Cloud computing

Cloud computing has provided many services to potential consumers, one of these services being the provision of network functions using virtualization. Network Function Virtualization is a new technology that aims to improve the way we consume network services. Legacy networking solutions are different because consumers must buy and install various hardware equipment. In NFV, networks are provided to users as a software as a service (SaaS). Implementing NFV comes with many benefits, including faster module development for network functions, more rapid deployment, enhancement of the network on cloud infrastructures, and lowering the overall cost of having a network system. All these benefits can be achieved in NFV by turning physical network functions into Virtual Network Functions (VNFs). However, since this technology is still a new network paradigm, integrating this virtual environment into a legacy environment or even moving all together into NFV reflects on the complexity of adopting the NFV system. Also, a network service could be composed of several components that are provided by different service providers; this also increases the complexity and heterogeneity of the system. We apply abstract architectural modeling to describe and analyze the NFV architecture. We use architectural patterns to build a flexible NFV architecture to build a Reference Architecture (RA) for NFV that describe the system and how it works. RAs are proven to be a powerful solution to abstract complex systems that lacks semantics. Having an RA for NFV helps us understand the system and how it functions. It also helps us to expose the possible vulnerabilities that may lead to threats toward the system. In the future, this RA could be enhanced into SRA by adding misuse and security patterns for it to cover potential threats and vulnerabilities in the system. Our audiences are system designers, system architects, and security professionals who are interested in building a secure NFV system.

Skin cancer is a major medical problem. If not detected early enough, skin cancer like
melanoma can turn fatal. As a result, early detection of skin cancer, like other types of
cancer, is key for survival. In recent times, deep learning methods have been explored to
create improved skin lesion diagnosis tools. In some cases, the accuracy of these methods
has reached dermatologist level of accuracy. For this thesis, a full-fledged cloud-based
diagnosis system powered by convolutional neural networks (CNNs) with near
dermatologist level accuracy has been designed and implemented in part to increase early
detection of skin cancer. A large range of client devices can connect to the system to
upload digital lesion images and request diagnosis results from the diagnosis pipeline.
The diagnosis is handled by a two-stage CNN pipeline hosted on a server where a
preliminary CNN performs quality check on user requests, and a diagnosis CNN that
outputs lesion predictions.

Chronic Diseases are the major cause of mortality around the world, accounting for 7 out of 10 deaths each year in the United States. Because of its adverse effect on the quality of life, it has become a major problem globally. Health care costs involved in managing these diseases are also very high. In this thesis, we will focus on two major chronic diseases Asthma and Diabetes, which are among the leading causes of mortality around the globe. It involves design and development of a predictive analytics based decision support system which uses five supervised machine learning algorithm to predict the occurrence of Asthma and Diabetes. This system helps in controlling the disease well in advance by selecting its best indicators and providing necessary feedback.

Cloud Computing is a new computing model consists of a large pool of hardware
and software resources on remote datacenters that are accessed through the Internet.
Cloud Computing faces significant obstacles to its acceptance, such as security,
virtualization, and lack of standardization. For Cloud standards, there is a long debate
about their role, and more demands for Cloud standards are put on the table. The Cloud
standardization landscape is so ambiguous. To model and analyze security standards for
Cloud Computing and web services, we have surveyed Cloud standards focusing more on
the standards for security, and we classified them by groups of interests. Cloud
Computing leverages a number of technologies such as: Web 2.0, virtualization, and
Service Oriented Architecture (SOA). SOA uses web services to facilitate the creation of
SOA systems by adopting different technologies despite their differences in formats and
protocols. Several committees such as W3C and OASIS are developing standards for web services; their standards are rather complex and verbose. We have expressed web services security standards as patterns to make it easy for designers and users to understand their key points. We have written two patterns for two web services standards; WS-Secure Conversation, and WS-Federation. This completed an earlier work we have done on web services standards. We showed relationships between web services security standards and used them to solve major Cloud security issues, such as, authorization and access control, trust, and identity management. Close to web services, we investigated Business Process Execution Language (BPEL), and we addressed security considerations in BPEL and how to enforce them. To see how Cloud vendors look at web services standards, we took Amazon Web Services (AWS) as a case-study. By reviewing AWS documentations, web services security standards are barely mentioned. We highlighted some areas where web services security standards could solve some AWS limitations, and improve AWS security process. Finally, we studied the security guidance of two major Cloud-developing organizations, CSA and NIST. Both missed the quality of attributes offered by web services security standards. We expanded their work and added benefits of adopting web services security standards in securing the Cloud.

Cloud Computing is security. In complex systems such as Cloud Computing, parts of a system are secured by using specific products, but there is rarely a global security analysis of the complete system. We have described how to add security to cloud systems and evaluate its security levels using a reference architecture. A reference architecture provides a framework for relating threats to the structure of the system and makes their numeration more systematic and complete. In order to secure a cloud framework, we have enumerated cloud threats by combining several methods because it is not possible to prove that we have covered all the threats. We have done a systematic enumeration of cloud threats by first identifying them in the literature and then by analyzing the activities from each of their use cases in order to find possible threats. These threats are realized in the form of misuse cases in order to understand how an attack happens from the point of view of an attacker. The reference architecture is used as a framework to determine where to add security in order to stop or mitigate these threats. This approach also implies to develop some security patterns which will be added to the reference architecture to design a secure framework for clouds. We finally evaluate its security level by using misuse patterns and considering the threat coverage of the models.