25,060 research outputs found
Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study
Cloud computing has emerged as a popular paradigm and an attractive model for
providing a reliable distributed computing model.it is increasing attracting
huge attention both in academic research and industrial initiatives. Cloud
deployments are paramount for institution and organizations of all scales. The
availability of a flexible, free open source cloud platform designed with no
propriety software and the ability of its integration with legacy systems and
third-party applications are fundamental. Open stack is a free and opensource
software released under the terms of Apache license with a fragmented and
distributed architecture making it highly flexible. This project was initiated
and aimed at designing a secured cloud infrastructure called BradStack, which
is built on OpenStack in the Computing Laboratory at the University of
Bradford. In this report, we present and discuss the steps required in
deploying a secured BradStack Multi-node cloud infrastructure and conducting
Penetration testing on OpenStack Services to validate the effectiveness of the
security controls on the BradStack platform. This report serves as a practical
guideline, focusing on security and practical infrastructure related issues. It
also serves as a reference for institutions looking at the possibilities of
implementing a secured cloud solution.Comment: 38 pages, 19 figures
Cloud Security : A Review of Recent Threats and Solution Models
The most significant barrier to the wide adoption of cloud services has been attributed to perceived cloud insecurity (Smitha, Anna and Dan, 2012). In an attempt to review this subject, this paper will explore some of the major security threats to the cloud and the security models employed in tackling them. Access control violations, message integrity violations, data leakages, inability to guarantee complete data deletion, code injection, malwares and lack of expertise in cloud technology rank the major threats. The European Union invested €3m in City University London to research into the certification of Cloud security services. This and more recent developments are significant in addressing increasing public concerns regarding the confidentiality, integrity and privacy of data held in cloud environments. Some of the current cloud security models adopted in addressing cloud security threats were – Encryption of all data at storage and during transmission. The Cisco IronPort S-Series web security appliance was among security solutions to solve cloud access control issues. 2-factor Authentication with RSA SecurID and close monitoring appeared to be the most popular solutions to authentication and access control issues in the cloud. Database Active Monitoring, File Active Monitoring, URL Filters and Data Loss Prevention were solutions for detecting and preventing unauthorised data migration into and within clouds. There is yet no guarantee for a complete deletion of data by cloud providers on client requests however; FADE may be a solution (Yang et al., 2012)
CYCLONE Unified Deployment and Management of Federated, Multi-Cloud Applications
Various Cloud layers have to work in concert in order to manage and deploy
complex multi-cloud applications, executing sophisticated workflows for Cloud
resource deployment, activation, adjustment, interaction, and monitoring. While
there are ample solutions for managing individual Cloud aspects (e.g. network
controllers, deployment tools, and application security software), there are no
well-integrated suites for managing an entire multi cloud environment with
multiple providers and deployment models. This paper presents the CYCLONE
architecture that integrates a number of existing solutions to create an open,
unified, holistic Cloud management platform for multi-cloud applications,
tailored to the needs of research organizations and SMEs. It discusses major
challenges in providing a network and security infrastructure for the
Intercloud and concludes with the demonstration how the architecture is
implemented in a real life bioinformatics use case
The cloud paradigm: Are you tuned for the lyrics?
Major players, business angels and opinion-makers are broadcasting beguiled
lyrics on the most recent IT hype: your software should ascend to the clouds.
There are many clouds and the stake is high. Distractedly, many of us became
assiduous users of the cloud, but perhaps due to the legacy systems and legacy
knowledge, IT professionals, mainly those many that work in business
information systems for the long tail, are not as much plunged into producing
cloud-based systems for their clients.
This keynote will delve into several aspects of this cloud paradigm, from
more generic concerns regarding security and value for money, to more specific
worries that reach software engineers in general. Do we need a different
software development process? Are development techniques and tools mature
enough? What about the role of open-source in the cloud? How do we assess the
quality in cloud-based development? Please stay tuned for more!Comment: Position paper to introduce a keynote, proceedings of WAMPS'2011 - VI
Annual MPS.BR Workshop, pp. 20-25, Campinas, Brazil, October 201
A threshold secure data sharing scheme for federated clouds
Cloud computing allows users to view computing in a new direction, as it uses
the existing technologies to provide better IT services at low-cost. To offer
high QOS to customers according SLA, cloud services broker or cloud service
provider uses individual cloud providers that work collaboratively to form a
federation of clouds. It is required in applications like Real-time online
interactive applications, weather research and forecasting etc., in which the
data and applications are complex and distributed. In these applications secret
data should be shared, so secure data sharing mechanism is required in
Federated clouds to reduce the risk of data intrusion, the loss of service
availability and to ensure data integrity. So In this paper we have proposed
zero knowledge data sharing scheme where Trusted Cloud Authority (TCA) will
control federated clouds for data sharing where the secret to be exchanged for
computation is encrypted and retrieved by individual cloud at the end. Our
scheme is based on the difficulty of solving the Discrete Logarithm problem
(DLOG) in a finite abelian group of large prime order which is NP-Hard. So our
proposed scheme provides data integrity in transit, data availability when one
of host providers are not available during the computation.Comment: 8 pages, 3 Figures, International Journal of Research in Computer
Science 2012. arXiv admin note: text overlap with arXiv:1003.3920 by other
author
- …