Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 4 of 4
Full-Text Articles in Entire DC Network
Are You Cloud-Certified? Preparing Computing Undergraduates For Cloud Certification With Experiential Learning, Eng Lieh Ouh, Benjamin Gan
Are You Cloud-Certified? Preparing Computing Undergraduates For Cloud Certification With Experiential Learning, Eng Lieh Ouh, Benjamin Gan
Research Collection School Of Computing and Information Systems
Cloud Computing skills have been increasing in demand. Many software engineers are learning these skills and taking cloud certification examinations to be job competitive. Preparing undergraduates to be cloud-certified remains challenging as cloud computing is a relatively new topic in the computing curriculum, and many of these certifications require working experience. In this paper, we report our experiences designing a course with experiential learning to prepare our computing undergraduates to take the cloud certification. We adopt a university project-based experiential learning framework to engage industry partners who provide project requirements for students to develop cloud solutions and an experiential risk …
Match In My Way: Fine-Grained Bilateral Access Control For Secure Cloud-Fog Computing, Shengmin Xu, Jianting Ning, Yingjiu Li, Yinghui Zhang, Guowen Xu, Xinyi Huang, Robert H. Deng
Match In My Way: Fine-Grained Bilateral Access Control For Secure Cloud-Fog Computing, Shengmin Xu, Jianting Ning, Yingjiu Li, Yinghui Zhang, Guowen Xu, Xinyi Huang, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud-fog computing is a novel paradigm to extend the functionality of cloud computing to provide a variety of on demand data services via the edge network. Many cryptographic tools have been introduced to preserve data confidentiality against the untrustworthy network and cloud servers. However, how to efficiently identify and retrieve useful data from a large number of ciphertexts without a costly decryption mechanism remains a challenging problem. In this paper, we introduce a cloud fog-device data sharing system (CFDS) with data confidentiality and data source identification simultaneously based on a new cryptographic primitive named matchmaking attribute-based encryption (MABE) by extending …
Optimal Management Of Virtual Infrastructures Under Flexible Cloud Service Agreements, Zhiling Guo, Jin Li, Ram Ramesh
Optimal Management Of Virtual Infrastructures Under Flexible Cloud Service Agreements, Zhiling Guo, Jin Li, Ram Ramesh
Research Collection School Of Computing and Information Systems
A cloud service agreement entails the provisioning of a required set of virtual infrastructure resources at a specified level of availability to a client. The agreement also lays out the price charged to the client and a penalty to the provider when the assured availability is not met. The availability assurance involves backup resource provisioning, and the provider needs to allocate backups cost-effectively by balancing the resource-provisioning costs with the potential penalty costs. We develop stochastic dynamic optimization models of the backup resource-provisioning problem, leading to cost-effective resource-management policies in different practical settings. We present two sets of dynamic provisioning …
Practical And Effective Sandboxing For Linux Containers, Zhiyuan Wan, David Lo, Xin Xia, Liang Cai
Practical And Effective Sandboxing For Linux Containers, Zhiyuan Wan, David Lo, Xin Xia, Liang Cai
Research Collection School Of Computing and Information Systems
A container is a group of processes isolated from other groups via distinct kernel namespaces and resource allocation quota. Attacks against containers often leverage kernel exploits through the system call interface. In this paper, we present an approach that mines sandboxes and enables fine-grained sandbox enforcement for containers. We first explore the behavior of a container by running test cases and monitor the accessed system calls including types and arguments during testing. We then characterize the types and arguments of system call invocations and translate them into sandbox rules for the container. The mined sandbox restricts the container’s access to …