Multitenancy - Security Risks and Countermeasures

Security within the cloud is of paramount importance as the interest and indeed utilization of cloud computing increase. Multitenancy in particular introduces unique security risks to cloud computing as a result of more than one tenant utilizing the same physical computer hardware and sharing the same software and data. The purpose of this paper is to explore the specific risks in cloud computing due to Multitenancy and the measures that can be taken to mitigate those risks.Security within the cloud is of paramount importance as the interest and indeed utilization of cloud computing increase. Multitenancy in particular introduces unique security risks to cloud computing as a result of more than one tenant utilizing the same physical computer hardware and sharing the same software and data. The purpose of this paper is to explore the specific risks in cloud computing due to Multitenancy and the measures that can be taken to mitigate those risks

Stochastic MCDM Framework Over Converged Infrastructure

AbstractService unification and application integration have brought about vendors, network operators, service providers, car- riers, businesses and infrastructures over a platform while offering the business plans, presenting solution packages, proposing virtualization strategies and outsourcing the resources whereas promising an all Internet Protocol (IP) setup. Diverse business goals from distinctive providers alongside the technology merger and service unification in addition to dynamic border traffic management issues introduce more complexity over such platforms. A decision-making frame- work for handling the border traffic management issues at private public network with multi homing support is presented. Augmented Multi Criteria Decision Making (MCDM) theory addresses the qualitative entities while constructing the structural hierarchy of goals, criteria, sub criteria and alternatives. Inter/Intra-domain knowledge over different planes (service, control and transport) is modeled by using ontology. Blending ontology with Bayesian captures uncertainty over the planes. A simple use-case is presented over the test-bed to validate the proposed solution. The system offers higher throughput with lower call/session/request drop at the cost of an add-on delay

Securing multi-tenancy systems through multi DB instances and multiple databases on different physical servers

Use of the same application by multiple users through internet as a service is supported by cloud computing system. Both the user and attacker stay in the same machine as both of them are users of the same application creating an in-secure environment. Service must ensure secrecy both at the application and data layer level. Data isolation and Application isolation are two basic aspects that must be ensured to cater for security as desired by the clients that accesses the service. In this paper a more secured mechanism has been presented that help ensuring data isolation and security when Multi-tenancy of the users to the same service has been implemented

Modified Query-Roles Based Access Control Model (Q-RBAC) for Interactive Access of Ontology Data

The data access model plays an important role during accessing and querying the stored data from the database. It provides an access right and authorization of accessing data into a database. It can distinguish the access boundaries between the administrators and the users where the database administrators can create certain policies either from the client application side or directly from the database side, depending upon the nature of running application. However, the emerging technology on the ontology repository has forced some database developers to adapt most of the access policies from the traditional database system and many of the policies were inherited from the relational database. This method of adopting or borrowing access policies from other storage system has created an unnecessary layer between the ontology repository and database. Most of the emerging ontology repositories lack an independent access model that provides or distinguishes access right between the administrators and users or between the ontology data. This paper proposed the improved access layer from the ontology repository with an additional users’ policy creation layer that will lead to increase data security and also increase the performance of querying data. Our effort relies on re-modifying the role based access control model from the traditional one to the new proposed model that organized by the rich users’ policies and perfect query rewriting layer. Although it is associated with query module, the proposed model has an additional security layer to restrict unauthorized users from accessing stored data in order to improve querying and data access performance Keywords: Access methods, Access control, Rule based access control model. Oracle NoSQL database, Virtual data layer, Ontology Query

Inter-confidentiality protection of agent communication in multi-agent system based applications

