A Multi-Tenant Usage Access Model for Cloud Computing

Most cloud services are built with multi-tenancy which enables data and configuration segregation upon shared infrastructures.It offers tremendous advantages for enterprises and service providers.It is anticipated that this situation will evolve to foster cross-tenant collaboration supported by Authorization as a service.To realize access control in a multi-tenant cloud computing environment,this study proposes a multi-tenant cloud computing access control model based on the traditional usage access control model by building trust relations among tenants.The model consists of three sub-models,which achieve trust relationships between tenants with different granularities and satisfy the requirements of different application scenarios.With an established trust relation in MT-UCON(Multi-tenant Usage Access Control),the trustee can precisely authorize cross-tenant accesses to the trustor’s resources consistent with constraints over the trust relation and other components designated by the trustor.In addition,the security of the model is analyzed by an information flow method.The model adapts to the characteristics of a dynamic and open multi-tenant cloud computing environment and achieves fine-grained access control within and between tenants.

Multi-Tenant应用的页面元素可配置性研究

通过介绍Multi-Tenant并分析SaaS(Software as a Service)框架下Multi-Tenant(多租户)应用的页面元素个性化需求的问题,归纳提出并评估页面元素可配置的实施方案,最后讨论方案的应用及前景。

Enhancing Security by Using GIFT and ECC Encryption Method in Multi-Tenant Datacenters

Data security and user privacy have become crucial elements in multi-tenant data centers.Various traffic types in the multi-tenant data center in the cloud environment have their characteristics and requirements.In the data center network(DCN),short and long flows are sensitive to low latency and high throughput,respectively.The traditional security processing approaches,however,neglect these characteristics and requirements.This paper proposes a fine-grained security enhancement mechanism(SEM)to solve the problem of heterogeneous traffic and reduce the traffic completion time(FCT)of short flows while ensuring the security of multi-tenant traffic transmission.Specifically,for short flows in DCN,the lightweight GIFT encryption method is utilized.For Intra-DCN long flows and Inter-DCN traffic,the asymmetric elliptic curve encryption algorithm(ECC)is utilized.The NS-3 simulation results demonstrate that SEM dramatically reduces the FCT of short flows by 70%compared to several conventional encryption techniques,effectively enhancing the security and anti-attack of traffic transmission between DCNs in cloud computing environments.Additionally,SEM performs better than other encryption methods under high load and in largescale cloud environments.

A Temporal Multi-Tenant RBAC Model for Collaborative Cloud Services

Multi-tenant collaboration brings the challenge to access control in cloud computing environment.Based on the multi-tenant role-based access control(MT-RBAC)model,a Temporal MT-RBAC(TMT-RBAC)model for collaborative cloud services is proposed.It adds the time constraint between trusted tenants,including usable role time constraint based on both calendar and interval time.Analysis shows that the new model strengthens the presentation ability of MT-RBAC model,achieves the finer-grained access control,reduces the management costs and enhances the security of multi-tenant collaboration in cloud computing environment.

基于Multi-Tenant应用的数据个性化需求问题研究

本文通过介绍Multi-Tenant并分析SaaS(Software as a Service)框架下Multi-Tenant(多租户)应用的数据个性化需求的问题,提出并评估数据个性化的实施方案,最后讨论了方案的应用及适用条件。

A Blockchain-Based Access Control Scheme for Reputation Value Attributes of the Internet of Things

The Internet of Things(IoT)access controlmechanism may encounter security issues such as single point of failure and data tampering.To address these issues,a blockchain-based IoT reputation value attribute access control scheme is proposed.Firstly,writing the reputation value as an attribute into the access control policy,and then deploying the access control policy in the smart contract of the blockchain system can enable the system to provide more fine-grained access control;Secondly,storing a large amount of resources fromthe Internet of Things in Inter Planetary File System(IPFS)to improve system throughput;Finally,map resource access operations to qualification tokens to improve the performance of the access control system.Complete simulation experiments based on the Hyperledger Fabric platform.Fromthe simulation experimental results,it can be seen that the access control system can achieve more fine-grained and dynamic access control while maintaining high throughput and low time delay,providing sufficient reliability and security for access control of IoT devices.

