Abstract: Cloud computing has changed the whole picture that distributed computing used to present e.g. Grid computing, server client computing. Cloud has given a new meaning to distributed, and off-premises computing. Although, Cloud offers great benefits, it also introduces a myriad of security threats to the information and data which is now being ported from on-premises to off-premises. Where cloud computing can help organizations accomplish more by paying less (in the longer run) and breaking the physical boundaries between IT infrastructure and its users, due to openness of accessible information and data relying on trust between cloud provider and customer, heightened security threats must be overcome in order to benefit fully from this new computing exemplar. Breach in the security of any component in the cloud can be both disaster for the organization (the customer) and defacing for the provider. This paper explores the security issues related to the cloud. The paper also discusses the existing security approaches to secure the cloud infrastructure and applications and their drawbacks. Finally, we explore some key research challenges of implementing new cloud-aware security solutions that can provide the likes of pre-emptive protection for complex and ever dynamic Cloud infrastructure, followed by conclusion where we try to entail the whole research and try to formulate a security strategy which will enable the Cloud providers and customers alike to fight against ever emerging security threats.

Abstract: Internet-based cloud computing is a new computing paradigm aiming to provide agile and scalable resource access in a utility-like fashion. Other than being an ideal platform for computation-intensive tasks, clouds are believed to be also suitable to support large-scale applications with periods of flash crowds by providing elastic amounts of bandwidth and other resources on the fly. The fundamental question is how to configure the cloud utility to meet the highly dynamic demands of such applications at a modest cost. In this paper, we address this practical issue with solid theoretical analysis and efficient algorithm design using Video on Demand (VoD) as the example application. Having intensive bandwidth and storage demands in real time, VoD applications are purportedly ideal candidates to be supported on a cloud platform, where the on-demand resource supply of the cloud meets the dynamic demands of the VoD applications. We introduce a queueing network based model to characterize the viewing behaviors of users in a multichannel VoD application, and derive the server capacities needed to support smooth playback in the channels for two popular streaming models: client-server and P2P. We then propose a dynamic cloud resource provisioning algorithm which, using the derived capacities and instantaneous network statistics as inputs, can effectively support VoD streaming with low cloud utilization cost. Our analysis and algorithm design are verified and extensively evaluated using large-scale experiments under dynamic realistic settings on a home-built cloud platform.

Abstract: This article presents an innovative project in the context of remote experimentation applied to control engineering education. Specifically, the authors describe their experience regarding the analysis, design, development, and exploitation of web-based technologies within the scope of automatic control. This work is part of an inter-university project known as AutomatL@bs, in which seven Spanish universities joined efforts to share their experimentation resources across the Internet. The paper begins by providing a background of how the development of virtual and remote control labs with pedagogical perspectives should be addressed. In particular, we present examples of remote labs developed by two of the university groups taking part in AutomatL@bs. We then present the automatic booking system that manages the access of users to each laboratory's didactical setup. Next, we show the integration process of every component into a Learning Management System (LMS). Finally, an overall system assessment of the students' perception of the quality of the experimental environment as a learning tool is analyzed.

Abstract: A trusted service manager (TSM) server may include at least one communications device capable of communicating with at least one application server, a verification database server, and at least one mobile communications device. The TSM server may further include a processor coupled with the at least one communications device and capable of registering the at least one application server with the verification database server, receiving a request from the at least one application server to access the memory of the mobile communications device, cooperating with the verification database server to verify the at least one application server based upon the access request and based upon registering of the at least one application server, and writing application data from the at least one application server to the memory of the at least one mobile communications device based upon verifying the at least one application server.

Abstract: The design and implementation of remote laboratories present different levels of complexity according to the nature of the equipments operated by the remote laboratory, the requirements imposed on the accessing computers, the network linking the user to the laboratory, and the type of experiments the laboratory supports. This paper addresses the design and implementation of remote laboratories employing web technologies, both at the client and the server side. These types of remote laboratories are called WebLabs, and can be deployed over different networks such as the public internet, campuswide networks, or high-speed private networks. Although most published works on WebLabs focus on their functional and operational aspects, nonfunctional requirements related to security, quality of service, and federated operation of WebLabs have received little attention. This paper addresses how these requirements can be incorporated into WebLab design, and discusses the most appropriate web technologies to fulfill such requirements.

