Professional Documents
Culture Documents
ORG
146
Department of Electrical Engineering and Computer Science at Iran University of Science and Technology (IUST); Tehran, Iran 2 Department of Art and Architecture, Science and Research Branch Islamic Azad University; Tehran, Iran (*Corresponding author: Mohammad Abedi)
Introduction:
We told this social network and social service as a Cloud, because the concept of this technology is still cloudy, we havent enough knowledge about hardware and/or software platforms of such network, also we havent any information about its architecture and the location of resources. Cloud computing is very promising technology that may undoubtedly change the way many companies operating. It is prominent, in fact, that they create new offers on the providers side and, conversely, new needs on the users side. In other words, Cloud technologies are potentially able to transform
networks, through the interconnection of dispersed resources located in different geographical places, services and lives. The transformation of services supplied by internet providers imply the advent and consolidation of Software as a Service (hereinafter SaaS) [1], and/or Resource as a Service (hereinafter RaaS), virtual hardware, etc. these are all examples of the phenomenon of dematerialisation and virtualisation of physical items that involve to a great extent hardware that often, is provided as a service. Transformation of lives means that companies and consumers are expected to become familiar with the idea that their data are not stored in-house, but theyre stored in the Cloud, i.e. in the dispersed servers of the provider. The current developments in the field of Cloud computing are (maybe) paving the way to the personal computer and servers of the future, composed just of a monitor, a keyboard, a mouse and an internet connection. Potentially, in fact, all data conventionally stored in the hard disk of the computer can be retrieved online from the portal of the Cloud provider. Cloud Computing System (CCS) aims to power the next generation data centers and enables application service providers to lease data center capabilities for deploying applications depending on user Quality of Service (QoS) requirements. Huge investments and complex managements are shifted from users to providers. Mobile cloud is a machine-to-machine service model, where a mobile device can use the cloud for searching, data mining, and multimedia processing. To protect the processed data, security services, i.e., encryption, decryption, authentications, etc., are performed in the cloud.
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 9, SEPTEMBER 2012, ISSN (Online) 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
147
In general, we can classify cloud security services in two categories: Critical Security (CS) service and Normal Security (NS) service. CS service provides strong security protection such as using longer key size, strict security access policies, and isolations for protecting data, and so on. The CS service usually occupies more cloud computing resources; however it generates more rewards to the cloud provider since the CS service users need to pay more for using the CS service. With the increase of the number of CS and NS service users, it is important to allocate the cloud resource to maximize the system rewards with the considerations of the cloud resource consumption and incomes generated from cloud users. Cloud computing is a new network computing paradigm based on IP architecture, it is everywhere, pick up any tech magazine or visit almost any IT website or blog and you'll be sure to see talk about cloud computing. Cloud computing applications without borders, mobility and other characteristics has led to their own safety and security issues in the security field. Elasticity of cloud computing eases the burden of capacity planning. Cloud computing users dynamically provision IT resources tracking their fluctuating demand, and only pay for their usage. Therefore, cloud computing essentially shifts the burden of capacity planning from user's side to provider's side. On the other hand, providers take this burden with the optimistic assumption that diverse workloads from various users will flatten the overall demand curve. However, this optimistic hypothesis has not been proved yet in the real world cases. In fact, counter evidences have been raised. December 2009, Amazon Web Services (AWS), a leading infrastructure cloud service provider, started to offer a real-time pricing for computing resources -- Amazon EC2 Spot Instances (SIs). Real-time pricing, in principle, encourages users to shift their flexible workloads from provider's peak hours to off-peak hours with monetary incentives. Interestingly, from our observation on AWS's one-year SI price history datasets, we conclude that the observed
monetary incentive is not large enough to motivate users to shift their workloads. It is reasonable for users to choose SIs over ondemand instances because SIs is 52.3% cheaper on average. After that, shifting the workload to cheaper period provides only 3.7 % additional cost savings at best. Moreover, both average cost savings and price fluctuation have not been meaningfully changed over time. Cloud computing enables IT systems to be scalable and elastic. One significant advantage of it is users no longer need to determine their exact computing resource requirements upfront. Instead, they request computing resources as required, on-demand. Cloud Computing is often described as "resources accessed via a browser over the Internet." However, this definition has become increasingly insufficient to characterize the breadth of applications and use cases for the cloud, and the networks that must support them. A broadening range of endpoints are accessing the cloud: browser-free device apps, multimedia endpoints such as video and game consoles, sensor networks, servers, and storage. The wireline and wireless network requirements-e.g., jitter, latency, packet loss, protocol support-for these uses vary, and imply that a variety of network capabilities are sometimes necessary: e.g., MPLS for quality of service via class of service to support interactive high definition video in the cloud; optical transport for native protocols such as Fiber Channel for data integration in hybrid cloud scenarios; route control for country compliance issues. Also, distributed topologies and optimized routing are required due to application latency constraints. Moreover, wireless sensor networks and hybrid cloud scenarios such as cloudbursting that require a variety of complex distributed data approaches are driving new transport requirements: guaranteed bandwidth, dynamic bandwidth on demand, and usage-sensitive pricing for fine-grained quantities and duration of bandwidth. Cloud Computing, either as an integrated service or in support of pure-play customers must drive service providers' international telecommunications infrastructure evolution as well as BSS/OSS.
