Christopher C. Lamb

An interoperable usage management framework

In this paper, we describe a formal framework for usage management that provides a scaffolding upon which interoperable usage management systems can be built. We apply the principles of system design to standardize certain features of the framework, such as the operational semantics, and leave free of standards areas that necessitate choice and innovation. We demonstrate that such an approach enables us to achieve a balance of flexibility and usability for the purpose of interoperability in usage management systems. We provide a formal model that allows us to define formal semantics for interoperability.

Usage Management in Cloud Computing

User concerns regarding data handling within the cloud will gain increasing importance as cloud computing becomes more pervasive. Existing service level agreement (SLA) frameworks are not designed for flexibly handling even relatively straightforward usage policies. This paper introduces the notion and importance of usage management in cloud computing. It provides an analysis of features and challenges involved in deploying a usage management framework over a distributed cloud environment to enable automated and actionable interpretation, reasoning and enforcement of usage policies. Finally, a preliminary architecture for such a framework is proposed.

Managed control of composite cloud systems

Cloud providers have just begun to provide primitive functionality enabling users to configure and easily provision resources, primarily in the infrastructure as a service domain. In order to effectively manage cloud resources in an automated fashion, systems must automate quality-of-service (QoS) metric measurement as a part of a larger usage management strategy. Collected metrics can then be used within control loops to manage and provision cloud resources. This basic approach can be scaled to monitor the use of system artifacts as well as simple QoS parameters, and can also address the needs of large systems spanning the boundaries of single service providers though the problem seems to moving toward intractability.

Towards robust trust in software defined networks

Software defined networks (SDNs) are becoming more popular in industry, though currently still only deployed by technically-savvy organizations. Nevertheless, as the advantages of using SDN become clear, future adoption promises to be high, with all network equipment vendors quickly moving to deploy products providing SDN capabilities. This impending wider adoption demands that security implications within SDN be more clearly understood. Today, mechanisms through which vendors can provide enhanced integrity and availability as well as authentication and non-repudiation are poorly understood and have yet to be thoroughly investigated. In this paper, we present our current work outlining how we can define trust in SDN and what trust in SDN means for various operational components, addressing the operational characteristics that impact trust propagation.

Provisioning Security and Performance Optimization for Dynamic Cloud Environments

Security and resource optimization are two of the most critical concerns in cloud computing. A cloud provider must ensure customers with appropriate security, while optimizing the use of cloud resources. In this paper, we present a framework which optimizes both the use of cloud resources and security provided to the customers in an infrastructure as a service (IaaS) cloud. Our framework offers secure usage control of sensitive data within secure virtual machines (VMs), which are dynamically instantiated while optimizing both security and resources allocated to the VMs. These resources are then allocated to the VMs using an optimization model based upon randomized algorithms. We demonstrate that both security and resources can be efficiently optimized within a cloud setting using our formal mathematical model and usage management framework.

Overlay Architectures Enabling Cloud Computing for Multi-level Security Environments

Herein, we consider how overlay architectures can be deployed in order to support usage management in cloud computing. We contrast filter-centric perimeter and policy-centric overlay approaches toward usage management of sensitive content from the perspective of cross-domain solutions and then demonstrate a path from current systems to distributed policy-centric overlay methods. We first cover the need for overlay networks supporting usage management by highlighting the pending migration to utility computing models and the current shortcomings of those kinds of systems from a variety of perspectives. We also briefly cover the state of usage management within these kinds of systems, also examining the known state of the art in proposed cross domain solutions. We then compare and contrast the advantages of policy-based overlay systems to solving usage management issues over sensitive materials within multi-level security environments. We then demonstrate a migration path from current to future solutions. We close with our current and future directions of research.

A domain specific language for usage management

In this paper we describe the development of a domain specific language (DSL) for expressing usage management policies and associating those policies with managed artifacts. We begin by framing a model for the language, including generalized use cases, a domain model, a general supported life-cycle, and specific extension requirements. We then develop the language from that model, demonstrating key syntactic elements and highlighting the technology behind the language while tracing features back to the initial model. We then demonstrate how the DSL supports common usage management and DRM-centric environments, including creative commons, the extensible rights markup language (XrML), and the open digital rights language (ODRL).