Biblio

Block storage resources are essential in an Infrastructure-as-a-Service(IaaS) cloud computing system. It is used for storing virtual machines' images. It offers persistent storage service even the virtual machine is off. Distribute storage systems are used to provide block storage services in IaaS, such as Amazon EBS, Cinder, Ceph, Sheepdog. Ceph is widely used as the backend block storage service of OpenStack platform. It converts block devices into objects with the same size and saves them on the local file system. The performance of block devices provided by Ceph is only 30% of hard disks in many cases. One of the key issues that affect the performance of Ceph is the three replicas for fault tolerance. But our research finds that replicas are not the real reason slow down the performance. In this paper, we present a new approach to accelerate the IO operations. The experiment results show that by using our storage engine, Ceph can offer faster IO performance than the hard disk in most cases. Our new storage engine provides more than three times up than the original one.

This paper introduces an anonymous privacy-preserving scheme for big data over the cloud. The proposed design helps to enhance the encryption/decryption time of big data by utilizing the MapReduce framework. The Hadoop distributed file system and the secure hash algorithm are employed to provide the anonymity, security and efficiency requirements for the proposed scheme. The experimental results show a significant enhancement in the computational time of data encryption and decryption.

This paper presents an ontological approach to perceive the current security status of the network. Computer network is a dynamic entity whose state changes with the introduction of new services, installation of new network operating system, and addition of new hardware components, creation of new user roles and by attacks from various actors instigated by aggressors. Various security mechanisms employed in the network does not give the complete picture of security of complete network. In this paper we have proposed taxonomy and ontology which may be used to infer impact of various events happening in the network on security status of the network. Vulnerability, Network and Attack are the main taxonomy classes in the ontology. Vulnerability class describes various types of vulnerabilities in the network which may in hardware components like storage devices, computing devices or networks devices. Attack class has many subclasses like Actor class which is entity executing the attack, Goal class describes goal of the attack, Attack mechanism class defines attack methodology, Scope class describes size and utility of the target, Automation level describes the automation level of the attack Evaluation of security status of the network is required for network security situational awareness. Network class has network operating system, users, roles, hardware components and services as its subclasses. Based on this taxonomy ontology has been developed to perceive network security status. Finally a framework, which uses this ontology as knowledgebase has been proposed.