Abstract: A gaming system includes a game server and a client server. The client server requests random numeric outcomes from the game server and supplies various state and game information. The game server generates one or more random numeric outcomes. The game server communicates the random numeric outcomes to the client server to be used in making a win determination. For purposes of future authentication, the game server stores a digitally-signed file that includes the random numeric outcomes and the state and game information.

Abstract: A system transfers data via a communication session between a client application and a server application, where the client application runs on a first network and the server application runs on a second network. The system includes a proxy having a socket to the client application. The proxy converts data between a local protocol run on the first network to a non-local protocol. An agent creates a socket to the server application. The agent converts data between a local protocol run on the second network and the non-local protocol. A server is in communication with the proxy and the agent. The server contains a message queue dedicated to the communication session. The message queue stores data transmitted during the communication session.

Abstract: A user of multiple client devices (clients) makes application configuration changes on the clients from time to time. The configuration changes are stored in a local event log on each client, as well as in a synchronization server. When one of the clients connects to the synchronization server, for example when the user logs into the synchronization server while using a respective client, the configuration information in the server and client is synchronized. Conflicts, if any, in the configuration changes for a respective application are resolved in accordance with a conflict resolution procedure or conflict resolution rules associated with that application.

Abstract: Disclosed herein are methods and apparatus facilitating delivery of web content that has adapted for particular client devices, such as mobile devices. Doing so may involve assisting a server without the adaptation logic necessary to deliver adapted content to a particular client device. For example, a given web server may adapt content and serve website content to a requesting client, but another server may take over when the client desires to make a purchase at the site. That other server, while perhaps qualified to process payment information, may not be able to provide adapted content. The content adaptation web server can assist that other server to do so. In other embodiments, such a content adapting server may provide such services to a range of other servers, and itself may not serve content directly to the client. The teachings herein may be implemented within a content delivery network.

Abstract: Some embodiments provide a director agent, a server agent, and a specialized hand-off protocol for improving scalability and resource usage within a server farm. A first network connection is established between a client and the director agent in order to receive a content request from the client from which to select a server from a set of servers that is responsible for hosting the requested content. A second network connection is established between the server agent that is associated with the selected server and a protocol stack of the selected server. The first network connection is handed-off to the server agent using the specialized hand-off protocol. The server agent performs network connection state parameter transformations between the two connections to create a network connection through which content can be passed from the selected server to the client without passing through the director.

Abstract: In a digital social relationship network, a social network server computer stores a digital social network representation corresponding to a graph having nodes representing individuals or groups and links representing actual social relationships between the individuals or groups. The server computer obtains relationship-dependent information corresponding to a plurality of links of the graph, and embeds the relationship-dependent information in the digital social network representation stored in the social network server computer. The server computer interactively presents to a user of a client computer connected to the social network server computer a social network of the individuals or groups and the social relationships between the individuals or groups. The social network server computer receives input from the user of the client computer selecting at least one of the social relationships between individuals or groups other than the user, and presents to the user of the client computer a social relationship profile comprising the relationship-dependent information corresponding to the social relationship selected by the user of the client computer. The server computer facilitates exchange of digital value to the user of the client computer, or a group to which the user of the client computer belongs, based on the relationship-dependent information embedded in the digital social network representation stored in the social network server computer.

Abstract: An apparatus and method for reducing frequent server messages including receiving a server request from a network server intended for a mobile station; determining whether to forward the server request to the mobile station; and transmitting a server response to the network server based at least in part on the server request on behalf of the mobile station.

Abstract: A method, system, and computer program product for balancing servers based on server load status, include: receiving from a server a service response to a service request, the service response including a result from a processing of the service request and a server status indicating a computing load status of the server; obtaining the server status from the service response; receiving a next service request from a host, the next service request comprising a Uniform Resource Locator (URL); determining that the server is configured to process the URL; determining whether the server status indicates that the server is available to process the next service request; and in response to determining that the server status indicates that the server is available to process the next service request, sending the next service request to the server.

