Performance and security of cloud-based services

Cloud infrastructures must accommodate changing demands for different types of processing with heterogeneous workloads and time constraints. In a similar context, dynamic management of virtualized application environments is becoming very important to exploit computing resources, especially with recent virtualization capabilities that allow live sessions to be moved transparently between servers. Moreover, from the users viewpoint, the security of the data outsourced to cloud-based services might be at risk, because cloud providers have complete access on them. In this scenario, we explore the following research areas.

  • Live Migration algorithms. We propose novel management algorithms to decide about reallocations of virtual machines in a cloud context characterized by large numbers of hosts. The novel algorithms identify just the real critical instances and take decisions without recurring to typical thresholds. Moreover, they consider load trend behavior of the resources instead of instantaneous or average measures. Preliminary results seem to show that the proposed algorithms are truly selective and robust even in variable contexts, thus reducing system instability and limit migrations when really necessary.
  • Monitoring of cloud infrastructures. We analyze the monitoring infrastructures behind current virtualization systems that support cloud computing. Our goal is to find out under which operating conditions (workload, hardware and software configuration) the information obtained from these monitoring infrastructures tools is comparable to operating system level resource measures (CPU, disk, network, memory). We also investigate the correlations among host-based and virtual machine-based performance measurements.
  • Security for cloud services. We analyze the risks deriving from users data outsourcing to cloud services, and we propose architectural solutions to guarantee confidentiality, integrity and availability of users data in such context. We also study the performance and the feasibility of the proposed solutions both in emulated and in real cloud scenarios.


Selected Papers

  • Luca Ferretti, Michele Colajanni, Mirco Marchetti, "Distributed, concurrent, and independent access to encrypted cloud databases", To appear on IEEE Transactions on Parallel and Distributed Systems
  • Luca Ferretti, Fabio Pierazzi, Michele Colajanni, Mirco Marchetti, "Security and confidentiality solutions for public cloud database services", Proc. of the 7th International Conference on Emerging Security Information, Systems and Technologies, Barcellona, Spain, August 2013.
  • Luca Ferretti, Fabio Pierazzi, Michele Colajanni, Mirco Marchetti, "Performance evaluation of adaptive encryption methods for cloud database as a service", 4th Workshop of the Italian group on Quantitative Methods in Informatics (INFQ 2013), Sorrento, Italy, June 2013.
  • Luca Ferretti, Michele Colajanni, Mirco Marchetti, Adriano Enrico Scaruffi, "Transparent access on encrypted data distributed over multiple cloud infrastructures", Proc. of the 4th International Conference on Cloud Computing, GRIDs, and Virtualization , Valencia, Spain, May-June 2013.
  • Luca Ferretti, Michele Colajanni, Mirco Marchetti, "Supporting security and consistency for cloud database", Proc. of the 4th International Symposium on Cyberspace Safety and Security (CSS 2012), Springer, Melbourne, Australia, December 2012.
  • M. Andreolini, S. Casolari, M. Colajanni, M. Messori, "Dynamic load management of virtual machines in a cloud architecture",Proc. of the First International Conference on Cloud Computing (CLOUDCOMP 2009), Munich, Germany, October 19-21, 2009.
  • Sara Casolari, Michele Colajanni, Francesco Lo Presti, "Runtime state change detector of computer system resources under non stationary conditions", Proc. of the 17th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecomunication Systems (IEEE ACM MASCOTS 2009), London, September 2009.