Cloud computing is very attractive for schools, research institutions and enterpri- ses which need reducing IT costs, improving computing platform sharing and meeting lice- nse constraints. Sharing, management and on-...Cloud computing is very attractive for schools, research institutions and enterpri- ses which need reducing IT costs, improving computing platform sharing and meeting lice- nse constraints. Sharing, management and on- demand allocation of network resources are particularly important in Cloud computing. Ho- wever, nearly all-current available cloud com- puting platforms are either proprietary or their software infrastructure is invisible to the rese- arch community except for a few open-source platforms. For universities and research insti- tutes, more open and testable experimental plat- forms are needed in a lab-level with PCs. In this paper, a platform of infrastructure resou- rce sharing system (Platform as a Service (PaaS)) is developed in virtual Cloud comput- hug environment. Its architecture, core modules, main functions, design and operational envir- onment and applications are introduced in de- tail. It has good expandability and can impr- ove resource sharing and utilization and is app- lied to regular computer science teaching and research process.展开更多
With the rapid development of social,science and technology ,we are always looking for the advanced and rapid manufacturing method and the management pattern.thus a new enterprise cooperation pattern-Virtual Enterpris...With the rapid development of social,science and technology ,we are always looking for the advanced and rapid manufacturing method and the management pattern.thus a new enterprise cooperation pattern-Virtual Enterprise arises at the historic moment. The cooperation is a process which advantages the temporary enterprise resources each other. Therefore, the virtual enterprise must encounter the problem that how to realize the virtual enterprises’ information resources sharing and improve the efficiency of enterprise cooperation. This paper uses the cloud computing’s advantage to solve the problem of virtual enterprise information resources sharing. Then enterprise is able to share the information of different regions,different computing environment and improve the efficiency of virtual enterprise cooperation.展开更多
Cloud computing is a new computing model. The application of cloud computing to the field of higher education informatization has been very popular currently. In this paper, the concept and characteristics of cloud co...Cloud computing is a new computing model. The application of cloud computing to the field of higher education informatization has been very popular currently. In this paper, the concept and characteristics of cloud computing are introduced, the current situation of the teaching resources sharing and construction in colleges and universities is analyzed, and finally the influence of cloud computing on the construction of teaching information resources is discussed.展开更多
The Cloud is increasingly being used to store and process big data for its tenants and classical security mechanisms using encryption are neither sufficiently efficient nor suited to the task of protecting big data in...The Cloud is increasingly being used to store and process big data for its tenants and classical security mechanisms using encryption are neither sufficiently efficient nor suited to the task of protecting big data in the Cloud.In this paper,we present an alternative approach which divides big data into sequenced parts and stores them among multiple Cloud storage service providers.Instead of protecting the big data itself,the proposed scheme protects the mapping of the various data elements to each provider using a trapdoor function.Analysis,comparison and simulation prove that the proposed scheme is efficient and secure for the big data of Cloud tenants.展开更多
In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencry...In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.展开更多
The adoption of Cloud Computing services in everyday business life has grown rapidly in recent years due to the many benefits of this paradigm. The various collaboration tools offered by Cloud Computing have eliminate...The adoption of Cloud Computing services in everyday business life has grown rapidly in recent years due to the many benefits of this paradigm. The various collaboration tools offered by Cloud Computing have eliminated or reduced the notion of distance between entities of the same company or between different organizations. This has led to an increase in the need to share resources (data and services). Community Cloud environments have thus emerged to facilitate interactions between organizations with identical needs and with specific and high security requirements. However, establishing trust and secure resource sharing relationships is a major challenge in this type of complex and heterogeneous environment. This paper proposes a trust assessment model (SeComTrust) based on the Zero Trust cybersecurity strategy. First, the paper introduces a community cloud architecture subdivided into different security domains. Second, it presents a process for selecting a trusted organization for an exchange based on direct or recommended trust value and reputation. Finally, a system for promoting or relegating organizations in the different security domains is applied. Experimental results show that our model guarantees the scalability of a community cloud with a high success rate of secure and quality resource sharing.展开更多
