Text 7
Revenue Maximization Using Resource Allocation in Cloud Computing
Environment
Word list (sample)
CPU (central processing unit) – центральный процессор
FCFS (first come first served) – первым пришел – первым обслужен, т.н. digispeak,в котором вместо обычных фраз используются акронимы
instant response time (IRT) – время мгновенного отклика
instant slowdown (IS) – мгновенное замедление (торможение)
mean response time (MRT) – среднее время отклика
mean slowdown (MS) – срeднее замедление
National Institute of Standards and Technology (NIST) – Национальный институт стандартов и технологий
quality of services (QoS) – качество услуг
Service Level Agreements (SLAs) – соглашения об уровне услуг (сервиса) etc.
A fundamental problem faced by any cloud service provider is how to maximize their revenues by allocating re-sources dynamically among the service instances and providing differentiated performance levels. Previous pricing mechanisms have been based on Mean Response Time (MRT) and Instant Response Time (IRT). However, mean response time tends to be representative of the performance of just a few big requests since they count the most in the mean because their response times tend to be highest. In this study, we propose two customer-oriented pricing mechanisms Mean Slowdown (MS) and Instant Slowdown (IS), in which the customers are charged according to achieved service performance in terms of mean slowdown. Analytical models of pricing mechanisms are developed for cloud computing under FCFS and PS scheduling policies. The models are then used to compare the performance of First Come First Served (FCFS) and Processor Sharing (PS) scheduling policies in terms of revenue generated. It is also observed that pricing mechanism based on Slowdown generates more revenue for the service provider than pricing mechanism based on response time. We also observe that revenue generated increases with increase in the number of servers, and arrival rate regardless of the pricing mechanism and scheduling policy used. We further observe that revenue generated in terms of MRT and MS is higher under FCFS policy than under PS policy for lower number of servers, however as the number of servers increase, PS policy outperforms FCFS policy in terms of generating more revenue.
Cloud computing represents the delivery of computing as a service. In this case, resources such as CPU, software, information, and devices are provided to end-users as a metered service over the Internet. There are probably as many definitions of cloud computing as there are opinions about its future. To date, there is no definition that is agreed upon in most quarters. According to National Institute of Standards and Technology (NIST), cloud computing can be defined as “the management of resources, applications and information as services over the cloud (Internet) on demand.” Cloud computing is a model for enabling convenient and on demand network access to a shared group of computing resources that can be rapidly released with minimal management effort or service provider interaction.
The cloud makes it possible for one to access information from anywhere at any time. While a traditional computer setup requires one to be in the same location as the data storage device, the cloud removes the need for one to be in the same physical location as the hardware that stores the data.
The business model based on Service Level Agreements (SLAs) play a crucial role in Cloud paradigm. SLA provides mechanisms and tools that allow service providers and end users to express their requirements and constraints such as mean response time, mean slowdown and price scheme. The mean response time is the total amount of time a request spends in both the queue and in service. Mean slowdown is the ratio of mean response time to the size of the requests. Pricing scheme is the process of determining what a service provider will receive from an end user in exchange for their services. SLAs facilitate the transactions between customers and service providers by providing a platform for consumers to indicate their required service level or Quality of Service (QoS). SLA normally specifies a common understanding about responsibilities, guarantees, warranties, performance levels in terms of availability, response time, etc.
The challenge is how much physical resources must be assigned to maintain the promised level of performance as described in SLAs.
SLAs are not punitive contracts that are waved around in anger every time there is a problem. Instead they are a key to improving the ability of service providers to meet the exact needs of its customers. Service providers usually charge customers according to the achieved performance level. SLA becomes the fundamental basis for service providers to provision their cloud resources. The service provider using a multi-tenant model assigns the pooled computing resources in the form of a virtual machine to multiple consumers. The pooled physical resources can be assigned and reassigned to the different virtual machines dynamically based on consumer’s requests and available resources.
Since resource allocation strategies have an impact on the service performance, a fundamental problem faced by any Cloud service provider is how to maximize revenue by allocating resources dynamically among the service instances and providing differentiated performance levels based on SLA and measurable performance indices. Generally, more resources are allocated for those instances with high arrival rate and high price in order to obtain high revenues. However, other instances where more resources are allocated for instances with high throughput (high arrival rate) and a low price is charged do also exist.
Text 8
Importance of Security in Cloud Computing
Word list (sample)
backup – дублирование, резервное копирование
cloud computing – облачные технологии
firewall – брандмауэр, средство защиты от несанкционированного доступа в локальную сеть
IDC (internet database connector) – коннектор баз данных в интернете
intrusion – несанкционированное проникновение в сеть, «взлом» системы
аuthentication – опознавание пользователя etc.