Mobile agent interaction is usually vulnerable to attacks from within and outside the agent’s execution environment. Also, the mobility property of mobile agents earns them the opportunity to migrate from one security domain to another. Intranet/LAN with connection to internet do, from time to time, experience agent visitation either for malicious purpose or for legitimate mission. To protect legitimate agent communication against attack by visiting agent, we propose a technique that restricts migration of the visiting agent and isolate it to a neutral host where its mission could be achieved. We refer to this technique as restriction-based access control mechanism (ResBAC). The proposed mechanism employs certificate authentication, re-defining visiting agent itinerary path and visiting agent isolation to accomplish the aforementioned objective. The performance of the proposed mechanism is evaluated using scenarios to determine the strength of the mechanism in term of its ability to protect agent communication against the three major threats: man-in-the-middle attack, replay attack, and passive eavesdropping

Um modelo para avaliação dinâmica de risco utilizando ontologia

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico, Programa de Pós-Graduação em Ciência da Computação, Florianópolis, 2014.Em computação, o controle de acesso é motivado pela necessidade de divulgar o acesso à informação, recursos e serviços somente para entidades autorizadas. Dentre os modelos de controle de acesso atuais, o RAdAC destaca-se por possibilitar um controle dinâmico e situacional na avaliação do acesso, baseando-se no risco de acesso para aceitar ou negar requisições. Neste contexto, o presente trabalho tem como objetivo oferecer um modelo para avaliação dinâmica de risco a partir do modelo RAdAC, amparando-se no uso de ontologia para realização do cálculo de risco. Na proposta apresentada, a composição do risco total relacionado a uma requisição de acesso é composta pelos riscos de contexto, riscos considerando confidencialidade, integridade e disponibilidade das ações, e do risco considerando o histórico do sujeito.A partir do mapeamento das diversas variáveis envolvidas no cálculo de risco de contexto em sentenças de uma ontologia, o modelo busca inferir dinamicamente o risco de contexto no acesso a um determinado dado, baseando-se nos fatores de risco disponíveis e seus determinados pesos.Abstract : In computing, access control is motivated by the need to promote access to information, resources and services only to authorized entities. Among the existing access control models, RAdAC stands out by allowing a dynamic and situational control in the evaluation of access, relying on the risk assessment to accept or deny requests.This work aims to provide a model for dynamic risk assessment from the RAdAC model, supported by the use of ontologies to perform the calculation of risk. In the proposal presented here, the composition of the total risk associated to an access request comprises the context risk, the risk considering confidentiality, integrity and availability of the actions, and the risk considering the history of the subject.From the mapping of the different variables involved in the calculation of context risk in sentences of an ontology, the model seeks to dynamically infer the context risk during the access to a specific data, based on the available risk factors and their weights