Data sharing is a main application of cloud computing. Some existing solutions are proposed to provide flexible access control for outsourced data in the cloud. However, few attentions have been paid to group-oriented...Data sharing is a main application of cloud computing. Some existing solutions are proposed to provide flexible access control for outsourced data in the cloud. However, few attentions have been paid to group-oriented data sharing when multiple data owners want to share their private data for cooperative purposes. In this paper, we put forward a new paradigm, referred to as secure, scalable and efficient multi-owner(SSEM) data sharing in clouds. The SSEM integrates identity-based encryption and asymmetric group key agreement to enable group-oriented access control for data owners in a many-to-many sharing pattern. Moreover, with SSEM, users can join in or leave from the group conveniently with the privacy of both group data and user data.We proposed the key-ciphertext homomorphism technique to construct an SSEM scheme with short ciphertexts. The security analysis shows that our SSEM scheme achieves data security against unauthorized accesses and collusion attacks. Both theoretical and experimental results confirm that our proposed scheme takes users little costs to share and access outsourced data in a group manner.展开更多
In Cloud computing, data and service requests are responded by remote processes calls on huge data server clusters that are not totally trusted. The new computing pattern may cause many potential security threats. Thi...In Cloud computing, data and service requests are responded by remote processes calls on huge data server clusters that are not totally trusted. The new computing pattern may cause many potential security threats. This paper explores how to ensure the integrity and correctness of data storage in cloud computing with user's key pair. In this paper, we aim mainly at constructing of a quick data chunk verifying scheme to maintain data in data center by implementing a balance strategy of cloud computing costs, removing the heavy computing load of clients, and applying an automatic data integrity maintenance method. In our scheme, third party auditor (TPA) is kept in the scheme, for the sake of the client, to periodically check the integrity of data blocks stored in data center. Our scheme supports quick public data integrity verification and chunk redundancy strategy. Compared with the existing scheme, it takes the advantage of ocean data support and high performance.展开更多
In this paper, we present an approach to establish efficient and scalable service provisioning in the cloud environment using P2P-based infrastructure for storing, sharing and discovering services. Unlike most other P...In this paper, we present an approach to establish efficient and scalable service provisioning in the cloud environment using P2P-based infrastructure for storing, sharing and discovering services. Unlike most other P2P-based approaches, it allows flexible search queries, since all of them are executed against internal database presenting at each overlay node. Various issues concerning using this approach in the cloud environment, such as load-balancing, queuing, dealing with skewed data and dynamic attributes, are addressed in the paper. The infrastructure proposed in the paper can serve as a base for creating robust, scalable and reliable cloud systems, able to fulfill client’s QoS requirements, and at the same time introduce more efficient utilization of resources to the cloud provider.展开更多
This paper puts forward sharing teaching resources based on cloud computing solutions, through the use of architecture means virtualization technology based on KVM on the server side, the infrastructure layer manage t...This paper puts forward sharing teaching resources based on cloud computing solutions, through the use of architecture means virtualization technology based on KVM on the server side, the infrastructure layer manage the underlying physical hardware equipment. In the realization of the infrastructure layer using Libvirt virtualization management suite that provides a common API development Web, through the RDP protocol, and finally access to the remote virtual desktop browser by the graphical user interface (GUI) and traditional Web B/S architecture, to simulate and access to low-level resources and sharing of teaching resources, teaching resources can be achieved education informatization in the process of teaching.展开更多