The power, exhibility and ease of use of CC come with lot of security challenges. Even though CC is a new intuitive way to access applications and make work simple, there are a number of challenges/issues that can affect its adoption. A non-exhaustive search in this field reveals some issues. They are: Service Level Agreements (SLA), what to migrate, security, etc. Cloud Computing has a feature of automatic updates, which means a single change by an administrator to an application would reect on all its users. This advertently also leads to the conclusion that any faults in the software are visible to a large number of users immediately, which is a major risk for any organization with little security.
It is also agreed up on by many researchers that security is a huge concern for adoption of cloud computing. A survey by IDC on 263 executives also shows that security is ranked first among challenges in CC. Even though a company boasts to have top class security and does not update its security policies from time to time, it will be prone to security breaches in near future.
SECURITY CONCERNS IN CLOUD COMPUTING
а. Users authentication: user authentication process must be improvised toensure that malicious users do not get access to powerful computing systems in cloud computing.
b. Leakage of data or Data loss: data can be at risk if an unauthorized persongains access to shared pool of resources and deletes or modifies data. This risk can increase further if there exists no backup for that data.
c. Clients trust: there must be strong authentication practices implemented toensure that the client's data is being protected from unauthorized access.
d. Malicious users handling: malicious users can be attackers using cloudservices with a malicious intent or an insider who has gained the trust of company but works to gain access to sensitive information stored in cloud.
e. Hijacking of sessions: these kinds of attacks happen when a legitimate useris prone to phishing or insecure application interfaces that can be exploited by attackers. Through this kind of attacks, attackers gain user credentials and hijack legitimate users sessions.
f. Wrong usage of CC and its services: cloud computing service providersgive access to try their cloud services for a limited period of time for free. Some users utilize this trial period to misuse the resources obtained through CC service provider.
g. Vulnerability: defects or weakness in a system security procedures, design,implementation, or internal controls that could be exploited (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system’s security policy”. In principle, vulnerabilities occur in the organisations resources.
h. Threats: the NIST Special Publication (SP) 800-30 defines threats as aseries of occurrences within which a natural or intelligent invader may compromisethe confidentiality, integrity, or availability of security system in an illicit manner to cause harm.
i. Risk: is the harm resulting from some intended or accidental occurrence thatnegatively impacts the information security process.
j. Security controls: these are made up of policy, procedure, algorithm,metrics, or other measures used to avoid or minimise the amount of damages cause from one or more threat and vulnerability.
Threats agents gives rise to threats, these exploit vulnerabilities to violate information security properties such as confidentiality, integrity, availability, etc. Security controls implements countermeasures to defend information technology systems by mitigating threats, or plugging vulnerabilities, or both using policies, algorithms and metrics.
RESEARCH MOTIVATION
In this research work, we will try to enhance security between the client and cloud accessing the cloud. No doubt, cloud has got multiple benefits but we should not forget that there is a high risk of data getting confidential information getting leaked. In order to avail the benefits of cloud, we must ensure the security of data being transferred between the client and user. Security is the key for the cloud success, security in the cloud is now the main challenge of cloud computing. Until a few years ago all the business processes of organizations were on their private infrastructure and, though it was possible to outsource services, it was usually non-critical data/applications on private infrastructures. Now with cloud computing, the story has changed. The traditional network perimeter is broken, and organizations feel they have lost control over their data. New attack vectors have appeared, and the benefit of being accessible from anywhere becomes a big threat.
No secure authentication: in the present work there is no secureauthentication procedure defined. When you log on to your machine and then try to access a resource, say a file server or database, something needs to assure that your username and password are valid. With sensitive data stored in the cloud of the different users, we need a strong authentication mechanism. Data breaches because of no/weak authentication.
No gateway is defined: the user should not be directly connected to the cloudprovider as there is high risk of data getting stolen or hacked by the third party intruder. There is a requirement of gateway/broker that acts as an intermediate between the cloud provider and the client.
No Read/Write policies have been defined. Different privileges should begiven to the different types of users.
With the continuous growth and expansion of cloud computing, security has become one of the serious issues. Cloud computing platform need to provide some reliable security technology to prevent security attacks, as well as the destruction of infrastructure and services. There is no doubt that the cloud computing is the development trend in the future. Cloud computing brings us the approximately infinite computing capability, good scalability, service on-demand and so on, also challenges at security, privacy, legal issues and so on. But to solving the existing issues becomes utmost urgency. To protect against the compromise of the compliance integrity and security of their applications and data, firewall, intrusion detection and prevention, integrity monitoring, log inspection, and malware protection. Proactive enterprises and service providers should apply this protection on their cloud infrastructure, to achieve security so that they could take advantage of cloud computing ahead of their competitors. These security solutions should have the intelligence to be self-defending and have the ability to provide real-time detection and prevention of known and unknown threats. To advance cloud computing, the community must take proactive measures to ensure security.
Текст 1