Abstract: Systems and methods for communication data between an application server and at least one machine-to-machine (M2M) device via an internet network and a network are provided. An example system includes a network element configured to schedule delivery of the data between the application server and at least one M2M device based on network information. The network element is located on a boundary between the network and the intern et network to which the application server communicates with the at least one M2M device.

Abstract: Techniques for performing interference management to support peer-to-peer (P2P) communication in a wide area network (WAN) are described. In an aspect, interference management may be performed in a coordinated manner for/by a set of server nodes, which may include a P2P server and at least one neighbor server node of the P2P server. The P2P server may be a UE communicating peer-to-peer with at least one other UE or P2P client. Interference management may be performed for the set of server nodes to reduce interference to the P2P server and/or the at least one P2P client. In one design, active sets may be determined for UEs. The active set of each UE may include nodes received with sufficient strength by that UE. The set of server nodes may be determined based on the active sets of the P2P server, the at least one P2P client, and possibly other UEs.

Abstract: The present invention concerns a method allowing an author to create a bitmap font and distributing it to at least an user's device connected to a server (2), comprising the steps of: drawing on an author's device and/or importing (5) in the author's device an image comprising at least one glyph; segmentation (6) of the image by the said author's device, in order to isolate the glyph or the different glyphs; uploading the bitmap file resulting of this segmentation (6) to the server (2); displaying (34) a text on said user's device, said text being rendered with a font depending on said bitmap file. The present invention relates also to a system and a computer program product for creating and sharing personalized font on a client- server architecture.

Abstract: A client-server architecture to simultaneously solve multiple learning tasks from distributed datasets is described. In such architecture, each client corresponds to an individual learning task and the associated dataset of examples. The goal of the architecture is to perform information fusion from multiple datasets while preserving privacy of individual data. The role of the server is to collect data in real time from the clients and codify the information in a common database. Such information can be used by all the clients to solve their individual learning task, so that each client can exploit the information content of all the datasets without actually having access to private data of others. The proposed algorithmic framework, based on regularization and kernel methods, uses a suitable class of “mixed effect” kernels. The methodology is illustrated through a simulated recommendation system, as well as an experiment involving pharmacological data coming from a multicentric clinical trial.

Abstract: A method includes capturing data that is representative of actions performed by each of a plurality of human user operated clients as they interact with an online software application, loading at least one or more portions of the captured data into one or more automated simulation clients, and using the one or more automated simulation clients to perform load testing of an online server system. A system includes a data capturing stage, one or more automated simulation clients, and a configuration stage. A computer readable storage medium stores one or more computer programs that will cause a processor based system to execute steps including receiving data that was captured during a running of an online software application and that is representative of actions performed by each of a plurality of human user operated clients as they interacted with the online software application, and loading at least one or more portions of the data into one or more automated simulation clients that are configured to perform load testing of an online server system.

Abstract: In the new architecture, a client that desires access to a piece of hardware sends HTTP requests to a device server. The server receives a HTTP requests, accesses a device on behalf of the client, and send the device's response back to the client in the form of an HTTP response. This architecture has three primary advantages. First, it offers a clean interface for clients where all devices are accessed as if they are web servers. Second, it helps make devices more secure whereby clients can be prevented from accessing hardware directly, and all device access is forced through the narrow HTTP access protocol and checked for compliance with a desired security policy. Third, since HTTP allows local and remote servers to be contacted, the proposed architecture makes it easy for clients to communicate with devices that are not physically co-resident with the client but which are accessible via a network connection.

Abstract: A computer-implemented method of sharing data between computer applications is discussed. The method includes receiving, at an application server sub-system of a hosted computer server system and from a first computing device that is remote from the hosted computer server system, commands interacting with an electronic document served by the application server sub-system, and receiving at the hosted computer server system a command to copy content from the electronic document to an electronic clipboard. The method also includes storing, at a clipboard server sub-system of the hosted computer server system, that is separate from the application server sub-system, data that represents the content, receiving a request for the stored data that represents the content, and delivering, from the clipboard server sub-system to a second computing device, the data that represents the content.

