Security & Privacy Issues in Mobile Cloud Computing

Similar documents
Privacy & Security of Mobile Cloud Computing (MCC)

Privacy & Security of Mobile Cloud Computing

ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3

IMCM: A Flexible Fine-Grained Adaptive Framework for Parallel Mobile Hybrid Cloud Applications

On the features and challenges of security and privacy in distributed internet of things. C. Anurag Varma CpE /24/2016

Zentera Cloud Federation Network for Hybrid Computing

Next Generation Mobile Cloud Gaming

1294 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 15, NO. 3, THIRD QUARTER 2013

An introduction to Cryptosoft

A Comparative Study of cloud and mcloud Computing

Internet of things (IOT) applications covering industrial domain. Dev Bhattacharya

A Road Map on Security Deliverables for Mobile Cloud Application

Cloud Computing for hand-held Devices:Enhancing Smart phones viability with Computation Offload

Planning the Migration of Enterprise Applications to the Cloud

How To Make A Secure Storage On A Mobile Device Secure

Architecting the Cloud

Mobile Hybrid Cloud Computing Issues and Solutions

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Cloud Computing: What IT Professionals Need to Know

Networking for cloud computing

XMPP A Perfect Protocol for the New Era of Volunteer Cloud Computing

CHAPTER 1 INTRODUCTION

CHAPTER 7 SUMMARY AND CONCLUSION

Trust areas: a security paradigm for the Future Internet

Cluster, Grid, Cloud Concepts

Participatory Cloud Computing and the Privacy and Security of Medical Information Applied to A Wireless Smart Board Network

TOPOLOGIES NETWORK SECURITY SERVICES

Summer projects for Dept. of IT students in the summer 2015

The Private Cloud Your Controlled Access Infrastructure

Making Multicore Work and Measuring its Benefits. Markus Levy, president EEMBC and Multicore Association

Evolution from the Traditional Data Center to Exalogic: An Operational Perspective

Chapter 1: Introduction

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Digital Signage in the Cloud

International Journal of Advancements in Research & Technology, Volume 3, Issue 4, April ISSN

CHAPTER 8 CLOUD COMPUTING

Security Considerations for DirectAccess Deployments. Whitepaper

Augmented Search for Web Applications. New frontier in big log data analysis and application intelligence

Secure cloud access system using JAR ABSTRACT:

Mobile Cloud Computing: Paradigms and Challenges 移 动 云 计 算 : 模 式 与 挑 战

Microsoft SQL Server 2008 R2 Enterprise Edition and Microsoft SharePoint Server 2010

Governance van Mobiele Service Platforms

Vortex White Paper. Simplifying Real-time Information Integration in Industrial Internet of Things (IIoT) Control Systems

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Relational Databases in the Cloud

Oracle Database 11g Comparison Chart

Product Overview. UNIFIED COMPUTING Managed Load Balancing Data Sheet

How can the Future Internet enable Smart Energy?

Chapter 19 Cloud Computing for Multimedia Services

Some Specific Parawise Suggestinons. 2. An application which collects and analyzes this data for further consolidation and,

An Introduction to Private Cloud

Solution & Design Architecture

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

Lecture 02a Cloud Computing I

A Middleware Strategy to Survive Compute Peak Loads in Cloud

Mobile Cloud Computing In Business

Authentication. Authorization. Access Control. Cloud Security Concerns. Trust. Data Integrity. Unsecure Communication

Desktop Virtualization and Storage Infrastructure Optimization

Portable Wireless Mesh Networks: Competitive Differentiation

Tutorial on Client-Server Architecture

Best Practices: Extending Enterprise Applications to Mobile Devices

SPACK FIREWALL RESTRICTION WITH SECURITY IN CLOUD OVER THE VIRTUAL ENVIRONMENT

CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS

Security Issues in Cloud Computing

Cloud Computing and Standards

Injazat s Managed Services Portfolio

Middleware- Driven Mobile Applications

Business Intelligence Competency Partners

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value

NIST Cyber Security Activities

An Oracle White Paper July Oracle Primavera Contract Management, Business Intelligence Publisher Edition-Sizing Guide

Thingsquare Technology

White Paper Take Control of Datacenter Infrastructure

Application Security 101. A primer on Application Security best practices

Remote Voting Conference

N. J. Pramod Dhinakar 1, G. Kishore Kumar 2, M. Raghavendra 3

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui

Monitoring Traffic manager

How To Unify Your Wireless Architecture Without Limiting Performance or Flexibility

MOBILE CHIP ELECTRONIC COMMERCE: ENABLING CREDIT CARD PAYMENT FOR MOBILE DEVICES

Migration of Virtual Machines for Better Performance in Cloud Computing Environment

SECURE MOBILE APP DEVELOPMENT: DIFFERENCES FROM TRADITIONAL APPROACH

Govt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering. Sixth Semester

Transcription:

Security & Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi,1, Sapna Malik, Preeti Aggarwal and Shilpa Bahl Ansal University, Gurgaon- 122011, India 1 mmchaturvedi@ansaluniversity.edu.in

Indian Context The potential uptake of the mobile computing in tandem with cloud paradigm offers possibilities that can spur a huge market in developing Indian economy However, the privacy and security concerns because of the necessity to store data at remote locations seem to be an inhibitor for both corporations and individuals

