An SOA Model with Security-as-a-service in Cloud Computing Application-I banking



Similar documents
Cloud Computing in Banking

Security Issues in Cloud Computing

Capturing the New Frontier:

A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS

The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.

CLOUD COMPUTING SECURITY ISSUES

How cloud computing can transform your business landscape

SERENA SOFTWARE Serena Service Manager Security

Data Protection: From PKI to Virtualization & Cloud

Outline. What is cloud computing? History Cloud service models Cloud deployment forms Advantages/disadvantages

A Survey on Security Issues in Service Delivery Models of Cloud Computing

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Cloud Courses Description

Research Paper Available online at: A COMPARATIVE STUDY OF CLOUD COMPUTING SERVICE PROVIDERS

Cloud Computing. Karan Saxena * & Kritika Agarwal**

10/25/2012 BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH Agenda. Security Cases What is Cloud? Road Map Security Concerns

Everything You Need To Know About Cloud Computing

IBM EXAM QUESTIONS & ANSWERS

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing Phillip Hampton LogicForce Consulting, LLC

Clinical Trials in the Cloud: A New Paradigm?

TECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing

CLOUD COMPUTING SECURITY CONCERNS

1 The intersection of IAM and the cloud

Security Considerations for Public Mobile Cloud Computing

Security Issues In Cloud Computing And Their Solutions

How cloud computing can transform your business landscape.

The Cloud. JL Cabrera LTEC 4550

In a dynamic economic environment, your company s survival

qwertyuiopasdfghjklzxcvbnmqwertyui opasdfghjklzxcvbnmqwertyuiopasdfgh jklzxcvbnmqwertyuiopasdfghjklzxcvb nmqwertyuiopasdfghjklzxcvbnmqwer

White Paper: Optimizing the Cloud Infrastructure for Enterprise Applications

Cloud-Security: Show-Stopper or Enabling Technology?

FACING SECURITY CHALLENGES

Essential Characteristics of Cloud Computing: On-Demand Self-Service Rapid Elasticity Location Independence Resource Pooling Measured Service

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Data Storage Security in Cloud Computing

Keyword: Cloud computing, service model, deployment model, network layer security.

The Case For A Cloud Access Security Broker

Cloud Infrastructure Security

Addressing Cloud Computing Security Considerations

Risks and Challenges

Improving Web Application Security by Eliminating CWEs Weijie Chen, China INFSY 6891 Software Assurance Professor Dr. Maurice Dawson 15 December 2015

Cloud Computing Guidelines

next generation privilege identity management

What Is The Cloud And How Can Your Agency Use It. Tom Konop Mark Piontek Cathleen Christensen

Cloud security and OpenStack Primož Cigoj Laboratorij za odprte sisteme in mreže IJS-E5.

CLOUD COMPUTING AND ITS SECURITY ASPECTS

Module 1: Facilitated e-learning

Cloud Computing Security Issues And Methods to Overcome

Securing SaaS Applications: A Cloud Security Perspective for Application Providers

What Cloud computing means in real life

The cloud - ULTIMATE GAME CHANGER ===========================================

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled

APIs The Next Hacker Target Or a Business and Security Opportunity?

Cloud Computing - Architecture, Applications and Advantages

International Journal of Engineering Research & Management Technology

Cloud Computing: A Question of Trust Maintaining Control and Compliance with Data-centric Information Security

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003

Security Issues in Cloud Computing

Cloud Computing and Records Management

Public Auditing & Automatic Protocol Blocking with 3-D Password Authentication for Secure Cloud Storage

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

Optimizing Service Levels in Public Cloud Deployments

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

Deploying a Geospatial Cloud

Ensuring High Service Levels for Public Cloud Deployments Keys to Effective Service Management

ISSN: (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies

STORAGE SECURITY TUTORIAL With a focus on Cloud Storage. Gordon Arnold, IBM

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

Prof. Luiz Fernando Bittencourt MO809L. Tópicos em Sistemas Distribuídos 1 semestre, 2015

Agenda. What is cloud? Cloud based services The Good bad and Ugly.. Anatomy of a cloud Guidelines for you

A Survey on Cloud Security Issues and Techniques

Why You Should Consider Cloud- Based Archiving. A whitepaper by The Radicati Group, Inc.

Cloud Computing. Cloud computing:

Cloud SQL Security. Swati Srivastava 1 and Meenu 2. Engineering College., Gorakhpur, U.P. Gorakhpur, U.P. Abstract

A COMPLETE GUIDE HOW TO CHOOSE A CLOUD-TO-CLOUD BACKUP PROVIDER FOR THE ENTERPRISE

The Cloud at Crawford. Evaluating the pros and cons of cloud computing and its use in claims management

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

Rapid Application Development

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing

How to Turn the Promise of the Cloud into an Operational Reality

How To Understand Cloud Computing

Cloud Computing Terms:

Public or Private Cloud: The Choice is Yours

Cloud Computing. Chapter 1 Introducing Cloud Computing

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

Secure Cloud Computing through IT Auditing

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

BMC s Security Strategy for ITSM in the SaaS Environment

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Quick guide: Using the Cloud to support your business

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

D. L. Corbet & Assoc., LLC

Introduction to Cloud Computing

Transcription:

