In this paper, we argue that federation of cloud systems re- quires a standard API for users to create, manage, and destroy virtual objects, and a standard naming scheme for virtual ob- jects. We introduce an existing API for this purpose, the Slice- Based Federation Architecture, and demonstrate that it can be implemented on a number of existing cloud management sys- tems. We introduce a simple naming scheme for virtual objects, and discuss its implementation.
Despite defensive advances, malicious software (mal- ware) remains an ever present cyber-security threat. Cloud environments are far from malware immune, in that: i) they innately support the execution of remotely supplied code, and ii) escaping their virtual machine (VM) confines has proven relatively easy to achieve in practice. The growing interest in clouds by industries and governments is also creating a core need to be able to formally address cloud security and privacy issues. VM introspection provides one of the core cyber-security tools for analyzing the run-time behaviors of code.
Security is a constant sore spot in application development. Applications now need structural support for better isolation and security on a domain specific basis to stave off the multitude of modern security vulnerabilities. Currently, application developers have been relying upon cumbersome workarounds to address these issues.
Most home users are not able to troubleshoot advanced network issues themselves. Hours on the phone with an ISP's customer representative is a common way to solve this problem. With the advent of mobile devices with both Wi-Fi and cellular radios, troubleshooters at the ISP have a new back-door into a malfunctioning residential network. However, placing full trust in an ISP is a poor choice for a home user. In this paper we present Extra Technician (ET), a system designed to provide ISPs and others with an environment to troubleshoot home networking in a remote, safe and flexible manner.
In this position paper, we consider architectures of distributed interconnected clouds across geographically distributed, independently-administered storage and computation clusters. We consider two problems:federation of access across heterogeneous administrative domains, and computation jobs run over the wide area and heterogeneous data sets. We argue that a single, flexible architecture, analogous to the TCP/IP stack for networking, is sufficient to support these jobs, and outline its major elements.