SECURING DATA INTEGRITY AND AUTHENTICATION SERVICE INFRASTRUCTURE FOR SERVICE CLOUDS

SaaS Cloud frameworks give proficient and financially savvy service facilitating foundation for SaaS service providers. The frameworks are regularly shared by different clients from an assortment of security areas, which make them obligated to different noxious assaults. Moreover, the cloud foundation ordinarily has applications that manage significant data, for example, data preparing applications. This gives chance to assailants to exploit the framework powerlessness and complete key assaults. In this paper, we present IntTest, a versatile and successful service honesty verification structure for SaaS clouds. IntTest gives a novel incorporated authentication diagram investigation conspire that can give more grounded aggressor pinpointing power than past schemes. In addition, IntTest can consequently improve result quality by supplanting awful outcomes created by noxious assailants with great outcomes delivered by kindhearted service providers. We have actualized a model of the IntTest framework and tried it on a creation cloud computing foundation utilizing IBM System S stream preparing applications. Our exploratory outcomes demonstrate that IntTest can accomplish higher assailant pinpointing precision than existing methodologies. IntTest does not require any exceptional equipment or secure piece support and forces little execution effect to the application, which makes it functional for huge scale cloud frameworks

Twenty security considerations for cloud-supported Internet of Things

To realise the broad vision of pervasive computing, underpinned by the “Internet of Things” (IoT), it is essential to break down application and technology-based silos and support broad connectivity and data sharing; the cloud being a natural enabler. Work in IoT tends towards the subsystem, often focusing on particular technical concerns or application domains, before offloading data to the cloud. As such, there has been little regard given to the security, privacy and personal safety risks that arise beyond these subsystems; that is, from the wide-scale, crossplatform openness that cloud services bring to IoT. In this paper we focus on security considerations for IoT from the perspectives of cloud tenants, end-users and cloud providers, in the context of wide-scale IoT proliferation, working across the range of IoT technologies (be they things or entire IoT subsystems). Our contribution is to analyse the current state of cloud-supported IoT to make explicit the security considerations that require further work.This work was supported by UK Engineering and Physical Sciences Research Council grant EP/K011510 CloudSafetyNet: End-to-End Application Security in the Cloud and Microsoft through the Microsoft Cloud Computing Research Centre

A proposal for secured, efficient and scalable layer 2 network virtualisation mechanism

El contenidos de los capítulos 3 y 4 está sujeto a confidencialidad. 291 p.La Internet del Futuro ha emergido como un esfuerzo investigador para superar estas limitaciones identificadas en la actual Internet. Para ello es necesario investigar en arquitecturas y soluciones novedosas (evolutivas o rompedoras), y las plataformas de experimentación surgen para proporcionar un entorno realista para validar estas nuevas propuestas a gran escala.Debido a la necesidad de compartir la misma infraestructura y recursos para testear simultáneamente diversas propuestas de red, la virtualización de red es la clave del éxito. Se propone una nueva taxonomía para poder analizar y comparar las diferentes propuestas. Se identifican tres tipos: el Nodo Virtual (vNode), la Virtualización posibilitada por SDN (SDNeV) y el overlay.Además, se presentan las plataformas experimentales más relevantes, con un foco especial en la forma en la que cada una de ellas permite la investigación en propuestas de red, las cuales no cumplen todos estos requisitos impuestos: aislamiento, seguridad, flexibilidad, escalabilidad, estabilidad, transparencia, soporte para la investigación en propuestas de red. Por lo tanto, una nueva plataforma de experimentación ortogonal a la experimentación es necesaria.Las principales contribuciones de esta tesis, sustentadas sobre tecnología SDN y NFV, son también los elementos clave para construir la plataforma de experimentación: la Virtualización de Red basada en Prefijos de Nivel 2 (Layer 2 Prefix-based Network Virtualisation, L2PNV), un Protocolo para la Configuración de Direcciones MAC (MAC Address Configuration Protocol, MACP), y un sistema de Control de Acceso a Red basado en Flujos (Flow-based Network Access Control, FlowNAC).Como resultado, se ha desplegado en la Universidad del Pais Vasco (UPV/EHU) una nueva plataforma experimental, la Plataforma Activada por OpenFlow de EHU (EHU OpenFlow Enabled Facility, EHU-OEF), para experimentar y validar estas propuestas realizadas