Evolving Government Policy E-Gov Initiatives Framework for Citizen Engagement in e-governance (April 2012) THE ELECTRONIC DELIVERY OF SERVICES BILL, 2011 (16th November 2011) Framework for Mobile Governance (January 2012) Draft National e- Authentication Framework (NeAF) (01 Sep 2011)

Cloud Computing Paradigm (Md.T. Khorshed et al,2012)

Cloud computing gaps (Md.T. Khorshed et al,2012)

Cloud computing security (Md.T. Khorshed et al,2012)

Mobile Computing Challenges Mobile devices being battery powered, have limited processing power, low storage, less security, unpredictable Internet connectivity, and less energy It is difficult to enforce a standardized credential protection mechanism due to variety of mobile devices. The aforementioned limitations of mobile devices are always obstacles for computationally intensive and storage demanding applications on a mobile

Mobile Cloud Computing (MCC) Paradigm To augment the capability, capacity and battery time of the mobile devices, computationally intensive and storage demanding jobs should be moved to cloud Careful planning is required before offloading the jobs on a cloud server by considering the network conditions and communication overhead to make offloading beneficial for mobile users

Needed Eco-system There is a need for a lightweight secure framework that provides security with minimum communication and processing overhead on mobile devices. There is need to develop a security framework by making perfect balance between cost of Cloud usage and energy usage in mobile device for providing security. The security and privacy protection services can be achieved with the help of secure cloud application services.

Needed Eco-system (Contd) There is need to develop security framework according to different trust level of cloud server and type of cloud server. There is a need for a secure communication channel between cloud and the mobile device. The most challenging aspects in MCC are guaranteeing user privacy and the provision of mobile application security that uses cloud resources. In addition to security and privacy, the secure cloud application services provide the user management, key management, encryption on demand, intrusion detection, authentication, and authorization services to mobile users

Mobile cloud computing architecture (A.N. Khan et al.,12) A.N. Khan et al. / Future Generation Computer Systems (doi:10.1016/j.future.2012.08.003

Mobile Cloud Computing(MCC)- Definition A service that allows resource constrained mobile users to adaptively adjust processing and storage capabilities by transparently partitioning and offloading the computationally intensive and storage demanding jobs on traditional cloud resources by providing ubiquitous wireless access.

Mobile Cloud Application-Category Client Model-How mobile device access services in the cloud. Client/Cloud Model-application is divided into components and distributed between mobile device and cloud. Cloud Model-mobile is considered as a part of cloud and used as integral part of cloud by exploiting its storage and computing capacity by sharing it in cloud.

Security Framework for MCC Data Security framework-secure User s Data stored in cloud Application Security Framework-Secure Data & Computation in cloud for Mobile User.

Evaluation Criteria for Data Security Framework Basic Theory-mathematical principal or cryptographic principle Data protection-on mobile or on cloud Scalability-can cope up with increasing no of users without degrading performance of security framework Assumption- fully trusted semi trusted or distrusted cloud server. Data Access-provide automated or semi automated encryption of file Authentication of originator of user s files on cloud

Evaluation Criteria for Application Security Framework Application type Security Features. Assumptions Scalability Cloud server-single node or distributed nodes

Security services on different layers (A.N. Khan et al.,12)

Layout Of Communication Mobile End Low End with limited power and Computational ability WAP Gateway Act as a bridge between WAP protocol and HTTP/HTTPS protocol. Cloud Server Server end, highly efficient for computation and memory rich.

Objective of proposed research Our Research objective is to propose and develop an application security framework for client/cloud/cloudlet model in which security algorithms can be decided for a mobile entity dynamically in using Software as a Service (SaaS) delivery model. We will be focusing on not just the mobile security parameters but also on the cloud security related issues and respective parameters to the extent they impact security of user data

Proposed research as part of taxonomy of issues in mobile cloud computing (Fernando,2012)

The key illustrative areas of proposed research Preparation of semantic data for security parameters Cloud Security attributes Mobile Security features and respective parameters Security algorithm under different security requirements Platform Independent Security Architecture.

Possible Research Questions What could be semantic data for mobile and cloud security? How the Protocol Selection Procedure can be made intelligent with option for static protocol selection when necessary? How workload could be partitioned between mobile and cloud after factoring various related issues?

Possible options to be explored Trusted third party assuring specific security characteristics within a cloud. Identification of appropriate security parameters for a mobile and cloud. Dependency matrix of these parameters to metric security of a mobile cloud computing application. Generation of semantic data to facilitate selection of the security protocol by the middleware. Intelligent protocol selection process would help conserve resources. This would permit use of already selected protocol if the semantic data values are unchanged.

Proposed Validation Approaches Application security testing Governance Risk Compliance (GRC) testing Latency Testing

Key Challenges in proposed research During experimentation the simulator being used should acquire necessary information from both the OS and through the wireless medium. Balance between security and maintaining communication quality and system performance. We should provide a single security layer for different contexts of hardware, software and communication modes.

Key Challenges in proposed research (Contd) Need for the data semantics so as to determine different sensitivity levels of the data being transmitted, facilitating strong security mechanism only when they are actually needed rather than on the whole data. In the proposed approach, appropriate metrics and the parameters should be defined, to facilitate objective evaluation. Design of a Platform Independent Security Architecture, so that we can deploy lightweight part of security Framework on any Mobile device, without interface issues.

Concluding Remarks The proposed research would attempt to leverage the output of the doctoral research work of the co-authors in this domain Any collaboration on the proposed research can be suitably coordinated by Ansal University, Gurgaon, India

Thanks

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information