Minh Nguyen,Saptarshi Debroy,Prasad Calyam,Zhen Lyu,Trupti Joshi

DOI: https://doi.org/10.1109/icnp.2019.8888071

2019-10-01

Abstract:Data-intensive bioinformatics applications often use federated multi-cloud infrastructures to support compute-intensive processing needs. In this paper, we propose a Multi-Cloud Performance and Security (MCPS) Brokering framework within such federated multi-cloud infrastructures to allocate cloud resources to applications by satisfying their performance and security requirements.

Qinghuai Zeng,Changqin Huang,Deren Chen,Hualiang Hu

DOI: https://doi.org/10.1109/CACWD.2004.1349224

2004-01-01

Abstract:In grid environments, the dynamic and multi-institutional nature introduces challenging security issues. In this paper, we propose subtask-based authorization service (SAS) architecture to fully secure a type of application oriented to engineering and scientific computing. We minimize privileges for task by decomposing the parallel task and re-allotting the privileges required for each subtask. Community authorization module describes and applies community policies of resource permission and privilege for resource usage or task management. It separates proxy credentials from identity credentials. We adopt a relevant policy and task management delegation to describe rules for task management. The ultimate privileges are formed by the combination of relevant proxy credential, subtask-level privilege certificate and community policy for this user, as well as they conform to resource policy. To enforce the architecture, we extend the RSL specification and the proxy certificate, modify Globus' gatekeeper, jobmanager and the GASS library to allow authorization callouts, and evaluate the user's job management requests and job's resource request in the context of policies.

Gaurav Raj,Kamaljit Kaur

DOI: https://doi.org/10.48550/arXiv.1207.2706

2012-07-11

Distributed, Parallel, and Cluster Computing

Abstract:In Cloud Computing Architecture, Brokers are responsible to provide services to the end users. An Effective Cost Management System (ECMS) which works over Secure Cloud Communication Paradigm (SCCP) helps in finding a communication link with overall minimum cost of links. We propose an improved Broker Cloud Communication Paradigm (BCCP) with integration of security issues. Two algorithms are included, first is Secure Optimized Route Cost Finder (S-ORCF) to find optimum route between broker and cloud on the behalf of cost factor and second is Secure Optimized Route Management (S-ORM) to maintain optimum route. These algorithms proposed with cryptographic integrity of the secure route discovery process in efficient routing approaches between broker and cloud. There is lack in Dynamic Source Routing Approach to verify whether any intermediate node has been deleted, inserted or modified with no valid authentication. We use symmetric cryptographic primitives, which is made possible due to multisource broadcast encryption scheme. This paper outlines the use of secure route discovery protocol (SRDP)that employs such a security paradigm in cloud computing.

Wenjuan Li,Jian Cao,Bin Zhou,Shuiguang Deng,Qifei Zhang,Keyong Hu,Jing Li,Haili Zhao

DOI: https://doi.org/10.1016/j.iot.2023.100751

IF: 5.711

2023-01-01

Internet of Things

Abstract:Compared with traditional service provision methods, cloud computing has many advantages, such as on-demand services and flexible pricing systems, attracting widespread attention from both academia and industry. However, the abundance of cloud services makes it difficult for users to choose suitable ones. Furthermore, the cloud is usually a dynamically changing execution environment, requiring users to constantly switch service carriers for the best experience. Therefore, to improve the efficiency of service interactions in a multi-cloud environment and cope with the high concurrency demands, this paper proposes a multi-agent and distributed broker-based cloud service provisioning model. Equipped with a decision tree-based user preference learning module, brokers in the proposed model can continuously adjust their resource introduction strategy through training on historical data. In the process of cloud service interaction, brokers select the best cost-effective service for users within a limited time through a two-layer Restricted Monte Carlo Tree Search (RMTCS) algorithm. This paper develops a multi-cloud service interconnection system based on the Libcloud framework. Shielding the different interfaces of different cloud service providers in cloud virtual machine and storage services provides the most suitable services for users and realizes the unified cloud federation service supply. The experiment results prove that the proposed model achieves better performance over the traditional methods and can better meet the service requirements of users.

