Abdelkader H. Ouda

Resource allocation in a network-based cloud computing environment: design challenges

Cloud computing is a utility computing paradigm that has become a solid base for a wide array of enterprise and end-user applications. Providers offer varying service portfolios that differ in resource configurations and provided services. A comprehensive solution for resource allocation is fundamental to any cloud computing service provider. Any resource allocation model has to consider computational resources as well as network resources to accurately reflect practical demands. Another aspect that should be considered while provisioning resources is energy consumption. This aspect is getting more attention from industrial and government parties. Calls for the support of green clouds are gaining momentum. With that in mind, resource allocation algorithms aim to accomplish the task of scheduling virtual machines on the servers residing in data centers and consequently scheduling network resources while complying with the problem constraints. Several external and internal factors that affect the performance of resource allocation models are introduced in this article. These factors are discussed in detail, and research gaps are pointed out. Design challenges are discussed with the aim of providing a reference to be used when designing a comprehensive energy-aware resource allocation model for cloud computing data centers.

A resource scheduling model for cloud computing data centers

Cloud computing is an increasingly popular computing paradigm, now proving a necessity for utility computing services. Each provider offers a unique service portfolio with a range of resources. Resource provisioning for cloud services in a comprehensive way is of crucial importance to any resource allocation model. Any model should consider both computational resources and network(data) resources to accurately represent and serve practical needs. We propose a new model to tackle the resource allocation problem for a group of cloud user requests. This includes provisioning for both data center computational resources and network resources. The model is implemented with the objective of minimizing the average tardiness of connection requests. Four combined scheduling algorithms are introduced and used to schedule virtual machines on data center servers and then schedule connection requests on the network paths available. Of the four methods, the method combining Resource Based Distribution technique and Duration Priority technique have shown the best performance getting the minimum tardiness while complying with the problem constraints.

Localization and security enhancement of block-based image authentication

Most block-based image authentication techniques that are presented in the literature sacrifice localization accuracy in order to resist vector quantization (VQ) counterfeiting attacks. In this paper, we show that strong cryptography schemes, which produce a long signature, can be used to sign image blocks without regard to the size of these blocks. In addition, a new approach to generate overlapped watermark segments for image blocks is presented. These watermarks are generated using one-way function based on an NP-complete problem. Moreover, a block-based image authentication technique is proposed. This technique provides strong protection against the VQ attack, as well as a great enhancement in localization accuracy and system security.

A study of the interface usability issues of mobile learning applications for smart phones from the users perspective.

A conceptual framework for measuring the usability characteristics of mobile learning (m-Learning) application has been developed. Furthermore, a software prototype for smartphones to assess usability issues of m-Learning applications has also been designed and implemented. This prototype has been developed, using Java language and the Android Software Development Kit, based on the recommended guidelines of the proposed conceptual framework. The usability of the proposed model was compared to a generally available similar mobile application (based on the Blackboard) by conducting a questionnairebased survey at Western University. The two models were evaluated in terms of ease of use, user satisfaction, attractiveness, and learnability. The results of the questionnaire showed that the participants considered the user interface based on our proposed framework more user-friendly as compared to the Blackboard-based user interface.

A cloud-based secure authentication (CSA) protocol suite for defense against Denial of Service (DoS) attacks

Cloud-based services have become part of our day-to-day software solutions. The identity authentication process is considered to be the main gateway to these services. As such, these gates have become increasingly susceptible to aggressive attackers, who may use Denial of Service (DoS) attacks to close these gates permanently. There are a number of authentication protocols that are strong enough to verify identities and protect traditional networked applications. However, these authentication protocols may themselves introduce DoS risks when used in cloud-based applications. This risk introduction is due to the utilization of a heavy verification process that may consume the clouds resources and disable the application service. In this work, we propose a novel cloud-based authentication protocol suite that not only is aware of the internal DoS threats but is also capable of defending against external DoS attackers. The proposed solution uses a multilevel adaptive technique to dictate the efforts of the protocol participants. This technique is capable of identifying a legitimate users requests and placing them at the front of the authentication process queue. The authentication process was designed in such a way that the cloud-based servers become footprint-free and completely aware of the risks of any DoS attack.

