雲端運算(Cloud Computing)是近年十分熱門的話題之一，在現今網路世界扮演重要的角色，它是一種概念，簡而言之，「雲」指的是在網路上的各種應用服務，可能是軟體或硬體服務；「端」則為使用者的終端設備，例如：電腦、手機、電視等可以連網的硬體設備。拜網路科技所賜，提供網路上各種應用服務的雲端服務提供商，除了提供安全、值得信任的雲端服務環境之餘，在雲端硬體環境資源有限的情況下如何能夠有效使用資源提供全年無休不間斷的服務給使用者是一項值得探討的研究議題。
本論文探討大型跨國企業如何建立有效率的資源配置機制以充分利用分布於各區域(或不同事業群)如的IT資源，如該公司擁有多個事業群分布於世界各地，並擁有其策略聯盟，各事業群可被視為一個服務提供者(Service Provider)，又可被視為一個雲(Cloud)，其中雲端又可區分為本地雲(Local Cloud)與外部雲(External Cloud)。因事業群能提供各種服務的資源是有限的，實驗假設發生於服務被使用的尖峰時刻，本地雲因而產生資源不足而造成服務終止或無法提供持續性服務的情況，為了避免以上情況發生，本地雲可向外部雲借用資源，由身分提供者(Identity Provider, IdP)來當作一個可信任的公證第三方，雲在被相同IdP相信的原則下，而建立雲與雲之間的信任關係，本地雲得以向其他外部雲借取可用資源。
此篇論文貢獻在於根據我們所提出的一個適用於雲端聯盟之高效率資源配置機制，進行實驗模擬並分析找出能較有效配置資源(Resource Allocation)的方法，藉由跨IdP的概念取得更安全且符合效益的資源形成一個雲端聯盟(Cloud Federation)。

With the recent popularity of cloud computing, and the evolution of Internet technology, cloud computing is being used for many applications which are referring to the web services in our life.
Nevertheless, most of large enterprises are eager to use cloud computing technology, helping business groups achieve cost-effective and high-performance and manage easily. In other words, to provide uninterrupted services to the clients and reduce the monetary cost of cloud services and how to get the rented resources efficiently has become more important.
In this study, we focus on the computing resource allocation problem in cloud environment which involves with the management of CPU processing power, network bandwidth, storage space and system load balance. In order to address such problem a resource allocation framework which refers to a cross-Identity Provider (IdP) resource allocation concept based on the inter-trust relationship among clouds is proposed to allow a cloud to borrow available virtualized resources from external clouds via constructed cloud federation architecture. We conduct simulation experiments which compared revised Celesti algorithm and our algorithms and find out that our scheme has better cost effectiveness than revised Celesti algorithm for resource allocation in cloud federation environment.

中文摘要iii
Abstractiv
誌謝v
Contentsvi
List of Figuresvii
Chapter 1Introduction1
Chapter 2Problem Formulation7
Chapter 3Related Work9
3.1Trust and Identity Provider (IdP)9
3.2Cloud Federation Scenario13
3.3Resource Allocation14
Chapter 4The Proposed Resource Management Framework17
4.1Create a Federation with the concept of Cross Identity Provider (Cross-IdP)17
4.2Resource allocation management framework for cloud federation18
Chapter 5The Proposed Resource Allocation Algorithm24
5.1Notation Description24
5.2Proposed Algorithm28
5.2.1General Rules of Heuristic Algorithm for Cloud-Federation28
5.2.2An Example to Illustrate the Procedure of our Algorithm29
Chapter 6Simulation Experiments35
6.1Simulation Environment35
6.2Performance Evaluation36
6.3Numerical Results and Comparisons37
Chapter 7Conclusions and Contributions45
References46