Haiyang Hu,Zhongjin Li,Hua Hu,Jie Chen,Jidong Ge,Chuanyi Li,Victor Chang

DOI: https://doi.org/10.1016/j.jnca.2018.03.028

IF: 7.574

2018-01-01

Journal of Network and Computer Applications

Abstract:Providing resources and services from multiple clouds is becoming an increasingly promising paradigm. Workflow applications are becoming increasingly computation-intensive or data-intensive, with its resource requirement being maintained from multicloud environment in terms of pay-per-use pricing mechanism. Existing works of cloud workflow scheduling primarily target optimizing makespan or cost. However, the reliability of workflow scheduling is also a critical concern and even the most important metric of QoS (quality of service). In this paper, a multi-objective scheduling (MOS) algorithm for scientific workflow in multicloud environment is proposed, the aim of which is to minimize workflow makespan and cost simultaneously while satisfying the reliability constraint. The proposed MOS algorithm is according to particle swarm optimization (PSO) technology, and the corresponding coding strategy takes both the tasks execution location and tasks order of data transmission into consideration. On the basis of real-world scientific workflow models, extensive simulation experiments demonstrate the significant multi-objective performances improvement of MOS algorithm over the CMOHEFT algorithm and the RANDOM algorithm.

Nishui Cai,Guofeng He

DOI: https://doi.org/10.3934/era.2024064

2024-01-01

Electronic Research Archive

Abstract:A secure and reliable intelligent multi-cloud resource scheduling system in cyberspace is especially important in some industry applications. However, this task has become exceedingly challenging due to the intricate nature of information, the variety of knowledge representations, the compatibility of diverse knowledge reasoning engines, and the numerous security threats found in cloud networks. In this paper, we applied the endogenous security theory to the multi-cloud resource scheduling intelligent system and presented a novel model of the system. The proposed model incorporates various knowledge representations and inference engines, resulting in a multi-cloud resource scheduling intelligent system that ensures endogenous security. In addition, we have devised a scheme for an intelligent system that schedules multi-cloud resources using dual-channels and has an endogenous security mechanism, which we have named Dynamic, Heterogeneous, and Redundant (DHR). Finally, we have used the multi-cloud resource scheduling intelligent run log database to carry out numerous experiments to validate the efficiency of the dual-channel redundant reasoning system with the endogenous security mechanism's DHR property. The results of the experiment demonstrated that the multi-cloud resource intelligent scheduling system model with an endogenous security mechanism was superior to the current single-channel inference system scheme in regards to security and reliability.

mathematics

Atherve Tekawade,Suman Banerjee

2023-04-01

Abstract:Many real-world scientific workflows can be represented by a Directed Acyclic Graph (DAG), where each node represents a task and a directed edge signifies a dependency between two tasks. Due to the increasing computational resource requirements of these workflows, they are deployed on multi-cloud systems for execution. In this paper, we propose a scheduling algorithm that allocates resources to the tasks present in the workflow using an efficient list-scheduling approach based on the parameters cost, processing time, and reliability. Next, for a given a task-resource mapping, we propose a cipher assignment algorithm that assigns security services to edges responsible for transferring data in time-optimal manner subject to a given security constraint. The proposed algorithms have been analyzed to understand their time and space requirements. We implement the proposed scheduling and cipher assignment algorithm and experimented with two real-world scientific workflows namely Epigenomics and Cybershake. We compare the performance of the proposed scheduling algorithm with the state-of-art evolutionary methods. We observe that our method outperforms the state-of-art methods always in terms of cost and reliability, and is inferior in terms of makespan in some cases.

Distributed, Parallel, and Cluster Computing

Aymen Alsaadi,Shantenu Jha,Matteo Turilli

DOI: https://doi.org/10.1145/3659995.3660040

2024-07-17

Abstract:Scientific discovery increasingly depends on middleware that enables the execution of heterogeneous workflows on heterogeneous platforms One of the main challenges is to design software components that integrate within the existing ecosystem to enable scale and performance across cloud and high-performance computing HPC platforms Researchers are met with a varied computing landscape which includes services available on commercial cloud platforms data and network capabilities specifically designed for scientific discovery on government-sponsored cloud platforms and scale and performance on HPC platforms We present Hydra an intra cross-cloud HPC brokering system capable of concurrently acquiring resources from commercial private cloud and HPC platforms and managing the execution of heterogeneous workflow applications on those resources This paper offers four main contributions (1) the design of brokering capabilities in the presence of task platform resource and middleware heterogeneity; (2) a reference implementation of that design with Hydra; (3) an experimental characterization of Hydra s overheads and strong weak scaling with heterogeneous workloads and platforms and, (4) the implementation of a workflow that models sea rise with Hydra and its scaling on cloud and HPC platforms

