The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
A service-oriented architecture (SOA)-based application is composed of a number of distributed and loosely-coupled services which are interconnected to accomplish a more complex functionality. The main security challenge in SOA is that we cannot trust the participating services in a service composition to behave as expected all the time. Moreover, the chain of all services involved in an end-to-end...
One of the most important goals for Software Engineering is that end users or those people who understand software requirements but without too much programming experience can build their software products or prototypes easily. The recent success of cloud computing has made a big step towards this goal where Platform as a Service (PaaS) can provide general and comprehensive software development services...
Software Defined Security (SDS), which provides a flexible and centralized security solution, attracts many researchers to study the details of this conception. In this paper, a security controller-based SDS (SC-SDS) architecture is presented, in which a modularized security controller is placed in the control plane and interacts with other components through APIs. The security controller completes...
20 years after writing Enterprise Application Integration, data integration is still an afterthought when it comes to the cloud deployments I see. Enterprises moving to cloud tend to focus on the move itself, and not as much on what they need when they get there. While this may be a common practice, it's not a best practice. Data integration is needed because we just re-hosted some of our data on...
With the growing interest in Software Defined Networking (SDN) and thanks to the programmability provided by SDN protocols like OpenFlow, network application developers have started implementing solutions to fit corporate needs, like firewalls, load balancers and security services. In this paper, we present a novel solution to answer those needs with usage control policies. We design a policy based...
Vehicular Ad hoc NETworks (VANETs) as the basic infrastructure can facilitate applications and services of connected vehicles (CVs). Cognitive radio (CR) technology is an effective supplement and enhancement for VANETs. It can reduce the impact of deficiency of spectrum resource in VANETs. Although CR-VANETs can utilize the unused licensed spectrum effectively, the distributed nature of CR-VANETs...
Cloud federation is the way to integrate various cloud data centers from a single vendor or multiple vendors for better resource sharing. This paper looks in to various cloud federation aspects with associated challenges and solutions. Few key challenges mentioned are networking delay, data corruption while transit, handling the control signal, security, QoS guarantees, etc. Various state of the art...
Biometric-established authentication method is maturing into fitting one probably the most promising candidate for either replacing or bettering normal approaches founded on password or token on the cloud. This technological know-how is a deterministic characteristic to provide a safer and more user friendly approach to authentication. However some vulnerability threatens the adoption of biometrics...
In the world of high-value manufacturing, an imperative forproductivity and quality are driving the manufacturingcommunity towards integration of all information capturedabout a product along the manufacturing value chain, from itsdesign and manufacture through usage, maintenance, anddecommissioning. Much of this information is alreadycaptured, but it is scattered across many organizations, withsignificant...
By nature, cloud computing systems are static, homogenous entities. They consist of multiple layers of hardware and software resources. These resources are organized into stacks which provide services to end users. Many service stacks are built from a single template. As a result, they consist of identical resources with identical configurations. This gives potential attackers the asymmetric advantage...
In this paper, we examine how cloud computing providers enforce the security mechanisms of their IaaS platforms and how they enable their users to securely utilize the platforms. In particular, we evaluate four popular IaaS platforms against the following criteria: network security, authentication and API security, security attack protection and high availability, logging and monitoring, access right...
Cloud service certification aims at automatically validating whether a cloud service satisfies a predefined set of requirements. To that end, certification systems collect and evaluate sensitive data from various sources of a cloud service. At the same time, the certification system itself has to be resilient to attacks to generate trustworthy statements about the cloud service. Thus system architects...
Vulnerability scanners are deployed in computer networks and software to timely identify security flaws and misconfigurations. However, cloud computing has introduced new attack vectors that requires commensurate change of vulnerability assessment strategies. To investigate the effectiveness of these scanners in cloud environments, we first conduct a quantitative security assessment of OpenStack's...
Cloud services are widely used across the globe to store and analyze Big Data. These days it seems the news is full of stories about security breaches to these services, resulting in the exposure of huge amounts of private data. This paper studies the current security threats to Cloud Services, Big Data, and Hadoop. The paper analyzes a newly proposed Big Data security system based on the EnCoRe system...
Addressing security and privacy requirements for Mobile and Cloud platforms is always made in isolation. This lack of coherence has impacts when data are permanently travelling between such platforms. In this paper we propose a symmetric architecture that takes into account the privacy and security requirements of the two platforms and offers a straightforward instantiation pattern for realizing an...
Today our world is ready to make the maximum use of cloud computing facility as like other daily most common utilities such as electricity, gas and water. However, currently the cloud is showing its limited effect in case of utility service system. The main lacking in cloud is the absence of unified architecture for deploying service and use of application in an optimum way to make the maximum availability...
Along with the invention of computers and interconnected networks, physical societal notions like security, trust, and privacy entered the digital environment. The concept of digital environments begins with the trust (established in the real world) in the organisation/individual that manages the digital resources. This concept evolved to deal with the rapid growth of the Internet, where it became...
Multi-tenant infrastructures deployed in cloud datacenters need network security protection. However, the rigid control mechanism of current security middleboxes induces inflexible orchestration, limiting the agile and on-demand security provision in virtualized datacenters. This paper presents Tualatin, a consolidated framework of delivering security services in multi-tenant datacenters. It meets...
This demo presents a Security Service Level Agreement (SSLA) management solution for the cloud. In this work we aim to bind security in the Service Level Agreement (SLA) as a measurable and agreeable parameter between cloud service provider (CSP) and the customer. To achieve this, we allow cloud customer to choose between different security levels when negotiating the SLA and then our automated SLA...
Cloud computing making ubiquitous influence in today's ever growing and on-demand IT world. Cloud delivers the next-generation computing paradigm that showcases the possibilities of apt resource sharing, true elasticity, and maximum resource utilization as compared to any of its early competitors. In addition to its technicality, corporates are also fascinated with its attractive tag of 'pay-as-you-use'...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.