Mapping and measuring urban-rural inequalities in accessibility to social infrastructures

Equal access to social infrastructures is a fundamental prerequisite for sustainable development,but has long been a great challenge worldwide.Previous studies have primarily focused on the accessibility to social infras-tructures in urban areas across various scales,with less attention to rural areas,where inequality can be more severe.Particularly,few have investigated the disparities of accessibility to social infrastructures between urban and rural areas.Here,using the Changsha-Zhuzhou-Xiangtan urban agglomeration,China,as an example,we investigated the inequality of accessibility in both urban and rural areas,and further compared the urban-rural difference.Accessibility was measured by travel time of residents to infrastructures.We selected four types of social infrastructures including supermarkets,bus stops,primary schools,and health care,which were funda-mentally important to both urban and rural residents.We found large disparities in accessibility between urban and rural areas,ranging from 20 min to 2 h.Rural residents had to spend one to two more hours to bus stops than urban residents,and 20 min more to the other three types of infrastructures.Furthermore,accessibility to multiple infrastructures showed greater urban-rural differences.Rural residents in more than half of the towns had no access to any infrastructure within 15 min,while more than 60%of the urban residents could access to all infrastructures within 15 min.Our results revealed quantitative accessibility gap between urban and rural areas and underscored the necessity of social infrastructures planning to address such disparities.

The impact of Internet access on household dietary quality:Evidence from rural China

Over the past few decades,the Internet has rapidly diffused across China.The spread of the Internet has had a profound economic and social impact on Chinese rural areas.Existing research shows that Internet access significantly impacts agricultural production and improves smallholder farmers’income.Beyond these,the Internet can affect other dimensions of social welfare.However,research about the impact of Internet access on dietary quality in rural China remains scarce.This study utilizes multi-period panel data from Fixed Observation Point in rural China from 2009 to 2015 to estimate the impact of Internet access on dietary quality and food consumption of rural households and conducts a causal analysis.Regression models with time and household fixed effects allow robust estimation while reducing potential issues of unobserved heterogeneity.The estimates show that Internet access has significantly increased rural household dietary quality(measured by the Chinese Diet Balance Index).Further research finds that Internet access has increased the consumption of animal products,such as aquatic and dairy products.We also examine the underlying mechanisms.Internet access improves dietary quality and food consumption mainly through increasing household income and food expenditure.These results encourage the promotion of Internet access as a valuable tool for nutritional improvements,especially in rural areas.

Detection of Turbulence Anomalies Using a Symbolic Classifier Algorithm in Airborne Quick Access Record(QAR)Data Analysis

As the risks associated with air turbulence are intensified by climate change and the growth of the aviation industry,it has become imperative to monitor and mitigate these threats to ensure civil aviation safety.The eddy dissipation rate(EDR)has been established as the standard metric for quantifying turbulence in civil aviation.This study aims to explore a universally applicable symbolic classification approach based on genetic programming to detect turbulence anomalies using quick access recorder(QAR)data.The detection of atmospheric turbulence is approached as an anomaly detection problem.Comparative evaluations demonstrate that this approach performs on par with direct EDR calculation methods in identifying turbulence events.Moreover,comparisons with alternative machine learning techniques indicate that the proposed technique is the optimal methodology currently available.In summary,the use of symbolic classification via genetic programming enables accurate turbulence detection from QAR data,comparable to that with established EDR approaches and surpassing that achieved with machine learning algorithms.This finding highlights the potential of integrating symbolic classifiers into turbulence monitoring systems to enhance civil aviation safety amidst rising environmental and operational hazards.

The Study of Multi-Tenant's Configurability

SaaS (Software as a Service)the application mode occurs exactly along with the broadening and convenience of network platform, its core is the application of Multi-Tenant. The Multi-Tenant under SaaS not only makes Application Software more efficient and convenient, but also reduce the cost of software development, hardware purchase, training and upgrade maintenance, which can relieve the financial pressure of enterprises invisibly, so that enterprises can focus on the business development. Aiming at the personalized demand of Multi-Tenant's tenement, this thesis studies about personalized configuration of data, function, and operation interface, moreover, it shows the method of personalized configuration. It also indicates how to make the Multi-Tenant come true through personalized configuration, and realizes unified management of these applications.

