Mazhar Ali

A taxonomy and survey on Green Data Center Networks

Abstract Data centers are growing exponentially (in number and size) to accommodate the escalating user and application demands. Likewise, the concerns about the environmental impacts, energy needs, and electricity cost of data centers are also growing. Network infrastructure being the communication backbone of the data center plays a pivotal role in the data center’s scalability, performance, energy consumption, and cost. Research community is endeavoring hard to overcome the challenges faced by the legacy Data Center Networks (DCNs). Serious efforts have been made to handle the problems in various DCN areas. This survey presents significant insights to the state-of-the-art research conducted pertaining to the DCN domain along with a detailed discussion of the energy efficiency aspects of the DCNs. The authors explored: (a) DCN architectures (electrical, optical, and hybrid), (b) network traffic management and characterization, (c) DCN performance monitoring, (d) network-aware resource allocation, (e) DCN experimentation techniques, and (f) energy efficiency. The survey presents an overview of the ongoing research in the broad domain of DCNs and highlights the challenges faced by the DCN research community.

Incremental proxy re-encryption scheme for mobile cloud computing environment

Due to the limited computational capability of mobile devices, the research organization and academia are working on computationally secure schemes that have capability for offloading the computational intensive data access operations on the cloud/trusted entity for execution. Most of the existing security schemes, such as proxy re-encryption, manager-based re-encryption, and cloud-based re-encryption, are based on El-Gamal cryptosystem for offloading the computational intensive data access operation on the cloud/trusted entity. However, the resource hungry pairing-based cryptographic operations, such as encryption and decryption, are executed using the limited computational power of mobile device. Similarly, if the data owner wants to modify the encrypted file uploaded on the cloud storage, after modification the data owner must encrypt and upload the entire file on the cloud storage without considering the altered portion(s) of the file. In this paper, we have proposed an incremental version of proxy re-encryption scheme for improving the file modification operation and compared with the original version of the proxy re-encryption scheme on the basis of turnaround time, energy consumption, CPU utilization, and memory consumption while executing the security operations on mobile device. The incremental version of proxy re-encryption scheme shows significant improvement in results while performing file modification operations using limited processing capability of mobile devices.

SeDaSC: Secure Data Sharing in Clouds

Cloud storage is an application of clouds that liberates organizations from establishing in-house data storage systems. However, cloud storage gives rise to security concerns. In case of group-shared data, the data face both cloud-specific and conventional insider threats. Secure data sharing among a group that counters insider threats of legitimate yet malicious users is an important research issue. In this paper, we propose the Secure Data Sharing in Clouds (SeDaSC) methodology that provides: 1) data confidentiality and integrity; 2) access control; 3) data sharing (forwarding) without using compute-intensive reencryption; 4) insider threat security; and 5) forward and backward access control. The SeDaSC methodology encrypts a file with a single encryption key. Two different key shares for each of the users are generated, with the user only getting one share. The possession of a single share of a key allows the SeDaSC methodology to counter the insider threats. The other key share is stored by a trusted third party, which is called the cryptographic server. The SeDaSC methodology is applicable to conventional and mobile cloud computing environments. We implement a working prototype of the SeDaSC methodology and evaluate its performance based on the time consumed during various operations. We formally verify the working of SeDaSC by using high-level Petri nets, the Satisfiability Modulo Theories Library, and a Z3 solver. The results proved to be encouraging and show that SeDaSC has the potential to be effectively used for secure data sharing in the cloud.

Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing

To improve the resource limitation of mobile devices, mobile users may utilize cloud-computational and storage services. Although the utilization of the cloud services improves the processing and storage capacity of mobile devices, the migration of confidential information on untrusted cloud raises security and privacy issues. Considering the security of mobile-cloud-computing subscribers’ information, a mechanism to authenticate legitimate mobile users in the cloud environment is sought. Usually, the mobile users are authenticated in the cloud environment through digital credential methods, such as password. Once the users’ credential information theft occurs, the adversary can use the hacked information for impersonating the mobile user later on. The alarming situation is that the mobile user is unaware about adversary’s malicious activities. In this paper, a light-weight security scheme is proposed for mobile user in cloud environment to protect the mobile user’s identity with dynamic credentials. The proposed scheme offloads the frequently occurring dynamic credential generation operations on a trusted entity to keep minimum processing burden on the mobile device. To enhance the security and reliability of the scheme, the credential information is updated frequently on the basis of mobile-cloud packets exchange. Furthermore, the proposed scheme is compared with the existing scheme on the basis of performance metrics i.e. turnaround time and energy consumption. The experimental results for the proposed scheme showed significant improvement in turnaround time and energy consumption as compared to the existing scheme.

BSS: block-based sharing scheme for secure data storage services in mobile cloud environment

For the last few years, academia and research organizations are continuously investigating and resolving the security and privacy issues of mobile cloud computing environment. The additional consideration in designing security services for mobile cloud computing environment should be the resource-constrained mobile devices. The execution of computationally intensive security services on mobile device consumes battery’s charging quickly. In this regard, the study presents a novel energy-efficient block-based sharing scheme that provides confidentiality and integrity services for mobile users in the cloud environment. The block-based sharing scheme is compared with the existing schemes on the basis of energy consumption, CPU utilization, memory utilization, encryption time, decryption time, and turnaround time. The experimental results show that the block-based sharing scheme consumes less energy, reduces the resources utilization, improves response time, and provides better security services to the mobile users in the presence of fully untrusted cloud server(s) as compared to the existing security schemes.