Distributed, Parallel, and Cluster Computing,Software Engineering

Umamageswaran Jambulingam,K. Balasubadra

DOI: https://doi.org/10.15837/ijccc.2022.2.4296

2022-03-07

Abstract:The use of the multi-cloud data storage in one heterogeneous service is a polynimbus cloud strategy. Cloud computing uses a pay-as-you-go model to deliver services to a variety of end users. Customers can outsource daunting tasks to cloud data centres for processing and producing results, thanks to cloud computing. Cloud computing becomes the popular IT brand that provides various on-demand services over the internet. This technology is devoted to distributing computer and software resources. The proven usefulness of workflows to enforce relevant scientific achievements is the availability of data from advanced scientific tools. Scheduling algorithms are essential in order to automate these strenuous workflows efficiently. A number of new heuristics based on a Cloud resource model have been developed. The majority of these heuristic - based address QoS issues in one or two dimensions. The cloud computing technology offers a decentralised pool of services and resources with various models that are provided to the customers across the Internet in an on-demand, continuously distributed, and pay-per-use model. The key challenge we address in this paper is to maximise revenue while maintaining a minimum consumption of energy with an enhanced QoS for resource allocation. The obtained results from proposed method when compared with the existing state of art methods observed to be novel and better.

Wei Liu,Su Peng,Wei Du,Wei Wang,Guo Sun Zeng

DOI: https://doi.org/10.1007/s10115-014-0755-x

IF: 2.7

2014-06-03

Knowledge and Information Systems

Abstract:Massive computation power and storage capacity of cloud computing systems allow scientists to deploy data-intensive applications without the infrastructure investment, where large application datasets can be stored in the cloud. Based on the pay-as-you-go model, data placement strategies have been developed to cost-effectively store large volumes of generated datasets in the scientific cloud workflows. As promising as it is, this paradigm also introduces many new challenges for data security when the users outsource sensitive data for sharing on the cloud servers, which are not within the same trusted domain as the data owners. This challenge is further complicated by the security constraints on the potential sensitive data for the scientific workflows in the cloud. To effectively address this problem, we propose a security-aware intermediate data placement strategy. First, we build a security overhead model to reasonably measure the security overheads incurred by the sensitive data. Second, we develop a data placement strategy to dynamically place the intermediate data for the scientific workflows. Finally, our experimental results show that our strategy can effectively improve the intermediate data security while ensuring the data transfer time during the execution of scientific workflows.

computer science, information systems, artificial intelligence

Zhongjin Li,Jidong Ge,Hongji Yang,Liguo Huang,Haiyang Hu,Hao Hu,Bin Luo

DOI: https://doi.org/10.1016/j.future.2015.12.014

IF: 7.307

2016-01-01

Future Generation Computer Systems

Abstract:Security is increasingly critical for various scientific workflows that are big data applications and typically take quite amount of time being executed on large-scale distributed infrastructures. Cloud computing platform is such an infrastructure that can enable dynamic resource scaling on demand. Nevertheless, based on pay-per-use and hourly-based pricing model, users should pay attention to the cost incurred by renting virtual machines (VMs) from cloud data centers. Meanwhile, workflow tasks are generally heterogeneous and require different instance series (i.e., computing optimized, memory optimized, storage optimized, etc.). In this paper, we propose a security and cost aware scheduling (SCAS) algorithm for heterogeneous tasks of scientific workflow in clouds. Our proposed algorithm is based on the meta-heuristic optimization technique, particle swarm optimization (PSO), the coding strategy of which is devised to minimize the total workflow execution cost while meeting the deadline and risk rate constraints. Extensive experiments using three real-world scientific workflow applications, as well as CloudSim simulation framework, demonstrate the effectiveness and practicality of our algorithm.

Xiaolong Xu,Qingfan Geng,Hao Cao,Ruichao Mo,Shaohua Wan,Lianyong Qi,Hao Wang

DOI: https://doi.org/10.1007/978-981-15-1304-6_18

2019-01-01

Abstract:In edge computing, the workflow is used to simulate and manage computing tasks as well as information exchange for compute-intensive and data-intensive application, which is convenient for the various complex process to work orderly. However, the resource conflict among cooperative works of multiple mobile edge computing (MEC) nodes by workflow, together with the service failure and the performance degradation, bring about additional uncertainties of scheduling strategies. Consequently, such uncertainties delay the completion of tasks and spoil the user experience. To deal with that issue, we propose a blockchain-powered resource provisioning (BPRP) method to design policies for workflows in the edge computing environment. Technically, we use the directed acyclic graph to indicate workflows of each edge node and regard its scheduling strategy as an individual gene to adapt to the following algorithm. Then, we use the non-dominated sorting genetic algorithm-III (NSGA-III) to optimize the workflow scheduling strategies on the basis of tasks’ timely completion with good quality. A large number of experiments were carried out to verify the effectiveness of our method.