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 9, SEPTEMBER 2012, ISSN (Online) 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
148
As multi-core processors with tens or hundreds of cores begin to grow, system optimization issues once faced only by the High-Performance Computing (HPC). To satisfy the requirement, one can leverage multi-core architectures to parallelize traffic monitoring so as to progress information processing capabilities over traditional uni-processor architectures. Cloud computing is an emerging computing paradigm. It aims to share data valuations, and services transparently among users of a massive grid. It became a hot issue for its advantage such as "reduce costs", "increase business flexibility" and/or "provide business continuity". We study methods to discuss the cloud computing opportunity for Chinese IT industry. Build a model to describe the kernel element in cloud computing industry. High-speed networks and low-cost commodity components which becomes progressively cheaper, faster and easily available, led Computer Science (CS) research focus shifting from programming computers to the question of how best to design, build, analyze, and operate networks [20]. New requirements and challenges are today met by the design of a new operational model which is enabled by an old technology (i.e. Virtualization), rather than the implementation of a new technology: Cloud Computing. Although CS is mainly fostering Cloud Computing solutions solely for specific fields, such as enterprise and transactional Web applications (e.g. Amazon EC 2 aws.amazon.com/ec2), this pervasive paradigm is generating a metaphor that enables to access and share software in the Internet as data in a way which is natural for human beings. The ability to record and keep account of the usage of cloud resources in a credible and verifiable way is a precursor to widespread cloud deployment and availability because usage information is potentially sensitive and must be verifiably accurate. In an attempt to provide a mutually verifiable resource usage and billing mechanism, we found that the frequent asymmetric key operations of a digital signature lead to excessive computations and a bottleneck of billing transactions.
While cloud computing (CC) is a scalable model of shared infrastructure and on-demand computing, it lacks a transparent trust and security mechanism. A data owner (DO) loses control over the data outsourced to a machine in the cloud controlled and operated by a cloud service provider (CSP). This machine is at a location unknown to a data owner. This loss of control over data is further intensified with the lack of managing users' access to the data from practical cloud computing perspectives. Cloud computing provides cost-efficient opportunities for enterprises by offering a variety of dynamic, scalable, and shared services. Usually, cloud providers provide assurances by specifying technical and functional descriptions in Service Level Agreements (SLAs) for the services they offer. The descriptions in SLAs are not consistent among the cloud providers even though they offer services with similar functionality. Therefore, customers are not sure whether they can identify a trustworthy cloud provider only based on its SLA. To support the customers in reliably identifying trustworthy cloud providers, we propose a multi-faceted Trust Management (TM) system architecture for a cloud computing marketplace. This system provides means to identify the trustworthy cloud providers in terms of different attributes (e.g., security, performance, compliance) assessed by multiple sources and roots of trust information. Cloud Computing is an emerging technology in the area of parallel and distributed computing. Clouds consist of a collection of virtualized resources, which include both computational and storage facilities that can be provisioned on demand, depending on the users' needs. Gang Scheduling is an efficient technique for scheduling parallel jobs, already applied in the areas of Grid and Cluster computing. Based on cloud-computing and ecological database, an anti-forest-fire ecological management system was designed to detect control and eliminate the forest fire. The cloud computing platform was used to collect manage and analyze the ecological data about the forest fire etc., by monitoring the forest fire in ecology and managing the information center. The
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 9, SEPTEMBER 2012, ISSN (Online) 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
149
cloud-computing platform against the forest fire was built with the cloud-computing simulation toolkit CloudSim, which is a framework for modeling and simulating cloud computation in infrastructures and services. The anti-forest-fire ecological management system was a kind of parallel decision support system for dealing with the forest fire in ecology, and it provided accurate timely and comprehensive information. Besides, the system can help the forestry department to make pre-arranged plans to satisfy the actual needs of security management, improve the intelligence and automation for managing the forest fire ecologically, and increase efficiency. The new technique can be used to improve the ecosystem of forest fire management and maximize the stability and security of the forest ecosystem. Scientific computing often requires the availability of a massive number of computers for performing large scale experiments. Traditionally, high-performance computing solutions and installed facilities such as clusters and super computers have been employed to address these needs. Cloud computing provides scientists with a completely new model of utilizing the computing infrastructure with the ability to perform parallel computations using large pools of virtual machines (VMs). The infrastructure services (Infrastructure-as-aservice), provided by these cloud vendors, allow any user to provision a large number of compute instances. However, scientific computing is typically characterized by complex communication patterns and requires optimized runtimes. Today, VMs are manually instantiated, configured and maintained by cloud users. These coupled with the latency, crash and omission failures in service providers, results in an inefficient use of VMs, increased complexity in VM-management tasks, a reduction in the overall computation power and increased time for task completion. Mobile cloud computing is a combination of mobile computing and cloud computing, and provides cloud computing environment through various mobile devices. Recently, due to rapid expansion of smart phone market and wireless communication environment, mobile devices are