A survey on energy-efficient methodologies and architectures of network-on-chip

We present an overview of the research conducted on Network-on-Chip (NoC).We emphasize on the energy efficiency of the NoC architectures and methodologies.We present taxonomies of buffered, bufferless, and energy efficient routing schemes.Strengths and weaknesses of the discussed techniques are highlighted.The survey also highlights possible directions for future research. Integration of large number of electronic components on a single chip has resulted in complete and complex systems on a single chip. The energy efficiency in the System-on-Chip (SoC) and its communication subset, the Network-on-Chip (NoC), is a key challenge, due to the fact that these systems are typically battery-powered. We present a survey that provides a broad picture of the state-of-the-art energy-efficient NoC architectures and techniques, such as the routing algorithms, buffered and bufferless router architectures, fault tolerance, switching techniques, voltage islands, and voltage-frequency scaling. The objective of the survey is to educate the readers with the latest design-improvements that are carried out in reducing the power consumption in the NoCs.

Pirax: framework for application piracy control in mobile cloud environment

Mobile cloud computing is an emerging technology that is gaining popularity as a means to extend the capabilities of resource-constrained mobile devices such as a smartphone. Mobile cloud computing requires specialized application development models that support computation offloading from a mobile device to the cloud. The computation offloading is performed by means of offloading application process, application component, entire application, or clone of the smartphone. The offloading of an entire application or clone of the smartphone to cloud may raise application piracy issues, which, unfortunately, have not been addressed in the existing literature. This paper presents a piracy control framework for mobile cloud environment, named Pirax, which prevents mobile applications from executing on unauthenticated devices and cloud resources. Pirax is formally verified using High Level Petri Nets, Satisfiability Modulo Theories Library and Z3 solver. Pirax is implemented on Android platform and analyzed from security and performance perspectives. The performance analysis results show that Pirax is lightweight and easy to integrate into existing mobile cloud application development models.

3D-RP: A DHT-based Routing Protocol for MANETs

In the last few years, distributed hash table (DHT) has come forth as a useful addition to the design andspecificationofspontaneous,self-organizingnetworks.Researchershaveexploiteditsadvantages by implementing it at the network layer in order to design scalable routing protocols for mobile ad hoc networks. We identify two correlated issues that must be considered when designing DHTbased routing protocol, namely the mismatch problem and resilience of the logical network, which degrades the efficiency of the DHT-based routing protocols. To address these problems, we propose a DHT-based routing protocol that exploits a 3D logical space that takes into account the physical intra-neighbor relationships of a node and exploits a 3D structure to interpret that relationship. In the proposed scheme, each node runs a distributed algorithm to obtain a consecutive logical identifierthatreflectsitsphysicalproximityinthe3Dlogicalspace.Moreover,theprotocolutilizesthe 3D-structuretomaintainmulti-pathstoadestinationnodeinordertoaddressthescalabilityproblem and gain resilience against a node/link failure. Simulation results show that the proposed approach outperforms the existing DHT-based routing protocol in terms routing overhead, end-to-end delay, path-stretch values and packet-delivery ratio.

DROPS: Division and Replication of Data in the Cloud for Optimal Performance and Security

Outsourcing data to a third-party administrative control, as is done in cloud computing, gives rise to security concerns. The data compromise may occur due to attacks by other users and nodes within the cloud. Therefore, high security measures are required to protect data within the cloud. However, the employed security strategy must also take into account the optimization of the data retrieval time. In this paper, we propose division and replication of data in the cloud for optimal performance and security (DROPS) that collectively approaches the security and performance issues. In the DROPS methodology, we divide a file into fragments, and replicate the fragmented data over the cloud nodes. Each of the nodes stores only a single fragment of a particular data file that ensures that even in case of a successful attack, no meaningful information is revealed to the attacker. Moreover, the nodes storing the fragments, are separated with certain distance by means of graph T-coloring to prohibit an attacker of guessing the locations of the fragments. Furthermore, the DROPS methodology does not rely on the traditional cryptographic techniques for the data security; thereby relieving the system of computationally expensive methodologies. We show that the probability to locate and compromise all of the nodes storing the fragments of a single file is extremely low. We also compare the performance of the DROPS methodology with 10 other schemes. The higher level of security with slight performance overhead was observed.

Merging of DHT-based logical networks in MANETs

We study the challenging problem of the network partitioning and merging in context with the mismatch problem and the resilience of the logical structure in distributed hash table (DHT)-based routing protocols for mobile ad hoc networks (MANETs). The existing DHT-based approaches for routing in MANETs do not consider the merging of logical networks, which occurs because of limited transmission range and mobility of nodes. In this paper, we identify that the mismatch problem is aggravated when logical networks are merged, which directly depends upon the shape of the logical structure in which nodes are arranged according to their logical identifier. To address this problem, we first propose a leader-based approach (LA) to detect and merge logical networks. In addition, we discuss the effectiveness of a three-dimensional logical space and three-dimensional logical structure when logical networks are merged. In three-dimensional logical space and three-dimensional logical structure, we take into account the physical intra-neighbour relationship of a node and interpret that relationship in terms of logical identifiers. Simulation results show that the proposed DHT-based protocol along with LA outperforms the existing DHT-based routing protocol in terms routing overhead, end-to-end delay, path-stretch values and packet delivery ratio. Copyright