Access数据库技术及其应用研究

文章主要研究Access数据库技术及其应用,首先介绍Access数据库技术的理论基础,包括数据库结构、数据库安全性、数据库存储空间,然后探讨Access数据库技术的应用方法,包括数据存储和管理、报表生成和打印、数据库设计和开发等,最后对基于Access数据库的实例应用进行分析,展示Access数据库在提高工作效率、优化数据管理和增强决策能力等方面的作用。

基于BOPPPS模型和思维导图的Access数据库课程教学设计

阐述BOPPPS模式和思维导图开展Access数据库课程教学设计,分析BOPPPS模型和思维导图的特点,探讨Access数据库课程教学设计中的应用,包括课堂引入、课程目标、参与式学习、考试评估。

Power-Domain Collision-Tolerant Random Access Method with Auxiliary Beam for Satellite Internet of Things:A New Solution

There are numerous terminals in the satellite Internet of Things(IoT).To save cost and reduce power consumption,the system needs terminals to catch the characteristics of low power consumption and light control.The regular random access(RA)protocols may generate large amounts of collisions,which degrade the system throughout severally.The near-far effect and power control technologies are not applicable in capture effect to obtain power difference,resulting in the collisions that cannot be separated.In fact,the optimal design at the receiving end can also realize the condition of packet power domain separation,but there are few relevant researches.In this paper,an auxiliary beamforming scheme is proposed for power domain signal separation.It adds an auxiliary reception beam based on the conventional beam,utilizing the correlation of packets in time-frequency domain between the main and auxiliary beam to complete signal separation.The roll-off belt of auxiliary beam is used to create the carrier-to-noise ratio(CNR)difference.This paper uses the genetic algorithm to optimize the auxiliary beam direction.Simulation results show that the proposed scheme outperforms slotted ALOHA(SA)in terms of system throughput per-formance and without bringing terminals additional control burden.

The Extended Hybrid Carrier-Based Multiple Access Technology for High Mobility Scenarios

The hybrid carrier(HC)system rooted in the carrier fusion concept is gradually garnering attention.In this paper,we study the extended hybrid carrier(EHC)multiple access scheme to ensure reliable wireless communication.By employing the EHC modulation,a power layered multiplexing framework is realized,which exhibits enhanced interference suppression capability owing to the more uniform energy distribution design.The implementation method and advantage mechanism are explicated respectively for the uplink and downlink,and the performance analysis under varying channel conditions is provided.In addition,considering the connectivity demand,we explore the non-orthogonal multiple access(NOMA)method of the EHC system and develop the EHC sparse code multiple access scheme.The proposed scheme melds the energy spread superiority of EHC with the access capacity of NOMA,facilitating superior support for massive connectivity in high mobility environments.Simulation results have verified the feasibility and advantages of the proposed scheme.Compared with existing HC multiple access schemes,the proposed scheme exhibits robust bit error rate performance and can better guarantee multiple access performance in complex scenarios of nextgeneration communications.

Which Neighborhoods Have Easier Access to Online Home Delivery Services?A Spatiotemporal Accessibility Analysis in Nanjing,China

The rise in online home delivery services(OHDS)has had a significant impact on how urban services are supplied and used in recent years.Studies on the spatial accessibility of OHDS are emerging,but few is known about the temporal dimension of OHDS accessibility as well as the geographic and socioeconomic differences in the spatiotemporal accessibility of OHDS.This study measures the spatiotemporal accessibility of four types of OHDS,namely leisure,fresh and convenient,medical,and catering services.The geographic and socioeconomic disparities in the spatiotemporal accessibility of these four types of OHDS are then identified using spatial statistical methods and the Kruskal-Wallis test(K-W test).The case study in Nanjing,China,suggests that:1)spatiotemporal accessibility better reflects the temporal variation of OHDS accessibility and avoids overestimation of OHDS accessibility when only considering its spatial dimension.2)The spatiotemporal accessibility of OHDS varies geographically and socioeconomically.Neighborhoods located in the main city or neighborhoods with higher housing prices,higher population density,and higher point of interest(POI)mix have better OHDS spatiotemporal accessibility.Our study contributes to the understanding of OHDS accessibility from a spatiotemporal perspective,and the empirical insights can assist policymakers in creating intervention plans that take into account variations in OHDS spatiotemporal accessibility.

6G New Multiple Access Technology

As a basic technology at physical layer of mobile communications,non-orthogonal multiple access has been attracting wide attention across the academia and the industry.During the standardization of the fifth-generation(5G)of mobile communications,3GPP conducted preliminary study on non-orthogonal multiple access without reaching the consensus to standardize the technology.

Adaptable and Dynamic Access Control Decision-Enforcement Approach Based on Multilayer Hybrid Deep Learning Techniques in BYOD Environment

Organizations are adopting the Bring Your Own Device(BYOD)concept to enhance productivity and reduce expenses.However,this trend introduces security challenges,such as unauthorized access.Traditional access control systems,such as Attribute-Based Access Control(ABAC)and Role-Based Access Control(RBAC),are limited in their ability to enforce access decisions due to the variability and dynamism of attributes related to users and resources.This paper proposes a method for enforcing access decisions that is adaptable and dynamic,based on multilayer hybrid deep learning techniques,particularly the Tabular Deep Neural Network Tabular DNN method.This technique transforms all input attributes in an access request into a binary classification(allow or deny)using multiple layers,ensuring accurate and efficient access decision-making.The proposed solution was evaluated using the Kaggle Amazon access control policy dataset and demonstrated its effectiveness by achieving a 94%accuracy rate.Additionally,the proposed solution enhances the implementation of access decisions based on a variety of resource and user attributes while ensuring privacy through indirect communication with the Policy Administration Point(PAP).This solution significantly improves the flexibility of access control systems,making themmore dynamic and adaptable to the evolving needs ofmodern organizations.Furthermore,it offers a scalable approach to manage the complexities associated with the BYOD environment,providing a robust framework for secure and efficient access management.

OFDMA-Based Unsourced Random Access in LEO Satellite Internet of Things

This paper investigates the low earth orbit(LEO)satellite-enabled coded compressed sensing(CCS)unsourced random access(URA)in orthogonal frequency division multiple access(OFDMA)framework,where a massive uniform planar array(UPA)is equipped on the satellite.In LEO satellite communications,unavoidable timing and frequency offsets cause phase shifts in the transmitted signals,substantially diminishing the decoding performance of current terrestrial CCS URA receiver.To cope with this issue,we expand the inner codebook with predefined timing and frequency offsets and formulate the inner decoding as a tractable compressed sensing(CS)problem.Additionally,we leverage the inherent sparsity of the UPA-equipped LEO satellite angular domain channels,thereby enabling the outer decoder to support more active devices.Furthermore,the outputs of the outer decoder are used to reduce the search space of the inner decoder,which cuts down the computational complexity and accelerates the convergence of the inner decoding.Simulation results verify the effectiveness of the proposed scheme.

Cross-Domain Bilateral Access Control on Blockchain-Cloud Based Data Trading System

Data trading enables data owners and data requesters to sell and purchase data.With the emergence of blockchain technology,research on blockchain-based data trading systems is receiving a lot of attention.Particularly,to reduce the on-chain storage cost,a novel paradigm of blockchain and cloud fusion has been widely considered as a promising data trading platform.Moreover,the fact that data can be used for commercial purposes will encourage users and organizations from various fields to participate in the data marketplace.In the data marketplace,it is a challenge how to trade the data securely outsourced to the external cloud in a way that restricts access to the data only to authorized users across multiple domains.In this paper,we propose a cross-domain bilateral access control protocol for blockchain-cloud based data trading systems.We consider a system model that consists of domain authorities,data senders,data receivers,a blockchain layer,and a cloud provider.The proposed protocol enables access control and source identification of the outsourced data by leveraging identity-based cryptographic techniques.In the proposed protocol,the outsourced data of the sender is encrypted under the target receiver’s identity,and the cloud provider performs policy-match verification on the authorization tags of the sender and receiver generated by the identity-based signature scheme.Therefore,data trading can be achieved only if the identities of the data sender and receiver simultaneously meet the policies specified by each other.To demonstrate efficiency,we evaluate the performance of the proposed protocol and compare it with existing studies.

Big Data Access Control Mechanism Based on Two-Layer Permission Decision Structure

Big data resources are characterized by large scale, wide sources, and strong dynamics. Existing access controlmechanisms based on manual policy formulation by security experts suffer from drawbacks such as low policymanagement efficiency and difficulty in accurately describing the access control policy. To overcome theseproblems, this paper proposes a big data access control mechanism based on a two-layer permission decisionstructure. This mechanism extends the attribute-based access control (ABAC) model. Business attributes areintroduced in the ABAC model as business constraints between entities. The proposed mechanism implementsa two-layer permission decision structure composed of the inherent attributes of access control entities and thebusiness attributes, which constitute the general permission decision algorithm based on logical calculation andthe business permission decision algorithm based on a bi-directional long short-term memory (BiLSTM) neuralnetwork, respectively. The general permission decision algorithm is used to implement accurate policy decisions,while the business permission decision algorithm implements fuzzy decisions based on the business constraints.The BiLSTM neural network is used to calculate the similarity of the business attributes to realize intelligent,adaptive, and efficient access control permission decisions. Through the two-layer permission decision structure,the complex and diverse big data access control management requirements can be satisfied by considering thesecurity and availability of resources. Experimental results show that the proposed mechanism is effective andreliable. In summary, it can efficiently support the secure sharing of big data resources.