considered as resource for large scale distributed processing. But mobile devices have several problems, such as unstable wireless connection, limitation of power capacity, low communication bandwidth and frequent location changes. As resource providers, mobile devices can join and leave the distributed computing environment unpredictably. This interrupts the undergoing operation, and the delay or failure of completing the operation may cause a system failure. Because of low reliability and noguarantee of completing an operation, it is difficult to use a mobile device as a resource. That means that mobile devices are volatile. Therefore, we should consider volatility, one of dynamic characteristics of mobile devices, for stable resource provision. Currently, Cloud network operators and service providers are managing server, network and storage resources by various management systems to manage hardware, applications, traffic, and resources monitoring including bandwidth, storage capacity, and throughput utilization. However, these systems are not coordinated with accounting, security and configuration systems to provide end-to-end service management. Various players are emerging to provide remote computing and storage resources over the cloud network. Telecommunications grade operation systems will be the key to realize end-to-end service management, and resource management to assure application quality of service. The scope of this paper is to assess whether or not, from the legal point of view, it is feasible that these innovations continue in reality or, to the contrary, whether the development of Cloud computing is expected to slow down or to stop. Actually, in fact, Cloud market is still a niche, although the investments made by private companies and public institutions, mainly in Europe and in the United States, allow analysts to be optimistic about the future of these technologies. Cloud Computing is hinting at a future in which we won't compute on local computers, but on centralized facilities operated by third-party compute and storage utilities. We sure won't miss the shrink-wrapped software to unwrap
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 9, SEPTEMBER 2012, ISSN (Online) 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
150
and install. Needless to say, this is not a new idea. In fact, back in 1961, computing pioneer John McCarthy predicted that "computation may someday be organized as a public utility", and went on to speculate how this might occur. In the mid 1990s, the term Grid was coined to describe technologies that would allow consumers to obtain computing power on demand. Ian Foster and others posited that by standardizing the protocols used to request computing power, we could spur the creation of a Computing Grid, analogous in form and utility to the electric power grid. Researches subsequently developed these ideas in many exciting ways, producing for example largescale federated systems (TeraGrid, Open Science Grid, caBIG, EGEE, Earth System Grid) that provide not just computing power, but also data and software, on demand. Standards organizations (e.g., OGF, OASIS) defined relevant standards. The legal perspective is pivotal in order to assess the future of Cloud computing and of their providers since the applicable legal framework is not neutral in facilitating or limiting that expansion of businesses and innovations [1]. Legal aspects, in fact, can be seen as forces that, often very subtly, deploy their effects on markets and businesses, acting as barriers or enablers. In the next pages some selected legal forces will be taken into consideration and their impact on some research questions will be investigated. The first question is if, and to what extent, the applicable legal framework can stimulate the starting up and growing of Cloud technology providers and of Cloud-based service providers (e.s. SaaS, RaaS, etc). Furthermore, the paper will investigate whether or not such a legal framework can stimulate companies and individuals to become users of Cloud technologies, to store their data in the Cloud instead of traditional storing methods, to use software as services from remote locations, etc. History of computer science has had fundamental changes. For example in first generation of computers (from 1945 until 1956), vacuum tube was used in computers. In 2nd generation (from 1956 until 1963) by the
invention of transistors, these tiny devices were used in computers. After that, integrated circuits were used in 3rd generation of computers (1963 to 1971). Finally in 4th generation (since 1971 up to now), along with technology advancement, Large Scale Integration (LSI) circuits, Very Large Scale Integration (VLSI) and Ultra Large Scale Integration (ULSI) were used in computers. Nowadays new technology that is named as Cloud Computing is creating a new era in computer industry and processing power. By reviewing the historical points, we can understand that the idea of Cloud Computing taken from this fact: When the current user or users dont require the processing resources, these resources can be assigned to other users. Most simple definition of Cloud Computing is: Access to enormous resources and processing powers even, through cheap computers.
