Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study

Cloud computing has emerged as a popular paradigm and an attractive model for providing a reliable distributed computing model.it is increasing attracting huge attention both in academic research and industrial initiatives. Cloud deployments are paramount for institution and organizations of all scales. The availability of a flexible, free open source cloud platform designed with no propriety software and the ability of its integration with legacy systems and third-party applications are fundamental. Open stack is a free and opensource software released under the terms of Apache license with a fragmented and distributed architecture making it highly flexible. This project was initiated and aimed at designing a secured cloud infrastructure called BradStack, which is built on OpenStack in the Computing Laboratory at the University of Bradford. In this report, we present and discuss the steps required in deploying a secured BradStack Multi-node cloud infrastructure and conducting Penetration testing on OpenStack Services to validate the effectiveness of the security controls on the BradStack platform. This report serves as a practical guideline, focusing on security and practical infrastructure related issues. It also serves as a reference for institutions looking at the possibilities of implementing a secured cloud solution.Comment: 38 pages, 19 figures

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view

Managing the outsourcing of information security processes: the 'cloud' solution

Information security processes and systems are relevant for any organization and involve medium-to-high investment; however, the current economic downturn is causing a dramatic reduction in spending on Information Technology (IT). Cloud computing (i.e., externalization of one or more IT services) might be a solution for organizations keen to maintain a good level of security. In this paper we discuss whether cloud computing is a valid alternative to in-house security processes and systems drawing on four mini-case studies of higher education institutions in New England, US. Our findings show that the organization’s IT spending capacity affects the choice to move to the cloud; however, the perceived security of the cloud and the perceived in-house capacity to provide high quality IT (and security) services moderate this relationship. Moreover, other variables such as (low) quality of technical support, relatively incomplete contracts, poor defined Service License Agreements (SLA), and ambiguities over data ownership affect the choice to outsource IT (and security) using the cloud. We suggest that, while cloud computing could be a useful means of IT outsourcing, there needs to be a number of changes and improvements to how the service is currently delivered

Algorithms for advance bandwidth reservation in media production networks

Media production generally requires many geographically distributed actors (e.g., production houses, broadcasters, advertisers) to exchange huge amounts of raw video and audio data. Traditional distribution techniques, such as dedicated point-to-point optical links, are highly inefficient in terms of installation time and cost. To improve efficiency, shared media production networks that connect all involved actors over a large geographical area, are currently being deployed. The traffic in such networks is often predictable, as the timing and bandwidth requirements of data transfers are generally known hours or even days in advance. As such, the use of advance bandwidth reservation (AR) can greatly increase resource utilization and cost efficiency. In this paper, we propose an Integer Linear Programming formulation of the bandwidth scheduling problem, which takes into account the specific characteristics of media production networks, is presented. Two novel optimization algorithms based on this model are thoroughly evaluated and compared by means of in-depth simulation results

Internet of Things-aided Smart Grid: Technologies, Architectures, Applications, Prototypes, and Future Research Directions

Traditional power grids are being transformed into Smart Grids (SGs) to address the issues in existing power system due to uni-directional information flow, energy wastage, growing energy demand, reliability and security. SGs offer bi-directional energy flow between service providers and consumers, involving power generation, transmission, distribution and utilization systems. SGs employ various devices for the monitoring, analysis and control of the grid, deployed at power plants, distribution centers and in consumers' premises in a very large number. Hence, an SG requires connectivity, automation and the tracking of such devices. This is achieved with the help of Internet of Things (IoT). IoT helps SG systems to support various network functions throughout the generation, transmission, distribution and consumption of energy by incorporating IoT devices (such as sensors, actuators and smart meters), as well as by providing the connectivity, automation and tracking for such devices. In this paper, we provide a comprehensive survey on IoT-aided SG systems, which includes the existing architectures, applications and prototypes of IoT-aided SG systems. This survey also highlights the open issues, challenges and future research directions for IoT-aided SG systems

Enterprise Cloud Security Guidance and Strategies for Enterprises

Hinnanguliselt 72% ettevõtetest kasutavad vähemalt ühte pilves olevat rakendust või on mingi osa nende IT infrastruktuurist pilves. Uurimistööd näitavad, et 56% tehnoloogia valdkonna otsustajatest uurivad erinevaid võimalusi pilvelahenduste kasutamiseks. Eel-toodu tõttu on oluline mõista erinevaid pilveteenuste kasutusvõimalusi, ärivajadusi ja investeeringuid. Antud magistritöö hindab paljusid kasutegureid, mida pilverakenduste ja pilvearvutuse kasutamine pakub äritegevusele. Pilvearvutus pakub paindliku, taskuko-hast ja end tõestanud platvormi ärilahenduste ja IT lahenduste loomiseks. Pilvearvutuse kasutamine pakub ettevõtetele harukordset võimalust muuta teenuse pakkumist tõhusa-maks, juhtimist sujuvamaks ning viia IT teenused vastavusse pidevalt muutuvate äriva-jadustega. Pilvearvutuse kasutamine pakub rohkem kui ühe võimaluse ärivaldkondade usaldusväärseks toeks ning ühtlasi tõstab võimekust luua uusi ja innovaatilisi teenuseid. Olemasoleva kirjanduse mittetäielik analüüs toob esile selle, et enne ettevõtetes pilvela-henduste ja pilvearvutuse kasutuselevõttu on väga oluline pöörata tähelepanu kaasneva-tele turvalisuse väljakutsetele. Antud magistritöös on detailselt käsitletud peamisi pil-vandmetöötluse valdkonna turvalisuse probleeme ning töö järeldusena pakutakse välja soovitusi pilve turvalisuse juurutamiseks.Today an estimated 72% of enterprises use at least one cloud application or a percentage of their I.T infrastructure in the cloud. Research shows that 56% of the decision makers in technology are investigating more ways of leveraging the cloud. This makes it impor-tant to understand the different usage plans in cloud service models, business drivers and investments. This thesis measures the myriad benefits of using cloud applications, and the effect of cloud computing on business performance. As will be seen in the the-sis, cloud computing offers a flexible, affordable as well as proven platform for the pro-vision of business and IT services via the internet. Cloud computing provides companies with the rare opportunity of strengthening their efficiencies in service delivery, mana-gement streamlining, and the aligning of IT services with the ever changing business needs. In more ways than one, cloud computing provides solid support for business functions, alongside increasing the capacity for the development of new as well as inno-vative services. A non-exhaustive review of the existing literature revels that the security challenges faced by enterprises during cloud adoption and interoperability have to be addressed before the implementation of cloud computing. In this thesis, we provide a detailed overview of the key security issues in the realm of cloud computing and con-clude with the recommendations on the implementation of cloud security