INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY



Similar documents
A Survey on Cloud Computing

Security Considerations for Public Mobile Cloud Computing

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

Customer Security Issues in Cloud Computing

Research Challenges and Security Issues in Cloud Computing

A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining Privacy in Multi-Cloud Environments

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.

A Study on Service Oriented Network Virtualization convergence of Cloud Computing

Grid Computing Vs. Cloud Computing

A Load Balancing Model Based on Cloud Partitioning for the Public Cloud

An Analysis of Data Security Threats and Solutions in Cloud Computing Environment

CLOUD COMPUTING. DAV University, Jalandhar, Punjab, India. DAV University, Jalandhar, Punjab, India

Cloud Computing Architecture: A Survey

SURVEY ON VIRTUALIZATION VULNERABILITIES

Cloud Computing for SCADA

Cloud Services Overview

Cloud Computing. Karan Saxena * & Kritika Agarwal**

Keywords: Cloudsim, MIPS, Gridlet, Virtual machine, Data center, Simulation, SaaS, PaaS, IaaS, VM. Introduction

Cloud Computing: Computing as a Service. Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad

FEDERATED CLOUD: A DEVELOPMENT IN CLOUD COMPUTING AND A SOLUTION TO EDUCATIONAL NEEDS

CLOUD COMPUTING OVERVIEW

Security issues for Cloud Computing

Essential Characteristics of Cloud Computing: On-Demand Self-Service Rapid Elasticity Location Independence Resource Pooling Measured Service

ISSN: (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies

Security Model for VM in Cloud

A Quality Model for E-Learning as a Service in Cloud Computing Framework

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

The cloud - ULTIMATE GAME CHANGER ===========================================

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

Security Analysis of Cloud Computing: A Survey

CLOUD COMPUTING IN HIGHER EDUCATION

East African Information Conference th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

Security Issues in Cloud Computing

How To Understand Cloud Computing

Tamanna Roy Rayat & Bahra Institute of Engineering & Technology, Punjab, India talk2tamanna@gmail.com

International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May ISSN

Security & Trust in the Cloud

CLOUD COMPUTING. A Primer

E-learning Using Cloud Computing

Security Issues in Cloud Computing

Towards Cloud Computing at IS Department, King Abdulaziz University

Cloud Security Introduction and Overview

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

Cloud Courses Description

A Survey on Cloud Computing Security, Challenges and Threats


CLOUD COMPUTING AND ITS SECURITY ASPECTS

CLOUD COMPUTING SECURITY ISSUES

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

CLOUD SECURITY SECURITY ASPECTS IN GEOSPATIAL CLOUD. Guided by Prof. S. K. Ghosh Presented by - Soumadip Biswas

CHAPTER 8 CLOUD COMPUTING

Cloud Computing. Bringing the Cloud into Focus

Secure Cloud Computing through IT Auditing

ANALYSIS OF CLOUD VENDORS IN INDIAN ENVIORNMENT

International Journal of Research in Advent Technology. GREEN CLOUD COMPUTING The NEED of the hour

What is Cloud Computing? First, a little history. Demystifying Cloud Computing. Mainframe Era ( ) Workstation Era ( ) Xerox Star 1981!

Managing Cloud Computing Risk

International Research Journal of Engineering and Technology (IRJET) e-issn: Volume: 02 Issue: 05 Aug p-issn:

Cloud computing: the state of the art and challenges. Jānis Kampars Riga Technical University

How To Understand Cloud Computing

20 th Year of Publication. A monthly publication from South Indian Bank.

Chapter 1: Introduction

Cloud Computing Service Models, Types of Clouds and their Architectures, Challenges.

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

Cloud Computing; What is it, How long has it been here, and Where is it going?

A Comprehensive Cloud Management Platform with Vblock Systems and Cisco Intelligent Automation for Cloud

Capturing the New Frontier:

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

A Study of Infrastructure Clouds

[Sudhagar*, 5(5): May, 2016] ISSN: Impact Factor: 3.785

A Study on the Cloud Computing Architecture, Service Models, Applications and Challenging Issues

Cloud Courses Description

Service-Oriented Architecture for Cloud Computing

IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011

6 Cloud computing overview

The Cloud, Virtualization, and Security

How To Understand Cloud Usability

Safeguarding the cloud with IBM Dynamic Cloud Security

Mobile Cloud Computing Security Considerations

A Gentle Introduction to Cloud Computing

Sistemi Operativi e Reti. Cloud Computing

ADVANCE YOUR MISSION WITH THE CLOUD DO MORE WITH LESS CLOUD SOLUTIONS CDW NONPROFIT

Efficient Cloud Management for Parallel Data Processing In Private Cloud

CLOUD COMPUTING. Keywords: Cloud Computing, Data Centers, Utility Computing, Virtualization, IAAS, PAAS, SAAS.