Data security in cloud storage services

Cloud Computing is considered to be the next-generation architecture for ICT where it moves the application software and databases to the centralized large data centers. It aims to offer elastic IT services where clients can benefit from significant cost savings of the pay-per-use model and can easily scale up or down, and do not have to make large investments in new hardware. However, the management of the data and services in this cloud model is under the control of the provider. Consequently, the cloud clients have less control over their outsourced data and they have to trust cloud service provider to protect their data and infrastructure from both external and internal attacks. This is especially true with cloud storage services. Nowadays, users rely on cloud storage as it offers cheap and unlimited data storage that is available for use by multiple devices (e.g. smart phones, tablets, notebooks, etc.). Besides famous cloud storage providers, such as Amazon, Google, and Microsoft, more and more third-party cloud storage service providers are emerging. These services are dedicated to offering more accessible and user friendly storage services to cloud customers. Examples of these services include Dropbox, Box.net, Sparkleshare, UbuntuOne or JungleDisk. These cloud storage services deliver a very simple interface on top of the cloud storage provided by storage service providers. File and folder synchronization between different machines, sharing files and folders with other users, file versioning as well as automated backups are the key functionalities of these emerging cloud storage services. Cloud storage services have changed the way users manage and interact with data outsourced to public providers. With these services, multiple subscribers can collaboratively work and share data without concerns about their data consistency, availability and reliability. Although these cloud storage services offer attractive features, many customers have not adopted these services. Since data stored in these services is under the control of service providers resulting in confidentiality and security concerns and risks. Therefore, using cloud storage services for storing valuable data depends mainly on whether the service provider can offer sufficient security and assurance to meet client requirements. From the way most cloud storage services are constructed, we can notice that these storage services do not provide users with sufficient levels of security leading to an inherent risk on users\u27 data from external and internal attacks. These attacks take the form of: data exposure (lack of data confidentiality); data tampering (lack of data integrity); and denial of data (lack of data availability) by third parties on the cloud or by the cloud provider himself. Therefore, the cloud storage services should ensure the data confidentiality in the following state: data in motion (while transmitting over networks), data at rest (when stored at provider\u27s disks). To address the above concerns, confidentiality and access controllability of outsourced data with strong cryptographic guarantee should be maintained. To ensure data confidentiality in public cloud storage services, data should be encrypted data before it is outsourced to these services. Although, users can rely on client side cloud storage services or software encryption tools for encrypting user\u27s data; however, many of these services fail to achieve data confidentiality. Box, for example, does not encrypt user files via SSL and within Box servers. Client side cloud storage services can intentionally/unintentionally disclose user decryption keys to its provider. In addition, some cloud storage services support convergent encryption for encrypting users\u27 data exposing it to “confirmation of a file attack. On the other hand, software encryption tools use full-disk encryption (FDE) which is not feasible for cloud-based file sharing services, because it encrypts the data as virtual hard disks. Although encryption can ensure data confidentiality; however, it fails to achieve fine-grained access control over outsourced data. Since, public cloud storage services are managed by un-trusted cloud service provider, secure and efficient fine-grained access control cannot be realized through these services as these policies are managed by storage services that have full control over the sharing process. Therefore, there is not any guarantee that they will provide good means for efficient and secure sharing and they can also deduce confidential information about the outsourced data and users\u27 personal information. In this work, we would like to improve the currently employed security measures for securing data in cloud store services. To achieve better data confidentiality for data stored in the cloud without relying on cloud service providers (CSPs) or putting any burden on users, in this thesis, we designed a secure cloud storage system framework that simultaneously achieves data confidentiality, fine-grained access control on encrypted data and scalable user revocation. This framework is built on a third part trusted (TTP) service that can be employed either locally on users\u27 machine or premises, or remotely on top of cloud storage services. This service shall encrypts users data before uploading it to the cloud and decrypts it after downloading from the cloud; therefore, it remove the burden of storing, managing and maintaining encryption/decryption keys from data owner\u27s. In addition, this service only retains user\u27s secret key(s) not data. Moreover, to ensure high security for these keys, it stores them on hardware device. Furthermore, this service combines multi-authority ciphertext policy attribute-based encryption (CP-ABE) and attribute-based Signature (ABS) for achieving many-read-many-write fine-grained data access control on storage services. Moreover, it efficiently revokes users\u27 privileges without relying on the data owner for re-encrypting massive amounts of data and re-distributing the new keys to the authorized users. It removes the heavy computation of re-encryption from users and delegates this task to the cloud service provider (CSP) proxy servers. These proxy servers achieve flexible and efficient re-encryption without revealing underlying data to the cloud. In our designed architecture, we addressed the problem of ensuring data confidentiality against cloud and against accesses beyond authorized rights. To resolve these issues, we designed a trusted third party (TTP) service that is in charge of storing data in an encrypted format in the cloud. To improve the efficiency of the designed architecture, the service allows the users to choose the level of severity of the data and according to this level different encryption algorithms are employed. To achieve many-read-many-write fine grained access control, we merge two algorithms (multi-authority ciphertext policy attribute-based encryption (MA- CP-ABE) and attribute-based Signature (ABS)). Moreover, we support two levels of revocation: user and attribute revocation so that we can comply with the collaborative environment. Last but not least, we validate the effectiveness of our design by carrying out a detailed security analysis. This analysis shall prove the correctness of our design in terms of data confidentiality each stage of user interaction with the cloud