Cloud computing has emerged as a vital platform for processing resource-intensive workloads in smart manu-facturing environments,enabling scalable and flexible access to remote data centers over the internet.In these ...Cloud computing has emerged as a vital platform for processing resource-intensive workloads in smart manu-facturing environments,enabling scalable and flexible access to remote data centers over the internet.In these environments,Virtual Machines(VMs)are employed to manage workloads,with their optimal placement on Physical Machines(PMs)being crucial for maximizing resource utilization.However,achieving high resource utilization in cloud data centers remains a challenge due to multiple conflicting objectives,particularly in scenarios involving inter-VM communication dependencies,which are common in smart manufacturing applications.This manuscript presents an AI-driven approach utilizing a modified Multi-Objective Particle Swarm Optimization(MOPSO)algorithm,enhanced with improved mutation and crossover operators,to efficiently place VMs.This approach aims to minimize the impact on networking devices during inter-VM communication while enhancing resource utilization.The proposed algorithm is benchmarked against other multi-objective algorithms,such as Multi-Objective Evolutionary Algorithm with Decomposition(MOEA/D),demonstrating its superiority in optimizing resource allocation in cloud-based environments for smart manufacturing.展开更多
Cloud computing has become prevalent in the sharing of outsourced data due to its strong computing power and storage capacity.Ensuring data security is vitally important when sharing data in the cloud.Recently,numerou...Cloud computing has become prevalent in the sharing of outsourced data due to its strong computing power and storage capacity.Ensuring data security is vitally important when sharing data in the cloud.Recently,numerous broadcast proxy re-encryption(BPRE)schemes have been designed to address the data security issues of such applications.However,there are no any BPRE schemes that have been designed to address the issue of updating the re-encryption key in a dynamic cloud environment.Therefore,the authors propose a lightweight dynamic broadcast proxy re-encryption scheme(LD-BPRE)to address this issue in dynamic settings where the data owner can dynamically change the set of data users and does not need to update the re-encryption key for the new set of data users.In other words,the proxy can reset a re-encryption ciphertext for the new set of data users using the original re-encryption key.This is significant in a dynamic cloud setting and provides convenience for cloud users.The proposed LD-BPRE is lightweight for users with low-power devices as most of the computing overhead is offloaded to the cloud.The authors formally define the LD-BPRE scheme and prove its security under a decision n-BDHE assumption in the standard model.Finally,extensive comparisons and experiments indicate that LD-BPRE is efficient and practical.展开更多
Storing and sharing databases in the cloud of computers raise serious concern of individual privacy. We consider two kinds of privacy risk: presence leakage, by which the attackers can explicitly identify individuals...Storing and sharing databases in the cloud of computers raise serious concern of individual privacy. We consider two kinds of privacy risk: presence leakage, by which the attackers can explicitly identify individuals in (or not in) the database, and association leakage, by which the attackers can unambiguously associate individuals with sensitive information. However, the existing privacy-preserving data sharing techniques either fail to protect the presence privacy or incur considerable amounts of information loss. In this paper, we propose a novel technique, Ambiguity, to protect both presence privacy and association privacy with low information loss. We formally define the privacy model and quantify the privacy guarantee of Ambiguity against both presence leakage and association leakage. We prove both theoretically and empirically that the information loss of Ambiguity is always less than the classic generalization-based anonymization technique. We further propose an improved scheme, PriView, that can achieve better information loss than Ambiguity. We propose efficient algorithms to construct both Ambiguity and PriView schemes. Extensive experiments demonstrate the effectiveness and efficiency of both Ambiguity and PriView schemes.展开更多
In cloud computing,various organisations store their confidential information in private or pub-lic cloud platforms.The data sharing through the various cloud platforms increases the risk of security.To attain data sh...In cloud computing,various organisations store their confidential information in private or pub-lic cloud platforms.The data sharing through the various cloud platforms increases the risk of security.To attain data sharing while sustaining data confidentiality,a secure sharing platform and collaboration model is needed.Hence,this paper introduces the novel secure authenti-cation and collaborative data sharing(SecAuth_CDS)scheme for sharing data on blockchain.The entities involved in the SecAuth_CDS are third parties,data owners,smart contracts and blockchain networks.The security of the authentication process can be boosted by applying various security operations,such as Exclusive OR(EXOR),hashing,encryption and so on.The proposed method assures that the sharing is secure and trustworthy by blockchain.The experi-mental result reveals that the SecAuth_CDS performed effectively in terms of revenue,memory usage and computation cost with the values of 27,62.20 MB and 0.003 sec.展开更多
