Shahid Al Noor

CellCloud: A Novel Cost Effective Formation of Mobile Cloud Based on Bidding Incentives

Cloud computing has become the dominant computing paradigm in recent years. As clouds evolved, researchers have explored the possibility of building clouds out of loosely associated mobile computing devices. However, most such efforts failed due to the lack of a proper incentive model for the mobile device owners. In this paper, we propose CellCloud - a practical mobile cloud architecture which can be easily deployed on existing cellular phone network infrastructure. It is based on a novel reputation-based economic incentive model in order to compensate the phone owners for the use of their phones as cloud computing nodes. CellCloud offers a practical model for performing cloud operations, with lower costs compared to a traditional cloud. We provide an elaborate analysis of the model with security and economic incentives as major focus. Along with a cost equation model, we discuss detailed results to prove the feasibility of our proposed model. Our simulation results show that CellCloud creates a win-win scenario for all three stakeholders (client, cloud provider, and mobile device owners) to ensure the formation of a successful mobile cloud architecture.

D-CLOC: A Delay Tolerant Cloud Formation Using Context-Aware Mobile Crowdsourcing

Gathering information and providing remote assistant is a common trend as it saves time and cost associated with visiting the actual location in person. The widely available mobile sensors are used in collecting information during a task processing. However, gathering information from a remote place, or an area of disaster, is not trivial, given the unavailability of appropriate infrastructure. Existing delay tolerant networking approaches address this issue but suffer from unsatisfactory performance due to the lack of sufficient user participation. We propose the Delay-tolerant Cloud Computing framework (D-CLOC), a cloud framework utilizing the contextual information of a mobile client. Our proposed architecture combines crowdsourcing and the cellular network and forms a temporal delay tolerant cloud. D-CLOC uses a bidding incentive model to ensure and promote user participation in the cloud. We provide a detailed reasoning of the security and feasibility of our model, and delineate probable approaches for solving the various security related aspects. The paper includes the design and implementation of a realistic-simulation model for D-CLOC. The simulation scenario incorporates an example face recognition task for evaluating the performance of our proposed model. Our experimental results show that D-CLOC performs quite well compared to some of the existing DTN approaches and can be deployed for solving any real life problems using crowdsourcing within a delay tolerant cloud infrastructure.

Litigo: A Cost-Driven Model for Opaque Cloud Services

Cloud computing provides software, platform, and infrastructure as a service that helps organizations to perform several resource intensive tasks. The services offered by a cloud service provider are limited by provider-specific options in terms of the pre-specified configurations. Moreover, it is sometimes expensive to pay a fixed amount of money without any format of negotiation or price-matching deals for the cloud-based services and resources. Conversely, the negotiator-based model for opaque services has gained popularity in various markets, such as, for flights, hotels, and rentals. We posit that a similar opaque inventory for cloud-based services and resources is the next generation niche for consumer acquisition and service delivery in the cloud computing market. Such a model will facilitate the clients with flexible resource and service provisioning at reasonable prices, and will also allow a higher revenue and increase resource utilization for cloud service providers. In this paper, we propose Litigo, a cost-driven model for opaque service platforms for cloud computing. The Litigo component acts as a middle-man to deliver cloud-based services from a set of cloud service providers to the end users. We present a detailed cost model and comparison between establishing a cloud service vs. an opaque cloud service. Our empirical framework allows a Litigo service provider to analyze the profit model and creates the market niche accordingly. We performed extensive analysis using simulated model verification for Litigo. The proposed model delivers an opaque cloud as a service to clients at a reasonable price by maximizing the resource utilization and revenue of cloud service providers.