[1]P. Mell and T. Grance, “The NIST Definition of Cloud Computing”, National Institute of Standards and Technology Special Publication 800-145 (2011)
[2]A. Celesti, F. Tusa, M. Villari and A. Puliafito, “Three-phase Cross-Cloud Federation Model: the Cloud SSO Authentication,” in Proc. of the 2010 Second International Conference on Advances in Future Internet, pp.94-101 (2010)
[3]A. Celesti, F. Tusa, M. Villari and A. Puliafito, “How to Enhance Cloud Architectures to Enable Cross-Federation,” 2010 IEEE 3rd International Conference on Cloud Computing, pp.337-345 ( 2010)
[4]R. Buyya, S.K. Garg, and R.N. Calheiros, “SLA-oriented resource provisioning for cloud computing: Challenges, architecture, and solutions,” 2011 International Conference on Cloud and Service Computing. IEEE, pp.1–10 (2011)
[5]E. Apostol, I. Baluta, A. Gorgoi, V. Cristea, “Efficient Manager for Virtualized Resource Provisioning in Cloud Systems,” IEEE, pp. 511-517 (2011)
[6]X. Wang, J. Sun, M. Huang, C. Wu and X. Wang, “A resource auction based allocation mechanism in the cloud computing environment,” 2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops & PhD Forum, pp.2111-2115, (2012)
[7]M. Stihler, A.O. Santin, A.L. Marcon, and J. da Silva Fraga. “Integral federated identity management for cloud computing,” New Technologies, Mobility and Security (NTMS), 2012 5th International Conference on, pp. 1 –5, (2012)
[8]A. Buecker, P. Ashley, and N. Readshaw, “Federated Identity and Trust Management,” IBM Redbooks, (2008)
[9]P. Steiner, “On the Internet nobody knows you’re a dog,” The New Yorker , Vol.69 (LXIX) no. 20, (1993)
[10]D.H. McKnight, and N.L. Chervany, “The Meanings of Trust,” Technical Report, Carlson School of Management, University of Minnesota, pp.94-104, (1996)
[11]U. Kylau, I. Thomas, M. Menzel, and C. Meinel, “Trust Requirements in Identity Federation Topologies,” 2009 International Conference on Advanced InformationNetworking and Applications, pp.137-145, (2009)
[12]W. Li and L. Ping, “Trust Model to Enhance Security and Interoperability of Cloud Environment,” the CloudCom 2009, LNCS 5931, pp.69-79, (2009)
[13]S. Pearson, Y. Shen, and M. Mowbray, “A Privacy Manager for Cloud Computing,” the CloudCom 2009, LNCS 5931, pp.90-106, (2009)
[14]A. Celesti, F. Tusa, M. Villari and A. Puliafito, “Evaluating a Distributed Identity Provider Trusted Network with Delegated Authentications for Cloud Federation,” the 2nd International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2011), pp. 79-85, (2011)
[15]A. Celesti, F. Tusa, M. Villari and A. Puliafito, “Federation Establishment Between CLEVER Clouds Through a SAML SSO Authentication Profile,” International Journal on Advances in Internet Technology, Vol. 4, No. 1 & 2, pp.14-27, (2011)
[16]S. Malik and F. Huet, “Virtual Cloud: Rent Out the Rented Resources,” the 6th IEEE International Conference for Internet Technology and Secured Transactions (ICITST-2011), (2011)
[17]X. You, X. Xu, J. Wan, and D. Yu, “RAS-M: Resource allocation strategy based on market mechanism in cloud computing,” Fourth China Grid Annual Conference, pp. 256-263 (2009)
[18]K. Mochizuki and S. Kutibayashi, “Evaluation of optimal resource allocation method for cloud computing environments with limited electric power capacity,” IEEE International Conference on Network- Based Information Systems, pp.1-5 (2011)
[19]M. Guazzone, A. Cosimo, and C. Massimo, “Energy-efficient resource management for cloud computing infrastructures,” In Proc. of the Cloud Computing Technology and Science (CloudCom), pp. 424-431, (2011)
[20]H. Goudarzi and M. Pedram, “Multi-dimensional SLA-based Resource Allocation for Multi-tier Cloud Computing Systems,” IEEE 4th International Conference on Cloud Computing, pp324-331 (2011)
[21]F. Liu, J. Tong, J. Mao, R. Bohn, J. Messina, L. Badger and D. Leaf, “NIST Cloud Computing Reference Architecture,” National Institute of Standards and Technology Special Publication, SP 500-292 (2011)
[22]N. Gonzalez, C. Miers, F. Redgolo, M. Simplıcio, T. Carvalho, M. Naslund and M. Pourzandi, “A quantitative analysis of current security concerns and solutions for cloud computing,” Journal of Cloud Computing: Advances, Systems and Applications, 1-11, (2012)
[23]K. Hashizume, D.G. Rosado, E. Fernandez-Medina and E.B. Fernandez, “An analysis of security issues for cloud computing,” Journal of Internet Services and Applications, 4:5, (2013)
[24]B. Sotomayor, R. Montero, I. Llorente, and I. Foster, “Virtual infrastructure management in private and hybrid clouds,” Internet Computing, IEEE, vol. 13, pp. 14–22, (2009)