基金supported by the Coalition for National Science Fundingunder Grant No.61150110486the Central University Funding under Grant No.ZYGX2013J073
文摘Cloud computing is very attractive for schools, research institutions and enterpri- ses which need reducing IT costs, improving computing platform sharing and meeting lice- nse constraints. Sharing, management and on- demand allocation of network resources are particularly important in Cloud computing. Ho- wever, nearly all-current available cloud com- puting platforms are either proprietary or their software infrastructure is invisible to the rese- arch community except for a few open-source platforms. For universities and research insti- tutes, more open and testable experimental plat- forms are needed in a lab-level with PCs. In this paper, a platform of infrastructure resou- rce sharing system (Platform as a Service (PaaS)) is developed in virtual Cloud comput- hug environment. Its architecture, core modules, main functions, design and operational envir- onment and applications are introduced in de- tail. It has good expandability and can impr- ove resource sharing and utilization and is app- lied to regular computer science teaching and research process.
文摘With the rapid development of social,science and technology ,we are always looking for the advanced and rapid manufacturing method and the management pattern.thus a new enterprise cooperation pattern-Virtual Enterprise arises at the historic moment. The cooperation is a process which advantages the temporary enterprise resources each other. Therefore, the virtual enterprise must encounter the problem that how to realize the virtual enterprises’ information resources sharing and improve the efficiency of enterprise cooperation. This paper uses the cloud computing’s advantage to solve the problem of virtual enterprise information resources sharing. Then enterprise is able to share the information of different regions,different computing environment and improve the efficiency of virtual enterprise cooperation.
文摘Cloud computing is a new computing model. The application of cloud computing to the field of higher education informatization has been very popular currently. In this paper, the concept and characteristics of cloud computing are introduced, the current situation of the teaching resources sharing and construction in colleges and universities is analyzed, and finally the influence of cloud computing on the construction of teaching information resources is discussed.
基金supported in part by the National Nature Science Foundation of China under Grant No.61402413 and 61340058 the "Six Kinds Peak Talents Plan" project of Jiangsu Province under Grant No.ll-JY-009+2 种基金the Nature Science Foundation of Zhejiang Province under Grant No.LY14F020019, Z14F020006 and Y1101183the China Postdoctoral Science Foundation funded project under Grant No.2012M511732Jiangsu Province Postdoctoral Science Foundation funded project Grant No.1102014C
文摘The Cloud is increasingly being used to store and process big data for its tenants and classical security mechanisms using encryption are neither sufficiently efficient nor suited to the task of protecting big data in the Cloud.In this paper,we present an alternative approach which divides big data into sequenced parts and stores them among multiple Cloud storage service providers.Instead of protecting the big data itself,the proposed scheme protects the mapping of the various data elements to each provider using a trapdoor function.Analysis,comparison and simulation prove that the proposed scheme is efficient and secure for the big data of Cloud tenants.
基金the National Natural Science Foundation of China(No.61133014)
文摘In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.
文摘The adoption of Cloud Computing services in everyday business life has grown rapidly in recent years due to the many benefits of this paradigm. The various collaboration tools offered by Cloud Computing have eliminated or reduced the notion of distance between entities of the same company or between different organizations. This has led to an increase in the need to share resources (data and services). Community Cloud environments have thus emerged to facilitate interactions between organizations with identical needs and with specific and high security requirements. However, establishing trust and secure resource sharing relationships is a major challenge in this type of complex and heterogeneous environment. This paper proposes a trust assessment model (SeComTrust) based on the Zero Trust cybersecurity strategy. First, the paper introduces a community cloud architecture subdivided into different security domains. Second, it presents a process for selecting a trusted organization for an exchange based on direct or recommended trust value and reputation. Finally, a system for promoting or relegating organizations in the different security domains is applied. Experimental results show that our model guarantees the scalability of a community cloud with a high success rate of secure and quality resource sharing.