Lecture 02b Cloud Computing II

How To Protect Your Cloud From Attack

How To Understand Cloud Computing

Cloud Computing Utility and Applications

EMERGING CLOUD COMPUTING

Private Cloud Database Consolidation with Exadata. Nitin Vengurlekar Technical Director/Cloud Evangelist

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Architectural Implications of Cloud Computing

Clinical Trials in the Cloud: A New Paradigm?

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures

Cloud Based E-Government: Benefits and Challenges

Role of Cloud Computing in Education

Transcription:

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK REVIEW ON SECURE INFORMATION FLOW CONTROL IN CLOUD COMPUTING MISS. ANKITA A. DESHMUKH 1, PROF. P. P. DESHMUKH 2 1. Department of Computer Science and Engineering, P.R.Pote College Of Engineering, Maharashtra, India. 2. Professor, Department of Computer Science and Engineering, P.R.Pote College Of Engineering, Maharashtra, India. Accepted Date: 05/03/2015; Published Date: 01/05/2015 Abstract: Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. A fundamental problem is the existence of insecure information flows due to the fact that a service provider can access multiple virtual machines in clouds. Sensitive information may be leaked to unauthorized customers and such critical information flows could raise conflict-of-interest issues in cloud computing. This document provides an insight on different technologies and services specifically for monitoring and security in cloud. Much emphasize is given on virtualization technology because cloud computing highly relies on it. Keywords: Cloud computing modules, cloud virtualization, security of flow control. Corresponding Author: MS. ANKITA A. DESHMUKH Access Online On: www.ijpret.com How to Cite This Article: PAPER-QR CODE 1090

INTRODUCTION Although cloud computing is based on a collection of many existing and few new concepts in several research areas like service-oriented-architecture (SOA), distributed and grid computing,as well as virtualization, it has become a promising computing paradigm drawing extensive attention from both academia and industry. This paradigm shifts the location of computing infrastructure to the network as service associated with the management of hardware and software resources. Cloud Computing started as a mean for interpersonal computing but now it is widely used for accessing software online, online storage [1] without worrying about infrastructure cost and processing power [2]. Organizations can offload their IT infrastructure in the cloud and gain from fast scalability. These organizations, not only include small businesses but also some parts of American government IT infrastructure is moved to cloud [3] as well. It has shown tremendous potential to enhance collaboration, scale, agility and availability. Suppose UA is trying to purchase airplanes to open up new routes and needs investments from banks. All the three banks are willing and competing to provide the investments to UA because of their business and financial interests. Since the consultant can access all the VMs in clouds, it is very likely the consultant will help one bank gain the contract with UA by leaking biding information of the other banks because of personal gains. In that case, the other banks will have tremendous commercial loss. Both UA and Delta also have sensitive information regarding plans, status and standing stored in clouds, each of whom wants to inquire through the consultant for competition. The consultant may also inadvertently disclose one's sensitive information to the other when serving both UA and Delta at the same time. The service provider discloses the sensitive information of BoA to Chase and the sensitive information of Delta to UA. This scenario demonstrates the possible existence of information flow problem in cloud computing which in turns raises conflict-of-interest issues and a critical need to investigate corresponding countermeasures. II. LITERATURE REVIEW Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three delivery models and four deployment models. [8]. The U.S. National Institute of Standards and Technology (NIST) identifies several essential characteristics of a high-performing 1091