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 9, SEPTEMBER 2012, ISSN (Online) 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
151
countries is called to fill this gap. However, some legal forces, which will be analysed below, render this task more cumbersome for American companies that are willing to enter the market of Cloud technology providers. Factors are partially different for Cloud-based service providers, where America plays a notable role. However, this market is still limited and also in this sense its development is affected by the applicable legal framework. The legal forces hereto analysed affect the chances (for both technology and service providers) to enter the market, the possibilities to be successful by reducing the compliance costs, and the risks to exit from the market.
enterprises that otherwise would not have many chances. At the same time, lack of patent protections may reduce the growth of companies that are already in the market. In other words, a definite solution cannot be reached, but nevertheless it is important that the competent political and jurisdictional authorities are aware that software unpatentability is not the only possible way and that it may be challenged.
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 9, SEPTEMBER 2012, ISSN (Online) 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
152
potentially affect the willingness of these consumers to shop on the Internet. In other words, the countries lawmaker made a real counter-reform aimed to make more difficult the life for many providers of electronic services and to increase their costs and burdens (wherever they are established). This may have of course a negative impact on existing and/or future Cloud technology and service providers.
now pivotal to assess which juridical forces are likely to affect the customers side, i.e. to what extent the applicable legal framework limits or enhances the adoption of Cloud technologies by customers. Both businesses and consumers, in fact, are expected to trust Cloud technology and service providers and to renounce, to a variable extent, to the direct control of their data, files, information etc that are stored or processed in the Cloud. If customers are reluctant to accept this fact the Cloud market does not have many possibilities to take off and pave the way to the abovementioned personal computer or servers of the future. This issue regards computer scientists but also lawyers and policymakers that have the pivotal role to found the trust of customers towards providers on solid grounds. In other words, the trust that clients currently have towards Cloud providers is basically market-driven, i.e. it is based on the reputation of these suppliers and on the legitimate expectation that they will respect their promises. This means that special attention must be paid to the contractual obligations of the providers: basically they assure, typically in a Service Level Agreement (hereinafter SLA), that a certain level of availability and quality of services (QoS) will be respected. At the same time, they will tend to protect themselves limiting as much as possible their liabilities and the possibilities for the customer to ask for compensation if the obligations of the provider are not respected or, in a worse scenario, if the data stored and/or processed by the supplier get lost or corrupted due to security failures. The situation as defined pursuant to the applicable legal framework can be summarised as follows. First of all, it is necessary to separate two categories of customers: consumers and businesses. The former are all those that operate outside their trade or profession for purely personal purposes: The SLA (or other contract that regulates the provision of Cloud services) shall be regulated by the law of the country where the consumer has his habitual residence if, basically, the provider addresses this country through his website/portal. Furthermore, the parties can state that another law will govern
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 9, SEPTEMBER 2012, ISSN (Online) 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
153
the contract, but consumer protection rules of the country of residence of the consumer apply. Pursuant to other applicable legal sources the provisions in the agreement that are too unbalanced in favour of the provider are invalid. The consumer can sue the provider in the court of his country of domicile or of the country where the provider is domiciled (basically where the supplier has his headquarter or principal place of business); at the same time the consumer can be sued only in the courts of the state where the consumer himself is domiciled. These rules are of strict applicability and basically cannot be derogated by the parties, unless in some specific cases. As regards B2B transactions, things are dramatically different, so that the provider can limit his contractual liability and it can be agreed that the competent court will be that of the place where the supplier is domiciled. In practice this means that very often the customer will not be able to get any compensation for the damages he suffered from the infringement of the contractual obligations of the Cloud provider, also in case of security failures. Precisely for these reasons many businesses are extremely reluctant to store data and information in the Cloud, and the same applies for services that are provided from remote locations and that require that these data and information are processed in the Cloud. Honestly, from the legal point of view, it is not possible to say that these companies that prefer to act in traditional ways and to keep their data under their direct control are completely wrong and irrational. The risk may be more or less low, but the problematic issue is that there is no legal protection in case of problems, security failures, etc. It is therefore highly advisable that the country lawmaker takes into consideration this issue and analyses whether or not it is fair that businesses do not have adequate protection when dealing with technology and service providers. This point is even more urgent if one considers that very often the customer does not negotiate the content of the SLA he enters into, since this