基金supported in part by National High-Tech Research and Development Program of China(“863”Program)under Grant No.2015AA016004National Natural Science Foundation of China under Grants No.61173154,61272451,61572380
文摘Data sharing is a main application of cloud computing. Some existing solutions are proposed to provide flexible access control for outsourced data in the cloud. However, few attentions have been paid to group-oriented data sharing when multiple data owners want to share their private data for cooperative purposes. In this paper, we put forward a new paradigm, referred to as secure, scalable and efficient multi-owner(SSEM) data sharing in clouds. The SSEM integrates identity-based encryption and asymmetric group key agreement to enable group-oriented access control for data owners in a many-to-many sharing pattern. Moreover, with SSEM, users can join in or leave from the group conveniently with the privacy of both group data and user data.We proposed the key-ciphertext homomorphism technique to construct an SSEM scheme with short ciphertexts. The security analysis shows that our SSEM scheme achieves data security against unauthorized accesses and collusion attacks. Both theoretical and experimental results confirm that our proposed scheme takes users little costs to share and access outsourced data in a group manner.
基金Supported by the National Natural Science Foundation of China (60633020, 60573036)the Fundamental Funding Research Project of the Engineering College of APF (WJY 201026)
文摘In Cloud computing, data and service requests are responded by remote processes calls on huge data server clusters that are not totally trusted. The new computing pattern may cause many potential security threats. This paper explores how to ensure the integrity and correctness of data storage in cloud computing with user's key pair. In this paper, we aim mainly at constructing of a quick data chunk verifying scheme to maintain data in data center by implementing a balance strategy of cloud computing costs, removing the heavy computing load of clients, and applying an automatic data integrity maintenance method. In our scheme, third party auditor (TPA) is kept in the scheme, for the sake of the client, to periodically check the integrity of data blocks stored in data center. Our scheme supports quick public data integrity verification and chunk redundancy strategy. Compared with the existing scheme, it takes the advantage of ocean data support and high performance.
文摘In this paper, we present an approach to establish efficient and scalable service provisioning in the cloud environment using P2P-based infrastructure for storing, sharing and discovering services. Unlike most other P2P-based approaches, it allows flexible search queries, since all of them are executed against internal database presenting at each overlay node. Various issues concerning using this approach in the cloud environment, such as load-balancing, queuing, dealing with skewed data and dynamic attributes, are addressed in the paper. The infrastructure proposed in the paper can serve as a base for creating robust, scalable and reliable cloud systems, able to fulfill client’s QoS requirements, and at the same time introduce more efficient utilization of resources to the cloud provider.
文摘This paper puts forward sharing teaching resources based on cloud computing solutions, through the use of architecture means virtualization technology based on KVM on the server side, the infrastructure layer manage the underlying physical hardware equipment. In the realization of the infrastructure layer using Libvirt virtualization management suite that provides a common API development Web, through the RDP protocol, and finally access to the remote virtual desktop browser by the graphical user interface (GUI) and traditional Web B/S architecture, to simulate and access to low-level resources and sharing of teaching resources, teaching resources can be achieved education informatization in the process of teaching.
基金funded by Researchers Supporting Project Number(RSPD2025R 947),King Saud University,Riyadh,Saudi Arabia.