Private cloud. On-demand self-service Broad network access Rapid elasticity Measured service Location Rajkumar Buyyaa, Chee Shin Yeoa, Srikumar Venugopala, James Broberga and Ivona Brandic [14] described about emerging IT technologies on cloud computing. They elaborate the scenario regarding market-oriented cloud architecture and resource management strategies for market-oriented Clouds. R. Buyya et al. [15] defines Cloud Computing according to its utility to end users. They put it like that the cloud computing is a market oriented distributed computing which consists of collection of interconnected and Virtualized machines that can be dynamically presented as one or more unified computing resources depending upon Service Level Agreement (SLA) established between provider and consumer through some negotiation. According to National Institute of Standards and Technology (NIST) [15] cloud computing is the new kind of computing model which can enable convenient, on-demand access to the shared resources like network, server, storage, application, service form the resources pool which can be rapidly released and deserves minimal management effort or service provider interaction. Shuai Zhang, Shufen Zhang, Xuebin Chen and Xiuzhen Huo [16] in their paper told that Cloud Computing is a new kind of computing model which enables outsourcing of all IT needs like storage, computation, and software which are geographically distributed through internet Preparing documents over the Net is a newer example of cloud computing. Simply log on to a web-based service such as Google Documents and you can create a document, spreadsheet, presentation, or whatever you like using Web-based software. Instead of typing your words into a program like Microsoft Word or Open Office, running on your computer, you're using similar software running on a PC at one of Google's world-wide data centers. Like an email drafted on Hotmail, the document you produce is stored remotely, on a Web server, so you can access it from any Internet-connected computer, anywhere in the world, any time you like. Using a Web-based service like this means you're "contracting out" or "outsourcing" some of 1092

your computing needs to a company such as Google: they pay the cost of developing the software and keeping it up-to-date and they earn back the money to do this through advertising and other paid-for services. Service Models Cloud computing has been categorized into three models depending on the services provided by the cloud. Following is the brief description of each service model. The table 1 shows benefits of cloud services provided by different cloud vendors in the present market. Software as a Service (SaaS) The consumer is provided with the capability to use provider s application running on a cloud infrastructure. The consumer does not have to manage cloud infrastructure like servers, operating system, storage and network. The services are accessed typically with a web browser. [9] Platform as a Service The consumer is provided with the capability to create applications on their own or through the tools provided by the provider on cloud infrastructure. The consumer has the control over their deployed applications but have not to manage server, storage, network or operating system. [9] Virtualization as an Enabling Technology: In computing, virtualization is a broad term that refers to the abstraction of computer resources. Virtualization hides the physical characteristics of computing resources from their users, be they applications, or end users. This includes making a single physical resource (such as a server, an operating system, an application, or storage device) appear to function as multiple virtual resources; it can also include making multiple physical resources (such as storage devices or servers) appear as a single virtual resource... The underpinning for the majority of high-performing clouds is a virtualized infrastructure. Virtualization has been in data centers for several years as a successful IT strategy for consolidating servers. Used more broadly to pool infrastructure resources, virtualization can also provide the basic building blocks for your cloud environment to enhance agility and flexibility.[7]today, the primary focus for virtualization continues to be on servers. However, vitalizing storage and networks is emerging as a general strategy. Results from a Gartner survey of 505 data center managers worldwide reports that planned or in-process virtualization of 1093

infrastructure workloads will increase from approximately 60 percent in 2012 to almost 90 percent in 2014.4 this continuing growth makes cloud computing an obvious next step for many organizations. Many companies are already virtulizing their IT environment and have been doing so for years. Initially, virtualization was deployed for compute resources, primarily as a cost-saving technology. Organizations soon recognized that virtualization provided additional cost-savings benefits as well as enhanced speed and flexibility. Most clouds are built on virtualized infrastructure technology. Cloud computing originated as a new way to deliver IT services by providing a customer interface to automated, self-service catalogs of standard services, and by using auto scaling to respond to increasing or decreasing user demand. From an IT perspective, a private cloud offers the key advantages of speed, agility, and efficiency while maintaining control of sensitive workloads. Best Practices an Virtualization is another very useful concept. It allows abstraction and isolation of lower level functionalities and underlying hardware. This enables portability of higher level functions and sharing and/or aggregation of the physical resources. The virtualization concept has been around in some form since 1960s (e.g., in IBM mainframe systems). Since then, the concept has matured considerably and it has been applied to all aspects of computing memory, storage, processors, software, networks, as well as services that IT offers. It is the combination of the growing needs and the recent advances in the IT architectures and solutions that is bringing the virtualization to the true commodity level.[6] Virtualization, through its economy of scale, and its ability to offer very advanced and complex IT services at a reasonable cost, is poised to become, along with wireless and highly distributed and pervasive computing devices, such as sensors and personal cell-based access devices, the driving technology behind the next waive in IT growth. Not surprisingly, there are dozens of virtualization products, and a number of small and large companies that make them. Some examples in the operating systems and software applications space are VMware1, Xen an open source Linux-based product developed by XenSource2, and Microsoft virtualization products3, to mention a few. Major IT players have also shown a renewed interest in the technology (e.g., IBM, Hewllet-Packard, Intel, Sun, and RedHat). Classical storage players such as EMC, NetApp, IBM and Hitachi have not been standing still either. In addition, the network virtualization market is teeming with activity. 1094

