-time, more effective, and proactive services for residents and policymakers.
Abstract: The smart city uses knowledge or rules mined from Internet of Things sensor data to promote the development of the city. This brings new opportunities and challenges, such as low delay and real-time services. This article proposes an edge cloud-assisted CPSS (cyber-physical-social system) framework for smart cities. This framework migrates some tasks from the cloud center to network edge devices and puts the services and resources closer to users, so as to provide lower-latency, real-time, more effective, and proactive services for residents and policymakers.
TL;DR: Important TOSCA concepts and benefits in the context of commonly understood cloud use cases are introduced as a foundation to future discussions regarding advanced TOS CA concepts and additional breakthrough issues.
Abstract: TOSCA, the Topology and Orchestration Specification for Cloud Applications offers an OASIS-recognized, open standard domain-specific language (DSL) that enables portability and automated management of applications, services, and resources regardless of underlying cloud platform, software defined environment, or infrastructure. With a growing, interoperable eco-system of open source projects, solutions from leading cloud platform and service providers, and research, TOSCA empowers the definition and modeling of applications and their services (microservices or traditional services) across their entire lifecycle by describing their components, relationships, dependencies, requirements, and capabilities for orchestrating software in the context of associated operational policies. The authors introduce important TOSCA concepts and benefits in the context of commonly understood cloud use cases as a foundation to future discussions regarding advanced TOSCA concepts and additional breakthrough issues.
TL;DR: This paper analyses some of the requirements that future data collection architectures of smart cyber-physical systems should implement to provide effective privacy protection for users and gives an example of how they can be implemented in a smart home scenario.
Abstract: User privacy concerns are widely regarded as a key obstacle to the success of modern smart cyber-physical systems. In this paper, we analyse, through an example, some of the requirements that future data collection architectures of these systems should implement to provide effective privacy protection for users. Then, we give an example of how these requirements can be implemented in a smart home scenario. Our example architecture allows the user to balance the privacy risks with the potential benefits and take a practical decision determining the extent of the sharing. Based on this example architecture, we identify a number of challenges that must be addressed by future data processing systems in order to achieve effective privacy management for smart cyber-physical systems.
TL;DR: IaaS, PaaS and SaaS were formally defined in 2011 and have these definitions held up in the fast-moving world of Cloud Computing?
Abstract: IaaS, PaaS, and SaaS were formally defined in 2011. Have these definitions held up in the fast-moving world of Cloud Computing?
TL;DR: Applying Osmotic Computing principles to message-oriented middleware opens new opportunities for solving the heterogeneity and volatility inherent to Edge resources, and the unpredictability of mobile clients.
Abstract: Message-oriented middleware is a key technology in todays Internet of Things (IoT). Centralized message brokers facilitate decoupled device-to-device communication and can transparently scale to handle many millions of messages per second. However, Cloud-based solutions, such as AWS IoT or Azure IoT Hub, cannot satisfy the stringent QoS and privacy requirements of many modern IoT scenarios. Instead, distributed middleware needs to leverage the ever- increasing amount of resources at the edge of the network to provide reliable, ultra-low-latency, and privacy-aware message routing. But the heterogeneity and volatility inherent to Edge resources, and the unpredictability of mobile clients, make it extremely challenging to provide resilient coordination mechanisms and guaranteed message delivery. Applying Osmotic Computing principles to message-oriented middleware opens new opportunities for solving these challenges.
TL;DR: In this paper, the authors identify challenges and opportunities in making accelerators accessible at the edge of the network for improving quality of service (QoS) by minimizing end-to-end latency and response times.
Abstract: Hardware accelerators are available on the cloud for enhanced analytics. Next-generation clouds aim to bring enhanced analytics using accelerators closer to user devices at the edge of the network for improving quality of service (QoS) by minimizing end-to-end latencies and response times. The collective computing model that utilizes resources at the cloud-edge continuum in a multi-tier hierarchy comprising the cloud, edge, and user devices is referred to as fog computing. This article identifies challenges and opportunities in making accelerators accessible at the edge. A holistic view of the fog architecture is key to pursuing meaningful research in this area.
TL;DR: A self-protection approach in cloud resource management called SECURE is proposed, which offers self- protection against security attacks and ensures continued availability of services to authorized users.
Abstract: In the current scenario of cloud computing, heterogeneous resources are located in various geographical locations requiring security-aware resource management to handle security threats. However, existing techniques are unable to protect systems from security attacks. To provide a secure cloud service, a security-based resource management technique is required that manages cloud resources automatically and delivers secure cloud services. In this paper, we propose a self-protection approach in cloud resource management called SECURE, which offers self-protection against security attacks and ensures continued availability of services to authorized users. The performance of SECURE has been evaluated using SNORT. The experimental results demonstrate that SECURE performs effectively in terms of both the intrusion detection rate and false positive rate. Further, the impact of security on quality of service (QoS) has been analyzed.
TL;DR: The purpose of the special issue is to cover all aspects of design and implementation, as well as deployment and evaluation of solutions aimed at the osmotic convergence of IoT, edge, and cloud computing, with specific reference to the smart cities application scenario.
Abstract: The purpose of the special issue is to cover all aspects of design and implementation, as well as deployment and evaluation of solutions aimed at the osmotic convergence of IoT, edge, and cloud computing, with specific reference to the smart cities application scenario.
TL;DR: The CLOUDS-Pi platform is presented, a small-scale cloud data center for doing research on software-defined clouds and Open vSwitch is integrated with Raspberry-Pis, low-cost embedded computers, to build up a network of OpenFlow switches.