Conclusion:
The experience and research shows very clearly that Cloud computing are very promising and that they are potential tools to transform all the community software and hardware market. The era of applications, resources, computing capacity, etc. supplied as a service from remote locations in a flexible and scalable way is definitely open [1]. Its further development depends also on some legal factors that may impede that this process continues and that country technology and service providers play a pivotal role at global level. In lights of the considerations expressed above, we can say that it is probably the time to rethink and reshape the notions of software patentability without ideological influences. At the same time, it is advisable that the country lawmaker amends the VAT regime applicable to B2C provisions of eservices and that the criterion that the place of taxation is the suppliers Member State is preferred and re-adopted. As regards risks faced by the Cloud providers, it was assessed that the applicable legal framework should free potential entrepreneurs from the fear to be bankrupted, in other words it is necessary to harmonise protection of creditors with creation of new companies, i.e. with innovation and more jobs. Cloud computing is a rapidly developing information technology that has aroused the concern of the whole world. Cloud computing is an Internet-based application platform, which provides enterprises with shared resources including hardware, software, data storage, and customizable business applications on demand. Cloud computing technology provides a new way to construct banks' information system. Cloud Computing is a generic term for delivering hosted services over the Internet. It follows a pay-as-you-go approach. Cloud Computing offers numerous benefits for the enterprises, however, there are also many issues, as with any new paradigm or technology. One of the main issues relate to the security and confidentiality of customer data in terms of its location, relocation, availability and security.
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 9, SEPTEMBER 2012, ISSN (Online) 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
154
Cloud computing is a new internet-based supercomputing principle and practice, which supplies dynamic, scalable, and pay-per-use services and has huge computing and storage capacity with high reliability and security. Furthermore, creating trust which is based on solid legal grounds is absolutely important. This may happen through both traditional legal ways (amendment of existing legislation aimed to improve the level of protection for customers in B2B transactions) or through so-called instruments of soft law or best practices. In particular, a good idea would be that of creating a label for technology and service providers that use fair contractual provisions in their SLAs, so that companies can easily recognize the trustable suppliers. This would also stimulate a race to the top by all players in the market in order to keep or increase their market share. An independent authority should be in charge of analyzing which providers deserve this label and the task of public institutions would be that of implementing, promoting and disseminating the system and the corresponding good practices.
Biographies:
Mohammad Abedi: received his B.Sc. degree in Computer Engineering (with Software tendency) from University of Mashhad in 2005. His research areas are Cloud Computing, Design and Implementation of Distributed networks. Now he is master student in Iran University of Science and Technology (IUST); Tehran, Iran. His email address is:
Mehdi Darbandi: received his B.Sc. degree in Electrical Engineering from University of Mashhad in 2012. His research areas are Kalman Filter, Matlab Simulink, Evolutionary Algorithms, and Cloud Computing. Now he is master student in Iran University of Science and Technology (IUST); Tehran, Iran. His e-mail address is:
References
[1] David C. Wyld; the cloudy future of government IT: cloud computing and the public sector around the world, IJWesT, Vol. 1, Num. 1, Jan. 2010. [2] Jean-Daniel Cryans, Alain April, Alain Abran; criteria to compare cloud computing with current database technology, R. Dumke et al. (Eds.): IWSM / MetriKon / Mensura 2008, LNCS 5338, pp. 114-126, 2008. [3] Anil Madhavapeddy, Richard Mortier, Jon Crowcroft, Steven Hand; multiscale not multicore: efficient heterogeneous cloud computing, published by the British Informatics Society Ltd. Proceedings of ACM-BCS Visions of Computer Science 2010. [4] Harold C. Lim, Shivnath Babu, Jeffrey S. Chase, Sujay S. Parekh; automated control in cloud computing: challenges and opportunities, ACDC09, June 19, Barcelona, Spain. [5] Daniel Nurmi, Rich Wolski, Chris Grzegorczyk, Graziano Obertelli, Sunil Soman, Lamia Youseff, Dmitrii Zagorodnov; the eucalyptus open-source cloud computing system.
Jalal Nakhaei: is currently PhD. Student in Art and Architecture Engineering in Science and Research
Branch Islamic Azad University; Tehran, Iran. His research areas are Information Technology (IT), Secure Spaces, and Structures. His e-mail address is: