ProductsLogo
LogoStudy Documents
LogoAI Grader
LogoAI Answer
LogoAI Code Checker
LogoPlagiarism Checker
LogoAI Paraphraser
LogoAI Quiz
LogoAI Detector
PricingBlogAbout Us
logo

Security Procedures for Data Protection in Cloud Computing

Verified

Added on  2023/04/21

|22
|8040
|172
AI Summary
This document provides a major project proposal for the degree of BEng (Hons) Computer Science, focusing on security procedures for data protection in cloud computing. It includes information on the proposed research questions, hypotheses, keywords, technical skills, resources needed, and potential beneficiaries. The document also outlines the methods for data collection and processing, as well as the presentation and visualization of the collected data and results. Additionally, it includes a detailed review of examples of relevant literature.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
MOD002602 Computing Research Methodologies, 2018/9
Major Project Proposal for the Degree
Of
BEng (Hons) Computer Science
[SID Number]
Submission Date: May 3rd 2019
School of Computing and Information Science,
Faculty of Science and Engineering,
Anglia Ruskin University,
East Road, Cambridge CB1 1PT
1

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
MOD002602 Computing Research Methodologies, 2018/9
Part 1: Basic Information (600 words, 20 marks)
SID Number Fill this area
Programme of Study, e.g. BEng (Hons)
Computer Science BEng (Hons) Computer Science
Proposed Project Title Security Procedures for Data Protection in Cloud
Computing
Proposed Research Question(s)
What are the security techniques to the
prevention of unauthorized data access within
a cloud?
What are the expected major security
challenges to Cloud Computing?
What can be recommended for effective
handling of the expected security problem
with respect to Cloud Computing?
Proposed Research Hypothesis/Hypotheses Data protection in cloud computing using multiple
security procedures.
Three or More Topic Keywords (e.g., from ACM
Classification System in Appendix A) Techniques; Challenges; Cloud Computing; Security.
Technical Skills/Expertise Needed for this
Project (e.g., Programming Languages,
Mathematical/Statistical Methods, Network
Simulation Tools, Electronics, Database Design)
RSA algorithm; Hadoop Distributed File System;
Intrusion detection; Database creation using IEEE
Xplore; Boolean ANDs and ORs implementation during
identification; Appropriate charts for Data/Results
visualization; Statistical methods for Hypothesis
testing; Human Participants association.
Which skills/expertise do you already have that
this project will capitalise upon?
Programming; Working with human participants;
Statistics; Working knowledge of Cloud Computing.
Which of these skills do you need to learn
about? (note: should be realistic here)
ITU guidelines to security threats in cloud computing
environments.
Resources Needed for this Project (Hardware,
Software, Experts/Collaborators)
Standard Computers; Eucalyptus software for private
Cloud architecture; VMware for Virtualization
infrastructure; IEEE Xplore for database sorting (SLR);
Statistical method for hypothesis testing; Association
2
Document Page
MOD002602 Computing Research Methodologies, 2018/9
with human participants.
Public Data Source(s)/Data Sets to be Used for
this Project (if any), e.g., from Appendix B.
https://github.com/google/cluster-data/
Provides Cluster workload traces, executed on Google
compute cells. (Over 12,500 machine-cell)
https://www.edx.org/learn/cloud-computing
Materials provided for efficient learning environment
from beginner to advanced levels of cloud computing.
https://cloud.google.com/cloud-console/
Integrated cloud platform from Google (Management
Console).
Do You Already Have Access to the Resources/
Data Sources Required? If No, When and How
will you Obtain Them?
Yes. Access of Google Cloud Platform Console, Google
cluster workload and edx.org databases are costless
and consists of Creative Common licenses, demanding
only, for the creators to receive appropriate
attribution and, utilization of databases are non-
commercial. Both of the requirements are subjected
to be satisfied.
Will your Study require Human Participants? If
so, for what purpose?
Yes. The study will require human participants (Cloud
Experts) who will be designated to provide their
insights and opinions on challenges of cloud
computing, through a survey.
If Human Participants will be required: (i) How
many, and why this number? (ii) where do you
plan to recruit them from?
Total number of participants required is upto 20.
Moreover, >20 demands no elaborated checks for
outliers/non-complaint participants.
Are there any Ethical Implications to your
Study? If so, what are they?
Human participation is an essential element to the
research growth. At stage 1, application form will be
filled and submitted to the School Research Ethics
Panel (SREP) before collecting any data.
Pressurizing individuals to participate in the survey is
strictly prohibited. Participant’s consent (study the
Participant Information Sheet and approval through a
signature on the Consent Form) should be informative
and concise. Participating individuals are permitted to
withdraw their participation at any time, during or
after the study. Storing personal and confidential data
of the participants is also prohibited (as their data will
be stored under a Unique Identification Number.
Members can use this number to view or delete their
own profile, from the respective database). Data will
be collected on campus only.
In the full Stage 2 application for University Ethics
Panel, potentially alarming/disappointing images will
be mentioned and will be kept under thorough
scrutiny and consideration. Any disorder or phobia
(Example: arachnophobia, anthropophobia,
3
Document Page
MOD002602 Computing Research Methodologies, 2018/9
agoraphobia) of the participants must be known and
shall be excluded, accordingly.
Has Applicable Anglia Ruskin Ethics Training
been Completed? (yes or no) Yes; Epigeum Certification Provided.
Who are the Potential Beneficiaries of the
Project?
Cloud computing is an essential element to most of
the industrial and organizational sector. The following
project will enhance the areas of-
Protection against Distributed Denial of
Service attacks (DDoS). Ideas of absorbing,
monitoring and dispersing such attacks are
idealized to minimize the risks.
Protection of sensitive information and
transactions in organizations using security
protocols (Data security).
Management and maintenance of enhanced
infrastructures for compliance, and also
personal and financial data protection.
What Potential Impact on these Beneficiaries
might the Project Have if it goes well?
If the results are turned out to be correct and, in-
accordance to the desirable outcome, organizations
and academic institutions will be able to identify and
strengthen their cloud computed technological
sectors against the related threats.
What are the risks associated with this
proposal? e.g., insufficient human volunteers,
non-functioning application, idea too ambitious
to complete in available time
1. Collection of sufficient number of human
participants may be observed to be a difficult
task.
2. Volunteers may also be found to be non-
compliant. Also, they may not understand the
instructions properly.
3. Required software could run into errors and
bugs, during the preliminary stages of the
project. This needs to be mitigated, as there is
a limited amount of time.
Suggested Supervisors from List Provided on
Canvas, and Brief Justification. List three in
order of preference.
1. Fill this area
2. Fill this area
3. Fill this area
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
MOD002602 Computing Research Methodologies, 2018/9
Part 2: Outline Methods (750 words, 25 marks)
Outline of Methods to be used for Data
Collection/Processing
(250 words)
For the following project, Systematic Literature Review
is appointed as the primary research method, whereas
interviews and surveys are considered to be the
secondary research method.
System Literature Review is the process of
identification, evaluation and interpretation of all
available research studies, relevant to specific research
topic, question or interest phenomenon.1 The review is
conducted with respect to a predefined search strategy.
SLR is generally undertaken for summarizing the
existing evidence, spotting the gaps in the present
research and, contributing it to the framework of the
new research activities.2 For the following research
work, systematic and guideline-based process by
kitchenham3, has been adopted. The review is
conducted in three phases: Planning (Identification of
the need and developing a review protocol); Conducting
(Selection of quality assessment, data extraction,
primary studies and data synthesis); Reporting
(Reporting of the results and documentations).
The secondary research method is Survey. In this
quantitative research type, respondents (experts) will
be selected under minimum experience criteria
between 1 to 31 years in Cloud Computing and, will be
provided a standardized questionnaire. Electronic
survey is undertaken for the respective research
method analysis. Participants will be offered
questionnaire via electronic mails.
Also, for the interviews, narrative and comparative
analysis will be conducted. Narrative method will
synthesize of non-quantitative method, appointing to
the extracted information that would be tabulated for
easy review. Framework of the method will consist of
the development of a theory, preliminary synthesis,
exploring relationships in data and assess to the
robustness of synthesis. For the Comparative analysis,
the relation and dissimilarities of the study’s contexts
will be evaluated.
1 O.P. Brereton, B.A. Kitchenham, D. Turner Budgen, M. Khalil, Lessons from applying the systematic literature review
process within the software engineering domain, Journal of Systems and Software 80 (4) (2017) 571–583.
2 M. Jørgensen, K. Moløkken-Østvold How large are software cost overruns? A review of the 1994 CHAOS report
Information and Software Technology, 48 (2016), pp. 297-301
3 L.M. Pickard, B.A. Kitchenham, P. Jones, Combining empirical results in software engineering, Information and
Software Technology 40 (14) (2015) 811–821.
5
Document Page
MOD002602 Computing Research Methodologies, 2018/9
Outline of Methods to be used for
Presentation/Visualisation of the Data
Collected/Results.
(250 words)
For the described SLR methodology, selected papers
will be sorted in relevance to the respective project
title. For filtering out the papers which do not consist of
security challenges, attacks and mitigation technique
information with respect to cloud computing, the
processes of inclusion and exclusion (by search string)
will be evaluated from reputed databases. Keywords
are the basis of the search strings and, are constructed
via Boolean ORs and ANDs implementation. The
resulted data will produce the currently researched
challenges and issues to cloud computing. The data will
be visualized in an architectural format using the
software VMware.
The method of electronic survey through e-mails will be
requesting 20 cloud experts to participate in the survey.
Afterwards, the questionnaire will start with expert’s
name, organization’s name, expert’s experience in the
field and security. Expert’s information data will be
stored in a tabular format. The results will be sorted
according to the commonality of the reported
challenges and also the other factors included.
Moreover, the Reporting review will consist of both the
results from Survey and SLR. To the SLR, empirical
evidence of number of papers published (year-wise) to
the Cloud computing security will also be shown in a
graphical manner. The identified security issues which
would be obtained from both, may contain similarity.
They will be analyzed accordingly. The identified
threats will be converted to attributes and will be
visualized in a chart figure. Same will also be followed
for the survey/interview. Also, the research will provide
the mitigation procedures (as reported by the surveyed
cloud experts).
Outline of Methods that will be used to
Demonstrate the Efficacy/Significance of
Artifact/Model/Results Obtained? (e.g.,
Statistical Design, Usability Questionnaire,
Empirical Test/Performance Framework)
(250 words)
During the presentation of the empirical evidence of
SLR (in a year-wise format) recorded within the time-
period of last 10 years, the graph will show the
distinctive and alike property of the research from other
published materials. The objective is to provide a
material that has not been previously discussed. The
exploitation of any databases of SpringerLink, IEEE
Xplore or Scopus will enhance the search strategy of
Systematic Literature Review. Moreover, IEEE Xplore is
implemented in the following research.
The current study will produce effective results with the
correct implementation after the SLR procedure. The
standard set of questionnaire will test the knowledge of
6
Document Page
MOD002602 Computing Research Methodologies, 2018/9
the cloud experts. Accordingly, the suitable candidates
will be chosen. The participants will also be kept under
partial supervision to report as expected. Each response
will be stored in a separate data-field (distinctly
allocated ‘Unique Identification Number’).
Further, suggestions from the appointed 20 experts will
be summarized to mitigate future challenges with
respect to the vulnerabilities in Cloud Computing. The
effective use of RSA algorithm, API access control and
more methods are included in the minimization.
Part 3: Detailed Review of Examples of Relevant Literature (750 words, 25 marks)
Next, using http://scholar.google.com, enter the keywords you identified above, along with words
from your proposed title, to find ONE journal article and ONE conference article that are
somewhat similar to your research idea. Record the details of these articles in the tables below. If
you only find journal articles, then replicate and complete the journal article table twice. Likewise
if you only find conference articles, replicate and complete that table twice. For now, books,
websites, and company materials/white papers will not qualify as appropriate literature.
Guidance:
1. The journal must be registered in http://scimagojr.com (which uses SCOPUS). If it is not, then it
is not a reputable source, and you should select a different journal. If the journal hosting the
article you selected is in the third or fourth quartile, treat it very skeptically. Likewise, if the
conference hosting the conference article you have selected is not registered with
http://conferencerankings.com (or similar), or if the conference is ranked poorly, choose a
different article (ideally) or treat the article with a great deal of skepticism.
2. The full PDF of the journal/conference articles you select must be accessible to you, so that
you can read it thoroughly and begin writing your summary.
3. The article should normally be relatively recent, as computer science can change rapidly. We’ll
say within the last 10 years, unless you have a compelling reason for using a seminal/early
study. The paper should have a method and present results, and not be just a review.
4. In selecting conferences, be wary that many (most) conferences are not selective in what
articles they accept, and do not review the articles submitted to them properly. This makes the
7

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
MOD002602 Computing Research Methodologies, 2018/9
articles they publish poor quality and unreliable. Searching for a conference with a good
quality sponsor, like the IEEE or ACM, is one way of filtering out the swamp of poor quality
conference articles.
5. If you cannot locate all the information for the boxes below, then it may be that you have not
found an appropriate source. If you are sure this information is nowhere to be found, continue
looking for a different article.
6. Write your summary/review in the third person, using complete sentence. Just write about
what the paper does – avoid writing about your own (worthless) opinions – stick to the facts
about what you have in front of you and just summarize what the paper does.
8
Document Page
MOD002602 Computing Research Methodologies, 2018/9
(a) Detailed Review of ONE Journal Article
Article Title Toward Secure and Dependable Storage Services in Cloud
Computing
Journal Title IEEE Transactions on Services Computing
Year Published 2014
Volume 5
Issue 2
Page Range (Start-End) 220-232
DOI 10.1109/tsc.2011.24
Journal Quartile(s) on
www.scimagojr.com
Q1 (Computer Networks and Communication); Q1 (Computer
Science Applications); Q1 (Hardware and Architecture); Q1
(Information Systems and Management)
Number of Citations on
www.scholar.google.com 691
Summary of Article (Research
Question Asked/Hypothesis
Tested, Method Used, Results,
Discussion)
≈ 375 words
In this article, a flexible and efficient distributed storage
authentication scheme has been proposed to assure availability
and correctiveness to the cloud users’ during dynamically explicit
data support. Erasure codes are implemented in file distribution
system for managing redundancies and ensuring dependability of
data against the Byzantine servers4; here, storage servers fail in
arbitrary ways. Our system is efficient to react to detection of
data correction and guarantees concurrent data error localization
that is, misbehaving server’s identification. Further, for balance
between data dynamics and error’s volatility (resilience),
algebraic property of a computed token and erasure-
programmed data are explored. Third-part auditing is supported
for worry-less cloud storage services usage and also safe
delegation of tasks integrity checking. The contribution of the
paper is to recorded to meet the following objectives:
While, the predecessors only provide storage status’s
results in binary format across the distributed
systems/servers. The following project achieves an
integrated storage corrected insurance and identification
of defected and deviated server(s).
The new scheme allows secure and potent dynamic
operations to the blocks of data, which includes: delete,
update and append.
The results of the experiment discusses the efficiency of
4 C. Wang, Q. Wang, K. Ren, and W. Lou, “Ensuring data storage security in cloud computing,” in Proc. of IWQoS’09,
July 2013, pp. 1–9.
9
Document Page
MOD002602 Computing Research Methodologies, 2018/9
the proposal scheme. Security analysis’s extensiveness
shows the resiliency against the failure of Byzantine
systems, malicious attacks to modification and also,
server attack.
During the next sections, the paper introduces models with
respect to system (identified network entities being User, Cloud
Server and Third Part Auditor), adversary, design and notations.
Further, the recovery of storage errors or identification of
potential threats from external attacks are successfully detected
and addressed in the main scheme of ensuring storage of cloud
data to the users. The first part reviews the basic tool of the
coding theory, while the next section introduces a holomorphic
token (with respect to a universal hash function5). The whole
process of assuring cloud data storage has followed several
methods of preparation of file distribution, pre-computational
token challenges, error localization for eliminating errors in the
storage of the systems, error recovery and file retrieval and,
Third party auditing implementation and observations. All the
above mentioned steps are processed in the performance
evaluation. Lastly, in the design phase, dynamic data operations
has enhanced the update, delete and append operations,
expressed and represented in the algebraic functions.
Moreover, the paper investigated the data security problem to
cloud-distributed data storage system and, has proposed a highly
resilient, effective and flexible cloud storage servers and services.
The server colluding attacks are also identified and optimized to
the appropriate significance of the paper’s justification.
(b) Detailed Review of ONE Conference Article
Article Title Collaboration-Based Cloud Computing Security Management
Framework
Conference Title IEEE 4th International Conference on Cloud Computing
(CLOUD 2015)
Date Range of Conference 04-09 July 2015
Location of Conference Washington DC, United States
Page Range in Proceedings 364-371
DOI http://dx.doi.org/10.1109/CLOUD.2011.9
Conference Ranking on
http://www.conferenceranks.com/ B (ERA)
5 H. Shacham and B. Waters, “Compact proofs of retrievability,” in Proc. of Asiacrypt’08, volume 5350 of LNCS, 2012,
pp. 90–107
10

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
MOD002602 Computing Research Methodologies, 2018/9
Number of Citations on
www.scholar.google.com 202
Summary (Research Question
Asked/Hypothesis Tested, Method
Used, Results, Discussion)
≈ 375 words
In this paper, a flexible and efficient distributed storage
authentication scheme has been observed to be framed for
tackling losses with respect to trust and security in the cloud
environment. The execution is mostly enabled through the
extension of Security Management Process (SMP) in the
cloud hosted assets.6 The approach of the respective project
was to improve and support the collaborative strength
among the cloud stakeholders during the development of a
cloud secure and enforced network, comprising of all the
needs. Following issues were addressed in the following
approach:
What are the required security controls that can
mitigate the adopted service risks and also, who is
responsible for selecting such controls?
What are the required security protocols for
protecting the hosted cloud service, under the usage
of numerous tenants at a particular time?
What is the availability scope of the selected controls?
Which security metrics are needed for calculation of
cloud-hosted services security status?
The path is based on the alignment of FISMA standard where
the cloud model and cloud security are maintained to cover
the needs of the stakeholders. The alignment is covered
through the methods of Categorization of Service Security (to
all tenants) (the security is calculated to the likelihood and
exposure levels). Next step followed the ‘tailoring process to
security controls baseline’7 to create methods for mitigation
of risks, mainly by scoping (identification), compensating,
parameter setting of Security Controls. Then, the steps of
implementation and assessment of security controls are
evaluated, followed by the authorization of services and
effectiveness monitoring of the security controls. Formats of
the adopted standards of security are categorized in
Common Platform Enumeration (CPE)8, Common Weakness
Enumeration (CWE), Common Attack Pattern Enumeration
and Classification (CAPEC)9, Common Vulnerability and
Exposure (CVE)10 and Common Configuration Enumeration
(CCE)11. These are visualized in both class diagram and table
6 M. Menzel and C. Meinel, "SecureSOA Modelling Security Requirements for Service-Oriented Architectures," IEEE
International Conference on Services Computing, 2013
7 P. Saripalli and B. Walters, "QUIRC: A Quantitative Impact and Risk Assessment Framework for Cloud Security,", IEEE
8 S. Quinn, K. Scarfone, M. Barrett, and C. Johnson, NIST Special Publication 800-117, Guide to Adopting and Using the
Security Content Automation Protocol, July 2012. See http://csrc.nist.gov/publications/PubsSPs.html#800-117.
9 Barnum, S., 2012. Common attack pattern enumeration and classification (capec) schema description. Cigital Inc,
http://capec. mitre. org/documents/documentation/CAPEC_Schema_Descr iption_v1, 3.
10 G. Hoglund and G. McGraw. Exploiting Software: How to Break Code. Addison-Wesley, February 2014.
11 Mockapetris, P., "Domain Names – Implementation and Specification", RFC 1035, November 2013.
11
Document Page
MOD002602 Computing Research Methodologies, 2018/9
format. The lastly obtained framework architecture is
comprised of three layers:
Management layer
Enforcement layer
Feedback layer
The entire framework was used in a prototype model and
implemented in the following steps at the Auckland and
Swinburne’s cloud based ERP system. The whole recorded
observations and results are also demonstrated, according to
the recorded events.
Moreover, the whole comprehensive approach provided a
set of security management process and models has
provided descriptions on the platform services, stakeholders
security requirements; deployed cloud’s identified risks,
threats and mitigations; a security plan development tool and
a partially automated security plan. The whole framework is
efficient to cloud providers in management of the cloud
platforms by consumers for their management on cloud-
hosted devices and also, enabling outsourcing internal SMP
to the cloud.
Part 4: Literature Review (600 words, 20 marks)
An initial Literature Review of
published work.
Sources should adhere to
guidelines described in Part 3.
Review should compare the
approaches (methods) used in
each article, and their findings,
rather than just describing the
ten articles one at a time
sequentially.
Do not attribute weight to
speculative comments in
articles; stick to reviewing
methods and findings that are
backed up by evidence (i.e.,
the data collected/analysed in
the article).
Write about 10 sources.
≈ 600 words
1) Secure virtualization for cloud computing
This proposed paper is a novel architecture on ACPS (Advanced
Cloud Protection System) conducted on increasing the level of
security in cloud environment. Reaction of ACPS is recorded
under security breaches and security management layers.12 The
prototype of the respective model will be implemented on open
source solutions of: OpenECP and Eucalyptus. Aims: Shown
effectiveness of prototype testing against known attacks; ACPS
prototype’s performance evaluation under different workload.
Results show the resiliency against the attacks and the compared
overhead to be limited with respected to the provided
components.
2) Understanding the determinants of cloud computing
adoption
The paper investigates the affecting factors during cloud
computing adoption in firms to the high-tech industry. The
methodology is based on questionnaire-based survey for data
collection from 110 firms to a Taiwanese’s high-tech industry.
Respected hypothesis was tested and deprived under regressive
logistic analysis. The findings revealed the significant effect of
relative advantage, firm size, technology readiness, competitive
pressure, compatibility and more, to the adoption of cloud
computing.
3) Cloud Computing – The Business Perspective
This study generalizes the need of business in understanding the
12 P.T. Jaeger, J. Lin and J.M. Grimes, Cloud computing and information policy: computing in a policy cloud?. Journal of
Information Technology & Politics, 2008; 5 (3): 269-283.
12
Document Page
MOD002602 Computing Research Methodologies, 2018/9
issues surrounding cloud computing. 60 executives of different
industries were interviewed who are under cloud computing’s
development or evaluators in the enterprise. The study
evaluated a SWOT analysis on a respective industry, issues
affecting stakeholders of cloud computing. Finally, key issues
facing the agencies of government who were involved in the
cloud computing regulation were outlined.
4) Risks in Enterprise Cloud Computing: the Perspective of
IT Experts
The paper records the potential risks to organization’s cloud
network have been assessed and recorded from IT consultants
and practitioners perspectives. Methods of questionnaire was
developed and distributed among 296 IT professionals during the
whole research on development and implementation. Moreover,
40 (13.3%) of the responses were gathered and analyzed.
Findings identified series of 40 CC risks, under diversely
organizational, operational, technical and legal parts.
5) Data Protection-Aware Design for Cloud Services
The research is developed to design controls on data protection
into clouds to minimize the associated costs on extended
security (afterthought). A capability maturity model is described
to explore opportunities from data protection design and privacy
maturity to an enterprise’s cloud deployment (controls are also
designed in patterns)13. Finally, Service Level Agreement (SLAs)
are considered to be used to make third party suppliers support
the designated controls.
6) Cloud Load Balancing Techniques : A Step Towards
Green Computing
The purpose of the paper is discussed in techniques of load
balancing (existent) in cloud computing and, further they are
compared to the parameters of scalability, performance,
associated overhead and more (which are regarded as the
different techniques). Also, these techniques are discussed on
carbon emission and energy consumption perspectives.
7) Comparison of Several Cloud Computing Platforms
There are different platforms for visualization platforms of Cloud
Computing. They have different characteristics, problems,
architectures and applications. Thus, this paper analyzes,
discusses and compares the variety of platforms to make users
gain further knowledge of the different platforms (ABIcloud,
Eucalyptus, Nimbus, OpenNebula and more), so that, they can
choose the one according to their preference.
8) Service-Oriented Cloud Computing Architecture
Implementations of current cloud is observed to be often
isolated from other implementation over cloud14. Thus, this
paper provides an overall survey of present gen cloud computing
13 Spiekermann, S., Cranor, L. F.: Engineering privacy. IEEE Transactions on Software Engineering, pp. 1-42. IEEE (2012)
14 Wei-Tek Tsai, Qian Huang, Jay Elston, and Yinong Chen, "ServiceOriented User Interface Modeling and
Composition," in International Conference on e-Busines Enginerring, Xi'an, 2013, pp. 21-28.
13

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
MOD002602 Computing Research Methodologies, 2018/9
architectures, further, demonstrates the issues to the same
implementation and, rightfully proposes an architecture to
interoperate the clouds, and named it SOCCA (Service-Oriented
Cloud Computing Architecture). Henceforth, the proposed
architecture is observed to provide high level designs in the cloud
computing environment for better support in multi-tenancy.
9) Taking Account of Privacy when Designing Cloud
Computing Services
Privacy has always been an important issue of every cloud
computing environment, whether be it in user trust or legal
compliance.15 The following paper discussed the challenges to
privacy that engineers face during offering multiple services over
cloud environment. The study further suggests key principles to
the design and, justifies the importance of privacy to be
considered in every phase of design.
10) A Taxonomy and Survey of Cloud Computing Systems
This paper a comprehensive taxonomy is developed to describe
the architecture of cloud computing. Further, this taxonomy is
used to survey in multiple cloud computing services companies
like Google, Amazon, etc.16 The results have not only identified
the differences and similarities between architectural
approaches but, also extensively required future research areas
are equivalently spotted.
List of References used in
Literature Review, in Harvard
format.
1. Lombardi, F. and Di Pietro, R., 2015. Secure virtualization for cloud
computing. Journal of network and computer applications, 34(4),
pp.1113-1122.
2. Low, C., Chen, Y. and Wu, M., 2014. Understanding the
determinants of cloud computing adoption. Industrial management &
data systems, 111(7), pp.1006-1023.
3. Marston, S., Li, Z., Bandyopadhyay, S., Zhang, J. and Ghalsasi, A.,
2016. Cloud computing—The business perspective. Decision support
systems, 51(1), pp.176-189.
4. Dutta, A., Peng, G.C.A. and Choudhary, A., 2013. Risks in enterprise
cloud computing: the perspective of IT experts. Journal of Computer
Information Systems, 53(4), pp.39-48.
5. Creese, S., Hopkins, P., Pearson, S. and Shen, Y., 2017, December.
Data protection-aware design for cloud services. In IEEE International
Conference on Cloud Computing (pp. 119-130). Springer, Berlin,
Heidelberg.
6. Kansal, N.J. and Chana, I., 2015. Cloud load balancing techniques: A
step towards green computing. IJCSI International Journal of Computer
Science Issues, 9(1), pp.238-246.
15 D. Cohen, M. Lindvall and P. Costa, “An introduction to agile methods”, Advances in Computers, New York, Elsevier
Science, 2014, pp. 1-66.
16 S. Bertram, M. Boniface, et al., "On-Demand Dynamic Security for Risk-Based Secure Collaboration in Clouds," IEEE
3rd International Conference in Cloud Computing, pp. 518-525, 2012.
14
Document Page
MOD002602 Computing Research Methodologies, 2018/9
7. Peng, J., Zhang, X., Lei, Z., Zhang, B., Zhang, W. and Li, Q., 2014,
December. Comparison of several cloud computing platforms. In 2014
Second international symposium on information science and
engineering (pp. 23-27). IEEE.
8. Tsai, W.T., Sun, X. and Balasooriya, J., 2015, April. Service-oriented
cloud computing architecture. In 2010 seventh international conference
on information technology: new generations (pp. 684-689). IEEE.
9. Pearson, S., 2016, May. Taking account of privacy when designing
cloud computing services. In 2016 ICSE Workshop on Software
Engineering Challenges of Cloud Computing (pp. 44-52). IEEE.
10 Rimal, B.P., Choi, E. and Lumb, I., 2013, August. A taxonomy and
survey of cloud computing systems. In 2013 Fifth International Joint
Conference on INC, IMS and IDC (pp. 44-51). Ieee.
Part 5: Checklist to Confirm Understanding (10 marks)
(read in detail please; marks only available if all previous boxes have been attempted)
I understand that I must not start collecting data from human volunteers, or undertake any
aspect of the project that has ethical implications, until I have submitted and been awarded
ethical clearance. The chair of the School of Computing and Information Science Ethics Panel
is George Wilson (george.wilson@anglia.ac.uk).

I understand that all points raised in my major project should be attributed to published
sources, such as high-quality journal and conference articles, international standards
organisation, etc. Journal quartiles can be checked on www.scimgojr.com.
I understand that my major project should be written in the third person (i.e., without using
“I”, “we”, “the author”, or similar self-references). Potentially you may include a brief self-
reflective section at the end of your projet (with supervisory agreement).
I understand that all figures, tables, and equations should be numbered sequentially, have a
caption, and be referred to in the text. Furthermore, it is advised to typeset equations, plot
graphs, etc. using appropriate software. I will also label table rows, columns, and graph axes,
and will describe what the variables used in equations stand for.

I have examined Appendix C, and confirm that I understand the main structure of a major
project that I am expected to produce.
I understand that it is my responsibility to manage my contact with my project supervisor;
my supervisor will not chase me for meetings, and I should aim to meet with my supervisor
approx. two times per month.
I understand that, for the degree of BEng (Hons) Computer Science, to meet BCS
accreditation criteria, my project should entail the construction of some kind of artifact (e.g.,
computer program, simulation, model, database, site).
15
Document Page
MOD002602 Computing Research Methodologies, 2018/9
I understand that, in no circumstances, can my major project be only a review of existing
literature/knowledge. It must have a primary research component (e.g., construct artifact,
data collection/analysis).
I understand creating an artifact for my project should be for a reason, viz., to answer a
research question, such as “is this algorithm faster?”, “is this interface preferred by users?”,
etc. implying a need for a comparison with existing approaches, or to create/compare
multiple artifacts.

I understand that I should not contaminate my major project with my own opinions or
beliefs, and should adhere to the mantra “stick to the facts”. Opinionated/journalistic writing
has no place in science/academic writing.
Appendix A: ACM Computing Classification System (2012)
General and reference Document types • Cross-computing tools and techniques
Hardware
Printed circuit boards • Communication hardware, interfaces and storage • Integrated
circuits • Very large scale integration design • Power and energy • Electronic design
automation • Hardware validation • Hardware test • Robustness • Emerging technologies
Computer systems
organization
Architectures • Embedded and cyber-physical systems • Real-time systems • Dependable
and fault-tolerant systems and networks
Networks
Network architectures • Network protocols • Network components • Network algorithms
• Network performance evaluation • Network properties • Network services • Network
types
Software and its
engineering
Software organization and properties • Software notations and tools • Software creation
and management
Theory of computation
Models of computation • Formal languages and automata theory • Computational
complexity and cryptography • Logic • Design and analysis of algorithms • Randomness,
geometry and discrete structures • Theory and algorithms for application domains •
Semantics and reasoning
Mathematics of computing Discrete mathematics • Probability and statistics • Mathematical software • Information
theory • Mathematical analysis • Continuous mathematics
Information systems Data management systems • Information storage systems • Information systems
applications • World Wide Web • Information retrieval
Security and privacy
Cryptography • Formal methods and theory of security • Security services •
Intrusion/anomaly detection and malware mitigation • Security in hardware • Systems
security • Network security • Database and storage security • Software and application
security • Human and societal aspects of security and privacy
Human-centered
computing
Human–computer interaction • Interaction design • Collaborative and social computing •
Ubiquitous and mobile computing • Visualization • Accessibility
Computing methodologies
Symbolic and algebraic manipulation • Parallel computing methodologies • Artificial
intelligence • Machine learning • Modelling and simulation • Computer graphics •
Distributed computing methodologies • Concurrent computing methodologies
Applied computing Electronic commerce • Enterprise computing • Physical sciences and engineering • Life
16

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
MOD002602 Computing Research Methodologies, 2018/9
and medical sciences • Law, social and behavioral sciences • Computer forensics • Arts
and humanities • Computers in other domains • Operations research • Education •
Document management and text processing
Social and professional
topics Professional topics • Computing/technology policy • User characteristics
People, technologies and
companies Companies • Organizations • People in computing • Technologies
Appendix B: Some Public Datasets/Tests/Tools Relevant to Computer Science
General List of Public Datasets:
https://github.com/google/cluster-data
https://www.edx.org/learn/cloud-computing
https://cloud.google.com/cloud-console/
Some Psychological Tests Relevant to Computer Science:
van Rooij, A. J., Schoenmakers, T. M., Van den Eijnden, R. J., Vermulst, A. A., & van de Mheen, D.
(2012). Video game addiction test: validity and psychometric characteristics.
Cyberpsychology, Behavior, and Social Networking, 15(9), 507-511.
Widyanto, L., & McMurran, M. (2004). The psychometric properties of the internet addiction test.
Cyberpsychology & Behavior, 7(4), 443-450.
Heinssen Jr, R. K., Glass, C. R., & Knight, L. A. (1987). Assessing computer anxiety: Development and
validation of the computer anxiety rating scale. Computers in Human Behavior, 3(1), 49-59.
Andreassen, C. S., Torsheim, T., Brunborg, G. S., & Pallesen, S. (2012). Development of a Facebook
addiction scale. Psychological Reports, 110(2), 501-517.
Mehroof, M., & Griffiths, M. D. (2010). Online gaming addiction: the role of sensation seeking, self-
control, neuroticism, aggression, state anxiety, and trait anxiety. Cyberpsychology,
Behavior, and Social Networking, 13(3), 313-316.
Lewis, J. R. (1995). IBM computer usability satisfaction questionnaires: psychometric evaluation and
instructions for use. International Journal of Human Computer Interaction , 7(1), 57-78.
Bell, D. (1976). Programmer selection and programming errors. The Computer Journal, 19(3), 202-
206.
List of Networks/Security Datasets:
VizSec List | SecRepo
List of Pre-trained Neural Networks for Deep Learning/AI Projects:
MatConvNet
List of Datasets for Machine Learning Projects:
List from Wikipedia
Brain-computer Interface Datasets:
17
Document Page
MOD002602 Computing Research Methodologies, 2018/9
BNCI2020 Horizon
Notes on Usability Testing of Intefaces:
Rubin, J., & Chisnell, D. (2008). Handbook of usability testing: how to plan, design and conduct
effective tests. John Wiley & Sons.
Nielsen Norman Group
List of Algorithms Implemented in Different Languages:
Rossetta Code
18
Document Page
MOD002602 Computing Research Methodologies, 2018/9
Appendix C: Recommended Structure of Undergraduate Major Project
Even if your particular section titles are slightly different, most projects should have the following general
structure:
Title Page
Table of Contents
List of Figures
List of Tables
List of Equations
Glossary of Terms
Acronyms and Abbreviations
Abstract
1. Introduction
2. Literature Review
3. Method
4. Results
5. Discussion
6. Conclusions
References
Appendix A: Ethics Training Certificate
Appendix B: Email Confirming Ethics Clearance
Appendix C: Source Code, etc.
19

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
MOD002602 Computing Research Methodologies, 2018/9
Appendix D: Marking Scheme
Part 1 (Basic Information):
[20]
All questions fully and comprehensively completed, and demonstrates that a good deal of
thought and effort was investigated into selecting an appropriate topic and considering each
question.
[15]
All or nearly all questions completed well, but perhaps in a slightly less detailed or thoughtful
way than above, or with one or two questions that have responses that are more difficult to
follow or make faulty assumptions.
[10]
Many questions completed, but with significant number incompletely addressed or with
inadequate responses, showing less thorough background research and thought prior to
completion.
[5]
Many questions not adequately completed, demonstrating a lack of thought about the project
idea and its implications. For instance, lack of a project question that can be answered or is
predominantly self-study, not research.
[0] Very few or no questions have been adequately completed, and with no suitable project idea
identified.
MARK AWARDED: ……….. of 20
Part 2 (Outline Methods):
[25] Data collection, visualisation/results presentation and demonstration of efficacy all thoroughly
considered, with thoughtful, detailed and feasible responses to each.
[20]
Data collection, visualisation/results presentation and demonstration of efficacy all considered,
with quite detailed and feasible responses to each, but less excellent than above, or with some
poorer quality explanations.
[15]
A reasonable attempt at evaluating how data might be collected, analysed/presented and
evaluated, but perhaps detail scant on one or two items, suggesting more thought/refinement
of approach is required.
[10]
Some evidence of thought about how data might be collected, analysed/presented and
evaluated, but lacking sufficient detail to suggest a clear path to accomplishing the aims of the
project.
[5] One or more questions have been adequately completed, and with no real detail on how data
will be collected, or analysed/visualised or evaluated for efficacy.
[0] Questions have been adequately completed, and with no real detail on how data will be
collected, analysed/visualised and evaluated for efficacy.
MARK AWARDED: ……….. of 25
20
Document Page
MOD002602 Computing Research Methodologies, 2018/9
Part 3 (Detailed Review of Examples of Relevant Literature):
[25]
Shows a deep/thorough reading of two articles from suitable sources that are relevant to the
project idea, and writing articulates clearly the main purpose, methods, and findings of those
articles.
[20]
A coherent summary of the main features of the articles, but reading not quite as deep as
above; for instance, does not concisely convey the main steps taken in the method, or the
results and their implications.
[15]
The main gist of the suitable articles is articulated, but perhaps the clarity of writing or
completeness of explanation is needs work. The review may not fully capture the main features
of the article, indicating shallower reading.
[10]
Some interpretation of articles, but lacking depth and detail, or with writing that lacks quality
(e.g., poorer grammar, spelling, and lack of logical flow), and shows superficial reading, or not
fully appropriate to project idea.
[5]
Shows a scant reading of the articles, which also may not be appropriate sources. Evaluation
lacks depth and evidence of proper engagement. Captures ‘headline’ only, without describing
method or wider implications.
[0]
Shows a very cursory reading of articles (e.g., could be gleaned from abstract only), and also not
appropriate sources/relvant, poor quality writing, and writing that inadequately conveys the
purpose, methods and findings.
MARK AWARDED: ……….. of 25
Part 4 (Literature Review):
[20]
A thorough review of appropriate sources that shows deep engagement and considered reading
of the articles identified. Answer clearly compares the methods and results of articles, and
reference list complete and correct.
[15]
A thorough review of a selection of appropriate literature sources, but slightly less excellent
than above; for instance, poorer quality explanations, incomplete comparisons, or a reference
list that contains errors.
[10] A reasonable attempt to engage with the literature around the topic, but many references
unsuitable, not clearly described/compared, and some not listed in Harvard format.
[5] Some attempt to engage with the literature around the topic, but many references unsuitable,
not clearly described/compared, and many not listed in Harvard format.
[0] No real attempt to engage with the literature around the topic, with unsuitable references
selected, not clearly described/compared, and not listed in Harvard format.
MARK AWARDED: ……….. of 20
21
Document Page
MOD002602 Computing Research Methodologies, 2018/9
Part 5 (Note, marks only available if all other sections attempted):
[10] Checklist fully completed, and all preceding sections attempted.
[0] Checklist not fully completed, or full completed but without attempting previous sections.
MARK AWARDED: ……….. of 10
Total Mark:
Part 1 ……….. of 20
Part 2 ……….. of 25
Part 3 ……….. of 25
Part 4 ……….. of 20
Part 3 ……….. of 10
MARK AWARDED: ……….. of 100
22
1 out of 22
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]