Abstract: Software Defined Networking (SDN) is rapidly transforming the networking ecosystem of cloud computing data centers. However, replicating SDN-enabled cloud infrastructures to conduct practical research in this domain requires a great deal of effort and capital expenditure. In this paper, we present the CLOUDS-Pi platform, a small-scale cloud data center for doing research on software-defined clouds. As part of it, Open vSwitch (OVS) is integrated with Raspberry-Pis, low-cost embedded computers, to build up a network of OpenFlow switches. We provide two use cases and perform validation and performance evaluation. We also discuss benefits and limitations of CLOUDS-Pi in particular and SDN in general.
TL;DR: It is demonstrated that service designers have to select two out of three qualities: backup, availability, and/or consistency (BAC) when a backup of the entire application is being performed.
Abstract: How do you back up a microservice? You dump its database. But how do you back up an entire application decomposed into microservices? In this article, we discuss the tradeoff between the availability and consistency of a microservice-based architecture when a backup of the entire application is being performed. We demonstrate that service designers have to select two out of three qualities: backup, availability, and/or consistency (BAC). Service designers must also consider how to deal with consequences such as broken links, orphan state, and missing state.
TL;DR: The potential of cloud-based biometrics (biometrics as a service) for smart cities and nations is explored.
Abstract: Is biometrics as a service the next giant leap, as Jeremy Rose asks? New trends in consumer applications seem to testify this revolution. However, it is worth wondering to what extent both company infrastructures and the market are actually ready for this. This article explores the potential of cloud-based biometrics (biometrics as a service) for smart cities and nations.
TL;DR: This work proposes SensingBus, a system to collect data from sensors carried by urban buses, which can accommodate at least 20 simultaneous sensing nodes, an adequate number to sense a city such as Rio de Janeiro.
Abstract: Collecting data is an important task to build smart cities. This work proposes SensingBus, a system to collect data from sensors carried by urban buses. Using buses to move sensors allows each node to cover a wider area, at a negligible cost. SensingBus is based on a three-level architecture. At the first level, sensing nodes collect and send data to the second level, consisting of fog nodes. The fog nodes pre-process and deliver data to the third level, the cloud infrastructure, which stores and makes data externally available. The fog infrastructure, on the other hand, discards defective data, compresses information, and provides secure access points between fog and cloud. To validate SensingBus, we build a prototype and perform experiments to stress the fog nodes. We verify that each one can accommodate at least 20 simultaneous sensing nodes, an adequate number to sense a city such as Rio de Janeiro.
TL;DR: A continuous authentication approach integrating physical (face) and behavioral (touch and hand movements) biometrics to control user access to Cloud-based mobile services, going beyond one-off login is proposed.
Abstract: Cloud-connected mobile applications are becoming a popular solution for ubiquitous access to online services, such as cloud data storage platforms. The adoption of such applications has brought security and privacy implications that are making individuals hesitant to migrate sensitive data to the Cloud; thus, new secure authentication protocols are needed. In this paper, we propose a continuous authentication approach integrating physical (face) and behavioral (touch and hand movements) biometrics to control user access to Cloud-based mobile services, going beyond one-off login. Experimental results show the security-usability tradeoff achieved by our approach.
TL;DR: An overview of the major aspects of GDPR related to provision, use, and maintenance of cloud services and technologies is given.
Abstract: Disclosing personal data for a purpose not known by data subjects is a practice that the 2018 European Union General Data Protection Regulation (GDPR) is supposed to prevent. This article gives an overview of the major aspects of GDPR related to provision, use, and maintenance of cloud services and technologies.
TL;DR: Different performance indicators that must be considered for the design and development of smart-mobility services adopting FIWARE technology are discussed, including home-office mobility of University of Messina personnel as a case study and insights are gained on how FIWARE can lead to agile development ofSmart mobility services that can minimize traffic congestion, fuel consumption, and CO2 emissions.
Abstract: The mobility of people is one of the main critical aspects related to daily life in a city, causing both traffic congestion and pollution. Smart-mobility services based on vehicular cloud computing and the Internet of Things (IoT) are emerging as new solutions that can address such issues. In this context, the FIWARE acceleration program, along with the frontierCities initiative, paved the way toward the development of new smart-mobility services. This article discusses different performance indicators that must be considered for the design and development of smart-mobility services adopting FIWARE technology. To this end, the authors consider the home-office mobility of University of Messina personnel as a case study. In particular, after a preliminary analysis of traveling habits, the authors gained insights on how FIWARE can lead to agile development of smart-mobility services that can minimize traffic congestion, fuel consumption, and CO2 emissions.
TL;DR: This work analyzes issues that can be exploited to compromise the mobile applications security by violating the privacy and integrity in their operations and presents how the blockchain technology can be helpful in dealing with such threats.
Abstract: The current mobile app development practice, like other large-scale network-centric software projects, is characterized by the use of event notification facilities supporting the exchange of effective and efficient data flows between the applications front-end, usually located on customers terminal equipment and the back-end services available within the cloud. In order to avoid the need of setting up the notification infrastructure from scratch for any new application, many cloud service providers and mobile system manufacturing companies provide cloud-based messaging solutions. Such solutions, however, are often characterized by vulnerabilities that can be exploited to compromise the mobile applications security by violating the privacy and integrity in their operations. In this work, we analyze these issues and present how the blockchain technology can be helpful in dealing with such threats.
TL;DR: This article reveals this emerging trend and discusses a supporting network architecture for multiplayer cooperative cloud gaming and examines two existing modalities that adopt cooperation among neighboring players to optimize the quality of service in cloud gaming services.
Abstract: Cloud gaming has been attracting increasing attention in the game industry. Nevertheless, the benefits of cloud gaming platforms in facilitating multiplayer games have not been widely discussed in the literature. This article reveals this emerging trend and discusses a supporting network architecture for multiplayer cooperative cloud gaming. The article further examines two existing modalities that adopt cooperation among neighboring players to optimize the quality of service in cloud gaming services.