642 research outputs found
Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study
Cloud computing has emerged as a popular paradigm and an attractive model for
providing a reliable distributed computing model.it is increasing attracting
huge attention both in academic research and industrial initiatives. Cloud
deployments are paramount for institution and organizations of all scales. The
availability of a flexible, free open source cloud platform designed with no
propriety software and the ability of its integration with legacy systems and
third-party applications are fundamental. Open stack is a free and opensource
software released under the terms of Apache license with a fragmented and
distributed architecture making it highly flexible. This project was initiated
and aimed at designing a secured cloud infrastructure called BradStack, which
is built on OpenStack in the Computing Laboratory at the University of
Bradford. In this report, we present and discuss the steps required in
deploying a secured BradStack Multi-node cloud infrastructure and conducting
Penetration testing on OpenStack Services to validate the effectiveness of the
security controls on the BradStack platform. This report serves as a practical
guideline, focusing on security and practical infrastructure related issues. It
also serves as a reference for institutions looking at the possibilities of
implementing a secured cloud solution.Comment: 38 pages, 19 figures
A template description framework for services as a utility for cloud brokerage
Integration and mediation are two core functions that a cloud service broker needs to perform. The description
of services involved plays a central role in this endeavour to enable services to be considered as commoditised
utilities. We propose a conceptual framework for a cloud service broker based on two parts: a reference
architecture for cloud brokers and a service description template that describes the mediated and integrated
cloud services. Structural aspects of that template will be identified, formalised in an ontology and mapped
onto a set of sublanguages that can be aligned to the cloud development and deployment process
IaaS-cloud security enhancement: an intelligent attribute-based access control model and implementation
The cloud computing paradigm introduces an efficient utilisation of huge computing
resources by multiple users with minimal expense and deployment effort
compared to traditional computing facilities. Although cloud computing has incredible
benefits, some governments and enterprises remain hesitant to transfer
their computing technology to the cloud as a consequence of the associated security
challenges. Security is, therefore, a significant factor in cloud computing
adoption. Cloud services consist of three layers: Software as a Service (SaaS), Platform
as a Service (PaaS), and Infrastructure as a Service (IaaS). Cloud computing
services are accessed through network connections and utilised by multi-users who
can share the resources through virtualisation technology. Accordingly, an efficient
access control system is crucial to prevent unauthorised access.
This thesis mainly investigates the IaaS security enhancement from an access
control point of view. [Continues.
- …