Abstract: We study the problem of allocating memory of servers in a data center based on online requests for storage. Given an online sequence of storage requests and a cost associated with serving the request by allocating space on a certain server one seeks to select the minimum number of servers as to minimize total cost. We use two different algorithms and propose a third algorithm. We show that our proposed algorithm performs better for large number of random requests in terms of the variance in the average number of servers.

Abstract: A key management protocol (such as KMIP) is extended to provide an extended credential type to pass information from clients to the server to enable the server to deduce pre-provisioned cryptographic materials for the individual clients Preferably, KMIP client code communicates device information to a key management server in a value in the headers of KMIP requests that flow to the server In this manner, KMIP requests are associated with pre-provisioned cryptographic materials for particular devices or device groups

Abstract: A method and system for use with a public cloud network is disclosed, wherein the public cloud network includes at least one private cloud server and at least one smart client device in communication therewith. The method and system comprise setting up the at least one private cloud server and the at least one smart client device in a client server relationship. The at least one private cloud server includes a message box associated therewith. The first message box is located in the public network. The at least one smart client includes a second message box associated therewith. The second message box is located on the public network. The method includes passing session based message information between the at least one private cloud server and the at least one smart client device via the first message box and the second message box in a secure manner. The session base information is authenticated by the private cloud server and the at least one smart client device. The smart client device and the private cloud server can then communicate with each other after the session based information is authenticated.

Abstract: Server computers send requests over a network for an allocation of server tasks and processing tasks, the processing task requests having an associated expiration time. The plurality of server computers process received server tasks provided to the server computers in response to the requests, and process processing tasks within the expiration time in response to the requests for processing tasks. The server computers perform the allocated processing tasks only if there are no pending server tasks.

Abstract: Cloud computing makes an aim come true for the users to get all the resources instantly from various locations that are not known. But there are lot of hurdles in accomplishing this idea in the form of security parameters and backup issues. In this paper we have discussed the solution to there issue by integrating the encryption and server management techniques in order to make a smooth transaction between the user and the server. We propose a new prototype system where we have introduced a governance body which will handle all the transactions from the user to the actual server from where the user is requesting. We have introduced routing table at each end server and middle server (Governance server) so as to get the database of client to server connectivity.

Abstract: A cloud computing system and a method therein. The cloud computing system includes: a resource server cluster, where the resource server cluster includes at least two resource servers, each resource server in the resource server cluster has at least one type of resources of computing resources and storage resources, and at least one resource server in the resource server cluster has computing resources and storage resources; a computing resource management module configured to manage the computing resources in the resource server cluster, so as to provide a virtual computing service; and a storage resource management module configured to manage a shared storage resource pool established using the storage resources in the resource server cluster, so as to provide a virtual storage service, where storage resources included in each storage resource pool are from at least two resource servers in the resource server cluster.

Abstract: HTTP request splitting is a new concept where the TCP connection and data transfer phases are dynamically split between servers without using a central dispatcher or load balancer. Splitting is completely transparent to the client and provides security due to the inaccessibility and invisibility of the data servers. We study the performance of mini Web server clusters with request splitting. With partial delegation in which some requests are split, throughput is better, and response times are only marginally less than for an equivalent non-split system. For example with partial delegation, for a four-node cluster with a single connection server and three data servers serving 64 KB files, and for a three-node cluster with two connection servers and a single data server serving 4 KB files, the respective throughput improvements over non-split systems are 10% and 22%, with only a marginal increase in response time. In practice, the throughput improvement percentages will be higher and response time gaps will be lower since we ignore the overhead of a dispatcher or load balancer in non-split systems. Although these experiments used bare PC Web servers without an operating system/kernel for ease of implementation, splitting and clustering may also be implemented on conventional systems.

Abstract: An interactive television program guide system is provided. An interactive television program guide provides users with an opportunity to select programs for recording on a remote media server. Programs may also be recorded on a local media server. The program guide provides users with VCR-like control over programs that are played back from the media servers and over real-time cached copies of the programs. The program guide also provides users with an opportunity to designate gift recipients for whom programs may be recorded.