Mufajjul Ali scite author profile

Abstract-Provenance plays a pivotal in tracing the origin of something and determining how and why something had occurred. With the emergence of the cloud and the benefits it encompasses, there has been a rapid proliferation of services being adopted by commercial and government sectors. However, trust and security concerns for such services are on an unprecedented scale. Currently, these services expose very little internal working to their customers; this can cause accountability and compliance issues especially in the event of a fault or error, customers and providers are left to point finger at each other. Provenance-based traceability provides a mean to address part of this problem by being able to capture and query events occurred in the past to understand how and why it took place. However, due to the complexity of the cloud infrastructure, the current provenance models lack the expressibility required to describe the inner-working of a cloud service. For a complete solution, a provenance-aware policy language is also required for operators and users to define policies for compliance purpose. The current policy standards do not cater for such requirement.To address these issues, in this paper we propose a provenance (traceability) model cProv, and a provenance-aware policy language (cProvl) to capture traceability data, and express policies for validating against the model. For implementation, we have extended the XACML3.0 architecture to support provenance, and provided a translator that converts cProvl policy and request into XACML type.

show abstract

A Provenance-Based Policy Control Framework for Cloud Services

Ali¹,

Moreau

2015

View full text Add to dashboard Cite

Abstract. In the context of software, provenance holds the key to retaining a mirror instance of the lifespan of a service, which can be replayed/reproduced from the beginning. This entails the nature of invocations that took place, how/where the data were created, modified, updated and the user's engagement with the service. With such an encyclopedia of information, it opens up a diversity of value-added features (compliance control, accountability) that can improve the usability of a service.In this paper, we extend our previous work on the provenance-based policy language (cProvl) and model (cProv) by proposing a preliminary policy control framework. The framework provides the necessary building blocks for integrating and developing services that are able to generate and use provenance data for provenance-based compliance control, which runs on a XACML engine. We demonstrate the capability of the framework by applying it to a service case, and conduct benchmarks to determine its scalability and performance.

show abstract

Can a Mobile Cloud Be More Trustworthy than a Traditional Cloud?

Ali

2012

View full text Add to dashboard Cite

Abstract. Cloud computing is deemed to be the next big trend nebulous. Various sectors have expressed interest in its adoption, including banking, the government, education, manufacturing and telecommunication. With the promise of cost saving and flexibility also comes the greater challenge of security in-particularly "trust". One of the common questions asked by many users is "Can the cloud be trusted?" Telecommunication service providers have been trusted for many years, and have been adopted my millions of users world wide. With the emerging vision of new mobile cloud providers, the ultimate question lies in asking, can a mobile cloud provider be a more trustworthy provider than the traditional ones?Keywords: Cloud computing, Trust, Security, Telco. IntroductionCloud computing (CC) is built on many existing tools and technologies reducing the cost of service delivery whilst increasing the speed and agility of service deployment [1]. The core technology behind cloud computing is virtualization; it empowers the whole cloud computing paradigm. The virtualization technology allows the separation of physical hardware and the operating system by creating an abstract layer between both. This allows a greater degree of flexibility by being able to share the same physical resources virtually by more than one OS.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Mufajjul Ali

Green Cloud on the Horizon

A Provenance-Aware Policy Language (cProvl) and a Data Traceability Model (cProv) for the Cloud

A Provenance-Based Policy Control Framework for Cloud Services

Can a Mobile Cloud Be More Trustworthy than a Traditional Cloud?

Contact Info

Product

Resources

About