Security issues in information flow control Organizations use the Cloud in a variety of different service models (SaaS, PaaS, and IaaS) and deployment models (Private, Public, Hybrid, and Community).There are a number of security issues/concerns associated with cloud computing but these issues fall into two broad categories: security issues faced by cloud providers (organizations providing software-, platform-, or infrastructure-as-a-service via the cloud) and security issues faced by their customers (companies or organizations who host applications or store data on the on the cloud).the responsibility goes both ways, however: the provider must ensure that their infrastructure is secure and that their clients data and applications are protected while the user must take measures to fortify their application and use strong passwords and authentication measures.[4] When an organization elects to store data or host applications on the public cloud, it loses its ability to have physical access to the servers hosting its information. As a result, potentially business sensitive and confidential data is at risk from insider attacks. According to a recent Cloud Security Alliance Report, insider attacks are the third biggest threat in cloud computing. Therefore, Cloud Service providers must ensure that thorough background checks are conducted for employees who have physical access to the servers in the data center. Additionally, data centers must be frequently monitored for suspicious activity. In order to conserve resources, cut costs, and maintain efficiency, Cloud Service Providers often store more than one customer's data on the same server. As a result there is a chance that one user's private data can by viewed by other users (possibly even competitors). To handle such sensitive situations, cloud service providers should ensure proper data isolation and logical storage segregation.[10] The extensive use of virtualization in implementing cloud infrastructure brings unique security concerns for customers or tenants of a public cloud service. Virtualization alters the relationship between the OS and underlying hardware - be it computing, storage or even networking. This introduces an additional layer - virtualization - that itself must be properly configured, managed and secured. Specific concerns include the potential to compromise the virtualization software, or "hypervisor". While these concerns are largely theoretical, they do exist. [6] For example, a breach in the administrator workstation with the management software of the virtualization software can cause the whole datacenter to go down or be reconfigured to an attacker's liking.[5] 1095

Deployment Models There are four deployment models with reference to the services and users. Shubhasis Sengupta, Vikrant Kaulgud and Vibhu Saujanya Sharma [17] in their paper and Jayant Baliga, Robert W.A. Ayre, Kerry Hinton and Rodney S. Tucker [18] in their paper emphasizes on the cloud computing infrastructure. They sub-divided to into Public, Private, Community and Hybrid Cloud. Private cloud The cloud is maintained and operated for a specific organization. Private cloud can be in-house or with a third party on the premises. The security premises can access the cloud services whereas the unauthorized clients are blocked. Community cloud The cloud infrastructure is shared among a number of organizations with similar requirements and interests. It can be in-house (Onsite community cloud) or with a third party (Outsourced community cloud) on the premises. Public cloud The cloud is available to the public on commercial basis by a cloud service provider. The public cloud has a large variety of organizational and general public clients making it easier to adapt but more vulnerable to security risks. Hybrid cloud This is the combination of different types of clouds (public, community or private clouds) The hybrid cloud has clear limitations for data/application access but as they are part of a single standardized or proprietary technology, which allows the data and application to be moved if required from one cloud to another.[12] Cloud security controls Cloud security architecture is effective only if the correct defensive implementations are in place. Efficient cloud security architecture should recognize the issues that will arise with security management. The security management addresses these issues with security controls. These controls are put in place to safeguard any weaknesses in the system and reduce the 1096

effect of an attack. While there are many types of controls behind a cloud security architecture, they can usually be found in one of the following categories.[13] Deterrent controls These controls are intended to reduce attacks on a cloud system. Much like a warning sign on a fence or a property, deterrent controls typically reduce the threat level by informing potential attackers that there will be adverse consequences for them if they proceed. [Some consider them a subset of preventive controls.] Preventive controls Preventive controls strengthen the system against incidents, generally by reducing if not actually eliminating vulnerabilities. Strong authentication of cloud users, for instance, makes it less likely that unauthorized users can access cloud systems, and more likely that cloud users are positively identified. Detective controls Detective controls are intended to detect and react appropriately to any incidents that occur. In the event of an attack, a detective control will signal the preventative or corrective controls to address the issue. System and network security monitoring, including intrusion detection and prevention arrangements, are typically employed to detect attacks on cloud systems and the supporting communications infrastructure. Corrective controls Corrective controls reduce the consequences of an incident, normally by limiting the damage. They come into effect during or after an incident. Restoring system backups in order to rebuild a compromised system is an example of corrective control. III. CONCLUSION In this paper, we first identified the information flow problem which could raise conflict-ofinterest issues in cloud computing environments. Also, This study is about having a deep look on cloud computing for finding out, whether cloud computing is mature enough so that it can be a tool to secure and manage their information flow. The literature review is comprised of detailed study on cloud computing in general and some of the security issues or vulnerabilities. It also focuses on the security awareness in general and then focuses on virtualization details as 1097

well as some of practical security issues. Future research work can be comprised of looking more and more closely in to virtualization technique and its implementation. IV. REFERENCES 1. C. Cachin, I. Keidar, and A. Shraer, Trusting the Cloud, SIGACT News, pp.81-86, 2009. 2. D. N. Chorafas, Cloud Computing Strategies, CRC press, 2010. 3. U. S. Air Force Selects IBM to Design and Demonstrate Mission-Oriented Cloud Architecture for Cyber Security. [Online]. Available: http://www- 03.ibm.com/press/us/en/pressrelease/29326.wss, accessed on March. 4. I. Frank, A. Oludele, and O. Shade, Cloud Computing Security Issues and Challenges, International Journal of Computer Networks (IJCN), p. 247, 2011. 5. Cyber Security and Privacy in Cloud Computing: Multidisciplinary Research Problems in Business. [Online]. 6. Available:http://www.cspri.seas.gwu.edu/Seminar%20Abstracts%20and%20Pape rs/cloudcomputinglumley.pdf, accessed on February 2012. 7. J. Sahoo, S. Mohapatra, and R. Lath, Virtualization: A Survey on Concepts, Taxonomy and Associated Security Issues, pp.222-226, 2010. 8. I. Menken and G. Blokdijk, Cloud Computing Virtualization Specialist Complete Certification Kit - Study Guide Book and Online Course, Emereo Pty Ltd, 2009. 9. H. Takabi, J. B. D. Joshi, and G. Ahn, Security and privacy challenges in cloud computing environments, IEEE Security and Privacy, vol. 8, pp.24-31, 2010. 10. Security Guidance for Critical Aread of Focus in Cloud Computing V2.1. [Online]. Available: https://cloudsecurityalliance.org/csaguide.pdf, accessed on February 2012. 11. From Secure Virtualizaton to Secure Private Clouds. Gartner Research Note G00208057 (October 13, 2010). 12. Introduction to Cloud Computing. [Online]. Available: http://www.dialogic.com/solutions/cloudcommunications/build/~/media/product s/docs/whitepapers/12023-cloud-computing-wp.pdf, accessed on February 2012. 1098

13. Cloud Deployment Models Private, Community, Public, Hybrid with Examples. [Online]. Available: http://www.techno- pulse.com/2011/10/cloud- deployment-private-publicexample.html, accessed on February 2012. 14. X. Zhang, H. Du, J. Chen, Y. Lin, and L. Zeng, Ensure Data Security in Cloud Storage, IEEE International Conference on Network Computing and Information Security, pp.284-287, 2011. 15. R. Buyya, C.S. Yeo, S. Venugopal, J. Broberg and I. Brandic, Cloud Computing and Emerging IT Platforms: Vision, Hype, and reality for delivering computing as the 5th utility, Future Generation Computer System, 25(6), pp. 599-616, 2009. 16. Saurabh Kumar Garg and Rajkumar Buyya, Green Cloud computing and Environmental Sustainability. 17. Shuai Zhang, Shufen Zhang, Xuebin Chen and Xiuzhen Huo, Cloud Computing Research and Development Trend, 2010, Second International Conference on Future Networks, pp. 93-97. 18. Subhashis Sengupta, Vikrant Kaulgud and Vibhu Saujanya Sharma, Cloud Computing Security- Trends and Research Directions, 2011, IEEE World Congress on Services, pp. 524-525. 19. Jayant Baliga, Robert W. A. Ayre, Kerry Hinton, and Rodney S. Tucker, Fellow IEEE, Green Cloud Computing: Balancing Energy in Processing, Storage, and Transport. 1099

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information