Pramod S. Pawar,Ali Sajjad,Theo Dimitrakos,David W. Chadwick

DOI: https://doi.org/10.1007/978-3-319-18491-3_21

2015-01-01

Abstract:The economic benefits of cloud computing are encouraging customers to bring complex applications and data into the cloud. However security remains the biggest barrier in the adoption of cloud, and with the advent of multi-cloud and federated clouds in practice security concerns are for applications and data in the cloud. This paper proposes security as a value added service, provisioned dynamically during deployment and operation management of an application in multi-cloud and federated clouds. This paper specifically considers a data protection and a host & application protection solution that are offered as a SaaS application, to validate the security services in a multi-cloud and federated cloud environment. This paper shares our experiences of validating these security services over a geographically distributed, large scale, multi-cloud and federated cloud infrastructure.

Muhammad H. Hilman,Maria A. Rodriguez,Rajkumar Buyya

DOI: https://doi.org/10.48550/arXiv.1903.01113

2020-06-24

Abstract:Increased adoption of scientific workflows in the community has urged for the development of multi-tenant platforms that provide these workflow executions as a service. As a result, Workflow-as-a-Service (WaaS) concept has been created by researchers to address the future design of Workflow Management Systems (WMS) that can serve a large number of users from a single point of service. These platforms differ from traditional WMS in that they handle a workload of workflows at runtime. A traditional WMS is usually designed to execute a single workflow in a dedicated process while WaaS cloud platforms enhance the process by exploiting multiple workflows execution in a multi-tenant environment model. In this paper, we explore a novel resource-sharing policy to improve system utilization and to fulfil various Quality of Service (QoS) requirements from multiple users in WaaS cloud platforms. We propose an Elastic Budget-constrained resource Provisioning and Scheduling algorithm for Multiple workflows that can reduce the computational overhead by encouraging resource sharing to minimize workflows' makespan while meeting a user-defined budget. Our experiments show that the EBPSM algorithm can utilize the resource-sharing policy to achieve higher performance in terms of minimizing the makespan compared to the state-of-the-art budget-constraint scheduling algorithm.

Distributed, Parallel, and Cluster Computing

Sunitha Pachala,Ch. Rupa,L. Sumalatha

DOI: https://doi.org/10.1007/s12065-020-00555-w

2021-02-10

Evolutionary Intelligence

Abstract:Storing and accessing the information in the multi-cloud hosting environment becomes popular these days. It offers benefits like the assurance of data protection, preventing information corruption, unethical issues from vendors. In this paper, a hybrid approach with the multi-cloud hosting environment is designed and implemented for improved security and privacy of cloud data. The hybrid method consists of three modules (a) Byzantine protocol to tolerant security breaches to server failures cloud, which is independent. (b) DepSky architecture enhances the reliability and secrecy of data preserved in the cloud using encoding and decoding techniques (c) Shamir secret sharing procedure to improve trustiness & privacy of data storage without affecting the performance. The privacy and security issues of the hybrid approach are implemented and compared with the protocols like SAML with proxy re-encryption and Kerberos for different user service requests. The performance of the hybrid approach in terms of memory utilization, encryption/decryption time, total authentication time is improved compared to that of protocol environments SAML, SAML with proxy re-encryption and Kerberos. The results were encouraging in the Hybrid Approach in terms of encryption time/decryption time, Memory utilization and average precision values.

Sarah Aldawood,Frank Fowley,Claus Pahl,Davide Taibi,Xiaodong Liu

DOI: https://doi.org/10.1109/w-ficloud.2016.19

2016-01-01

Abstract:With an increasing number of service providers in the cloud market, the competition between these is also increasing. Each provider attempts to attract customers by providing a high quality service with lowest possible cost and at the same time trying to make profit. Often, cloud resources are advertised and brokered in a spot market style, i.e., traded for immediate delivery. This paper proposes an architecture for a brokerage model specifically for multi-cloud resource spot markets that integrates the resource brokerage function across several cloud providers. We use a tuple space architecture to facilitate coordination. This architecture supports specifically multiple cloud providers selling unused resources in the spot market. To support the matching process by finding the best match between customer requirements and providers, offers are matched with regard the lowest possible cost available for the customer in the market at the time of the request. The key role of this architecture is to provide the coordination techniques built on a tuple space, adapted to the cloud spot market.