文摘Cloud computing has emerged as a vital platform for processing resource-intensive workloads in smart manu-facturing environments,enabling scalable and flexible access to remote data centers over the internet.In these environments,Virtual Machines(VMs)are employed to manage workloads,with their optimal placement on Physical Machines(PMs)being crucial for maximizing resource utilization.However,achieving high resource utilization in cloud data centers remains a challenge due to multiple conflicting objectives,particularly in scenarios involving inter-VM communication dependencies,which are common in smart manufacturing applications.This manuscript presents an AI-driven approach utilizing a modified Multi-Objective Particle Swarm Optimization(MOPSO)algorithm,enhanced with improved mutation and crossover operators,to efficiently place VMs.This approach aims to minimize the impact on networking devices during inter-VM communication while enhancing resource utilization.The proposed algorithm is benchmarked against other multi-objective algorithms,such as Multi-Objective Evolutionary Algorithm with Decomposition(MOEA/D),demonstrating its superiority in optimizing resource allocation in cloud-based environments for smart manufacturing.
基金supported by the National Key Research and Development Program of China under Grant No.2020YFA0712300in part by the National Natural Science Foundation of China under Grant Nos.62132005,61632012,62172162,and U1705264。
文摘Cloud computing has become prevalent in the sharing of outsourced data due to its strong computing power and storage capacity.Ensuring data security is vitally important when sharing data in the cloud.Recently,numerous broadcast proxy re-encryption(BPRE)schemes have been designed to address the data security issues of such applications.However,there are no any BPRE schemes that have been designed to address the issue of updating the re-encryption key in a dynamic cloud environment.Therefore,the authors propose a lightweight dynamic broadcast proxy re-encryption scheme(LD-BPRE)to address this issue in dynamic settings where the data owner can dynamically change the set of data users and does not need to update the re-encryption key for the new set of data users.In other words,the proxy can reset a re-encryption ciphertext for the new set of data users using the original re-encryption key.This is significant in a dynamic cloud setting and provides convenience for cloud users.The proposed LD-BPRE is lightweight for users with low-power devices as most of the computing overhead is offloaded to the cloud.The authors formally define the LD-BPRE scheme and prove its security under a decision n-BDHE assumption in the standard model.Finally,extensive comparisons and experiments indicate that LD-BPRE is efficient and practical.
文摘Storing and sharing databases in the cloud of computers raise serious concern of individual privacy. We consider two kinds of privacy risk: presence leakage, by which the attackers can explicitly identify individuals in (or not in) the database, and association leakage, by which the attackers can unambiguously associate individuals with sensitive information. However, the existing privacy-preserving data sharing techniques either fail to protect the presence privacy or incur considerable amounts of information loss. In this paper, we propose a novel technique, Ambiguity, to protect both presence privacy and association privacy with low information loss. We formally define the privacy model and quantify the privacy guarantee of Ambiguity against both presence leakage and association leakage. We prove both theoretically and empirically that the information loss of Ambiguity is always less than the classic generalization-based anonymization technique. We further propose an improved scheme, PriView, that can achieve better information loss than Ambiguity. We propose efficient algorithms to construct both Ambiguity and PriView schemes. Extensive experiments demonstrate the effectiveness and efficiency of both Ambiguity and PriView schemes.
文摘In cloud computing,various organisations store their confidential information in private or pub-lic cloud platforms.The data sharing through the various cloud platforms increases the risk of security.To attain data sharing while sustaining data confidentiality,a secure sharing platform and collaboration model is needed.Hence,this paper introduces the novel secure authenti-cation and collaborative data sharing(SecAuth_CDS)scheme for sharing data on blockchain.The entities involved in the SecAuth_CDS are third parties,data owners,smart contracts and blockchain networks.The security of the authentication process can be boosted by applying various security operations,such as Exclusive OR(EXOR),hashing,encryption and so on.The proposed method assures that the sharing is secure and trustworthy by blockchain.The experi-mental result reveals that the SecAuth_CDS performed effectively in terms of revenue,memory usage and computation cost with the values of 27,62.20 MB and 0.003 sec.