Wireless security: securing mobile UMTS communications from interoperation of GSM

Wireless communications have revolutionized the way the world communicates. An important process used to secure that communication is authentication. As flaws in the security of a wireless network are discovered, new protocols and algorithms are required to meet those security issues. When creating new algorithms and systems, it is possible that the existing equipment may not be able to implement the new protocols, which means that integration may be required to transition from an old security protocol to the new more secure protocol. Stationary wireless networks were created without a strong need to integrate protocols and have simply developed slightly more secure protocols to protect old equipment. New protocols in stationary wireless networks are implemented without integration as a requirement. Mobile wireless networks have the requirement of allowing old equipment to use the entire network as it is advantageous to allow new mobile equipment to connect to old networking equipment to increase coverage areas and for old equipment to connect to new towers for roaming and billing. This requirement for mobile networks means that integration is required. There are flaws in this integration of Global System for Mobile Communications (GSM) into Universal Mobile Telecommunications System (UMTS) networks. Those flaws are analyzed, and two practical solutions are proposed. Copyright

Security Protocols in Service-Oriented Architecture

In this paper, a comprehensive Quality of Security Service (QoSS) model for addressing security within a Service-Oriented Architecture (SOA) is proposed. We define a detailed SOA security model that supports and incorporates a number of networking security techniques and protocols. It utilizes symmetric keys, public keys and hash functions techniques, in order to provide different levels of QoSS agreements to satisfy the requirements of both the services providers and requesters. These levels are based on core networking security requirements such as Mutual Authentication, Session keys, Anonymity, and Perfect forward Secrecy. In addition, the proposed model forms a strong line of defense against Replay, Man-in-the-Middle, and Denial-of-Services attacks.

A step towards practical steganography systems

There has been many hidden communication techniques proposed in the last few years. The focus was given to steganography to build such techniques. Utilizing stego-key(s) to hide secret messages into images strengthen the security of these techniques. However, adopting one of the available key-agreement protocols, to distribute stego-key(s) between the communicating parties, will destroy the infrastructure of the entire communication. The reason is that, these protocols perform their transactions on sight, while the desirable communications need to be completely hidden. In this paper, a key-generation unit is proposed to be added to the steganography general model. This unit utilizes a new key-agreement protocol, stego-KA, to help support the entire class of hidden communication techniques to exchange the sego-key(s) covertly. The proposed stego-KA protocol is based on Diffie-Hellman key establishment protocol and has significant advantages that support hidden communications.

A practical version of Wong's watermarking technique

In this paper, we study the security of Wongs technique. It is shown that the technique is vulnerable to cryptographers attacks. This is due to the use of short keys in the public-key cryptosystem. Short keys are used in Wongs technique to make the watermark small enough to fit in an image block. This paper proposes an elegant solution that helps Wongs technique to be practically implemented. A new method of applying the cryptographic hash function is utilized. This method makes the image blocks able to hold longer and secure watermarks while providing similar level of the localization accuracy. The experimental results show that the proposed solution carries Wongs technique from a cryptographically vulnerable system to a secure and practical one.

New correlation-based scheme for image authentication

With a rapid growth of digital image distributions, there has been a corresponding surge in digital counterfeiting of confidential documents. Secrecy of documents and copyright protection techniques have been introduced in an attempt to address this growing concern. Recently, digital image watermarks have been proposed to copyright image data. In this paper a new Digital Image Authentication System is proposed. This system is designed to detect any small change made in an image, including any alteration in pixel values or image size. It uses a watermarking scheme, which is based on correlation coefficient statistics, the Secure Hash Algorithm (SHA-1), and the Elliptic Curve Digital Signature algorithm (ECDSA). The generated signature is then embedded in the image spatial domain. Experimental results show that this system has the ability to accurately authenticate images, while preserving their quality.