Shunmei Meng,Weijia Huang,Xiaochun Yin,Mohammad R. Khosravi,Qianmu Li,Shaohua Wan,Lianyong Qi

DOI: https://doi.org/10.1109/tii.2020.2995348

IF: 12.3

2021-01-01

IEEE Transactions on Industrial Informatics

Abstract:Nowadays, large number of cloud-based techniques have been used in industrial control systems (ICS), which also brings many security threats. The emergence of security-aware industrial control has paved the way of security-aware scheduling in cloud-based industrial applications. Actually, most cloud-based industrial applications are time sensitive, which need real-time processing. Edge cloud computing paradigm extends the computing ability of traditional cloud model with low-latency local resources. Thus, heterogeneous clouds that consist of both centralized resources and edge resources may be a promising resource model to provide both scalable and low-latency resources for cloud-based industrial applications. In view of these challenges, in this article, we propose a security-aware dynamic scheduling method for real-time resource allocation in ICS. First, a three-level security model is designed for both tasks and cloud resources in ICS, and a two-tier heterogeneous cloud architecture is introduced. Accordingly, a security-aware scheduling method based on distributed particle swarm optimization is presented for resource allocation with security concerns. To deal with the dynamics of edge resources and the mobility of mobile industrial applications, a dynamic scheduling mechanism based on dynamic workflow model is proposed for real-time optimization. Experimental results validate that the scheduling control policy proposed in this article can achieve a good balance between scheduling performance and security performance.

Maha Aljohani

DOI: https://doi.org/10.1002/cpe.8068

2024-03-07

Concurrency and Computation Practice and Experience

Abstract:Summary The data‐intensive workflow application executes tasks on edge servers and cloud platforms in a heterogeneous big‐data computing environment. Cloud and edge servers are vulnerable to node attacks and malicious links due to their wireless connections. Thus, detecting and mitigating rogue nodes in edge server communication environments during workflow execution is crucial. In today's workflow execution landscape, there is a rising emphasis on resolving Quality of Service (QoS) and security concerns within homogeneous execution settings. Workflow execution on diverse computing platforms has received limited research. We are developing an edge‐cloud‐specific Multi‐Layer Security and Quality‐Aware (MLSQA) framework to solve research issues in this area. Node attacks are detected via reputation‐based security features in the MLSQA framework, whereas link attacks are detected using machine learning. A unique trade‐off metrics technique optimizes workflow security and QoS parameters, reducing energy usage and makespan. In addition, a fault‐tolerant, energy‐efficient job offloading technique is described in detail to improve the system's resilience to errors. The experiment is conducted using complex (i.e., memory and CPU intensive) scientific procedures with intermediate job dependencies, namely Inspiral workflow. The MLSQA framework excels in threat detection, demonstrating lower false alarms, reduced energy consumption, and quicker implementation than the recent secure workflow execution architecture.

computer science, theory & methods, software engineering

Guoshi Xu,Fakai Lu,Huashan Yu,Zhuoqun Xu

DOI: https://doi.org/10.1109/gcc.2007.4

2007-01-01

Abstract:Certain bioinformatics research, such as sequence alignment, alternative splicing, protein function/structure prediction, gene identify, bio-chip data analysis, and so on, requires massive computing power, which is hardly available in a single computing node. In order to facilitate bioinformatics research, we have designed and implemented a distributed and parallel computing environment with grid technology, in which, biologists can solve bioinformatics problems using distributed computing resources in parallel and reduce execution time. In this environment, the computing power and program information of computing nodes are described with XML documents. A web service named Local Resource Management Service is deployed on each computing node so that the distributed resources can be accessed in a uniform manner. With an API suite, biologists can use distributed computing resources in parallel easily in their applications. Further more, users can monitor the status of distributed resources dynamically on the portal. A real use case of alternative splicing is also presented, through which we have analyzed the usability, efficiency, and stability of the environment.

Deepika Saxena,Ashutosh Kumar Singh

DOI: https://doi.org/10.48550/arXiv.2210.16602

2022-10-29

Distributed, Parallel, and Cluster Computing

Abstract:This paper proposes a conceptual model for a secure and performance-efficient workload management model in cloud environments. In this model, a resource management unit is employed for energy and performance proficient allocation of virtual machines while ensuring the secure processing of users' applications by defending against data breaches due to unauthorized access to virtual machines in real-time. The resource management unit is guided by a secure virtual machine management unit which is designed to generate information regarding unauthorized access or inter-communication links among active virtual machines. Also, a workload analyzer unit operates concurrently to estimate resource utilization information to assist the resource management unit in the performance-efficient allocation of virtual machines. Contrary to prior works which engage access control mechanisms, encryption, and decryption of data before the transfer and the use of tunneling for prevention of unauthorized access to virtual machines which raises excess computational cost overhead, the proposed model operates diversely for efficiently serving the same purpose.