Jugo: A Generic Architecture for Composite Cloud as a Service

Cloud computing has become the industry standard for rapid application deployment, scalable server support, mobile and distributed services, and it provides access to (theoretically) infinite resources. Unfortunately, researchers are still trying to converge towards cross-provider cloud computing frameworks to enable compatibility and seamless resource transition between cloud providers. Moreover, users are restricted to using the provider-specific pre-configured options of resources and services, irrespective of their current needs. At the same time, cloud services are provided as a direct service from the providers to the clients. This creates a segregated cloud market clientele, and non-negotiable pricing strategies for the cloud services. In this paper, we propose Jugo, a generic architecture for cloud composition and negotiated service delivery for cloud users. Jugo acts as a match-maker for service specifications from the users with the currently available assets from the cloud providers. The engagement of a middle-man as an opaque cloud service provider will create a better opportunity for cloud users to find cheaper deals, price-matching, and flexible resource specifications, with increased revenue and higher resource utilization for the cloud service providers.

How Secure is the Healthcare Network from Insider Attacks? An Audit Guideline for Vulnerability Analysis

The availability of wireless interfaces with the new generation medical devices has spawned numerous opportunities in providing better healthcare support to patients. However, the weaknesses of available wireless communication channels introduce various novel attacks on the medical devices. Since the smart mobile devices, such as smartphones, tablets, laptops are also equipped with the same communication channels (WiFi/Bluetooth), attacks on medical devices can be initiated from a compromised or malware infected mobile device. Attackers can steal confidential medical records from a wireless-enabled medical device. Medical devices or communication channels can also be compromised to feed incorrect medical records to doctors or send life threatening commands to the devices. Moreover, since the compromised mobile devices are already inside the security perimeter of a healthcare network, it is very challenging to block attacks from such compromised mobile devices. In this paper, we systematically analyze the novel threats on healthcare devices and networks, which can be initiated from compromised mobile devices. We provide a detail audit guideline to evaluate the security strength of a healthcare network. Based on our proposed guideline, we evaluate the current security state of a large university healthcare facility. We also propose several mitigation strategies to mitigate some of the possible attacks.

HSC-IoT: A Hardware and Software Co-Verification Based Authentication Scheme for Internet of Things

The Internet of Things (IoT) have become popular in diverse domains because of their accessibility and mobility as well as cost-efficient manufacturing, deployment, and maintenance process. The widespread deployment of IoT devices makes them an attractive target for an attacker trying to gain unauthorized access to an IoT-based system. An adversary clones a real hardware device or compromises embedded software to impersonate a legitimate device, and thus gains unauthorized access to sensitive information and performs security-critical operations. The existing security schemes for the mobile systems cannot be applied directly to an IoT-enabled infrastructure since devices are resource constrained regarding storage, processing power, and communication bandwidth. Additionally, the current security approaches for the IoT systems are unable to identify physically compromised IoT devices. In this paper, we propose HSC-IoT, a resource-efficient Physical Unclonable Function (PUF)-based security protocol that ensures both software and hardware integrity of IoT devices. HSC-IoT also provides a lightweight mutual authentication scheme for the resource-limited devices based on Elliptic Curve Cryptography. We present a detailed analysis of the security strength of HSC-IoT. We implemented a prototype of HSC-IoT on IoT devices powered by Contiki OS and provided an extensive comparative analysis of HSC-IoT with contemporary IoT security protocols.

ParkBid: An Incentive Based Crowdsourced Bidding Service for Parking Reservation

Finding parking at a desired spot and time is tough, especially in an urban area. Users may also want to pay more to get a parking spot during urgent need. Although the existing infrastructure-based approaches can solve this problem partially, they require a high initial investment and maintenance cost. As a consequence, deploying such approaches on a large scale in the real world is infeasible. A more economically feasible solution is using crowdsourcing-based approaches where a user near a free parking spot informs the interested users about the available parking spot in exchange for some forms of incentives. However, most of the crowdsourced approaches suffer due to the lack of proper models for price negotiation, information verification, and assurance. In this paper, we propose ParkBid, a crowdsourcing-based parking service for automobiles where the information of free parking is circulated among the interested users following a bidding process. ParkBid determines the incentives for providing any parking information based on several primitives, such as time, location, reputation, urgency, etc. Along with a detailed discussion about the challenges in ParkBid for both the users and information providers, we provide a set of policies as countermeasures. Also, we present an extensive simulation to evaluate the impact of ParkBid for users under different circumstances. Our experimental results show that users can save a significant amount of time and can have more success rate during searching for a free parking spot using ParkBid.