An SOA Model with Security-as-a-service in Cloud Computing Application-I banking Shalini. G #1, Hamsalatha. J #2, M Shivakumar #3 1 Asst.Proffessor, Computer science and engineering, VTU 2 Asst.Professor, computer science and engineering,vtu 3 Professor, computer science and engineering,vtu Dr.TTIT, Kolar Gold Fields, India Abstract Cloud computing is an emerging technology which provides three main services namely SaaS,PaaS and IaaS where the security is addressed individually in each of these services. In this view the network traffic and computation time increases, and slows down the availability of cloud resources to the service consumers. In this paper we have proposed a new service provider namely security-as-a-service in cloud computing wherein all the security related tasks will be handled uniquely which is similar to firewall in a network topology. In our paper, we have taken i-banking application with SOA for effective, easy and secure access of cloud. Keywords Cloud, SOA, Security-as a-service I. INTRODUCTION Cloud computing represents one of the most significant shifts in information technology. Customers are both excited and nervous at the prospects of cloud computing. They are excited at the oppurtunities to reduce capital costs, ondemand computing provisioning. However,customers are also very concerned about the risks of cloud computing if not properly secured and the loss of direct control over systems for which they are nonetheless accountable.[1].a number of factors, including lower cost of connectivity, greater Internet and mobile Internet penetration, affordability of devices and the arrival of the smart phone have gone into popularizing online (Internet and mobile) banking around the world[2].cloud computing will increasingly provide banks with new lower cost operating models thanks to virtualization, greater automation, and the ability to push more activities offshore. As these benefits are realized, banks will face decisions regarding the business case for moving legacy systems into the cloud or building new cloudenabled assets that they will then integrate into the legacy environment.one of the critical issues in evaluating cloudbased services is Data security. Consumers were initially afraid that online banking would make them more vulnerable to fraud or identity theft. Now that online security technologies have improved, online banking is actually safer than getting paper statements in the mail. Likewise, using a cloud-based service supplier instead of operating your own internal system can be a major step toward becoming liberated from serious security issues.[2] A. Advantages of cloud 1) Cost savings and usage based billing With cloud computing, financial institutions can turn a large up-front capital expenditure into a smaller, ongoing operational cost. There is no need for heavy investments in new hardware and software. In addition, the unique nature of cloud computing allows financial institutions to pick and choose the services required on a pay-as-you-go basis. 2) Business continuity With cloud computing, the provider is responsible for managing the technology. Financial firms can gain a higher level of data protection, fault tolerance, and disaster recovery. Cloud computing also provides a high level of redundancy and back-up at lower price than traditional managed solutions. 3)Business agility and focus The flexibility of cloud-based operating models lets financial institutions experience shorter development cycles for new products. This supports a faster and more efficient response to the needs of banking customers. Since the cloud is available on-demand, less infrastructure investments are required, saving initial set-up time. It also allows new product development to move forward without capital investment 4)Green IT Organizations can use cloud computing to transfer their services to a virtual environment that reduces energy consumption[3] ISSN: 2231-5381 http://www.ijettjournal.org Page 293

B.Cloud computing service models 1)Business Process-as-a-Service (BPaaS). The cloud is used for standard business processes such as billing, payroll, or human resources. BPaaS combines all the other service models with process expertise. 2)Software-as-a-Service (SaaS). A cloud service provider houses the business software and related data, and users access the software and data via their web browser. Types of software that can be delivered this way include accounting, customer relationship management, enterprise resource planning, invoicing, human resource management, content management, and service desk management. 3)Platform-as-a-Service (PaaS). A cloud service provider offers a complete platform for application, interface, and database development, storage, and testing. This allows businesses to streamline the development, maintenance and support of custom applications, lowering IT costs and minimizing the need for hardware, software, and hosting environments. 4)Infrastructure-as-a-Service (IaaS). Rather than purchasing servers, software, data center space or network equipment, this cloud model allows businesses to buy those resources as a fully outsourced service.[4] C. Cloud computing deployment models SaaS deploys the provider s applications running on a cloud infrastructure; it offers anywhere access, but also increases security risk. Security risks are data security,network security,data locality,data integrity,data access, authorization and authentications. For example, with Salesforce.com, only certain salespeople may be authorized to access and download confidential customer sales information. PaaS is a shared development environment, such as Microsoft Windows Azure, where the consumer controls deployed applications but does not manage the underlying cloud infrastructure. This cloud service model requires strong authentication to identify users, an audit trail, and the ability to support compliance regulations and privacy mandates. IaaS lets the consumer provision processing, storage, networks, and other fundamental computing resources and controls operating systems, storage, and deployed applications.public cloud poses major risk whereas private cloud security have lesser impact. As with Amazon Elastic Compute Cloud (EC2), the consumer does not manage or control the underlying cloud infrastructure. Data security is typically a shared responsibility between the cloud service provider and the cloud consumer. Data encryption without the need to modify applications is a key requirement in this environment to remove the custodial risk of IaaS infrastructure personnel accessing sensitive data A single security system would be too costly for certain applications and also if the cloud has a common security methodology in place,it will be a high value asset for hackers because it makes entire cloud vulnerable to attack[6]. 1)Private cloud Private clouds are built by applying virtualization within a bank s own data centers. Because private clouds are not exposed to external tenants, banks tend to regard them as a more secure environment for customer data. 2)Public cloud Public clouds extend the data center s capabilities by enabling the provisioning of IT services from third-party providers over a network.the data and processing may be located anywhere in the world on infrastructure that is shared with the cloud provider s other customers,or tenants. 3)Hybrid cloud Hybrid clouds blend public and private clouds depending on the sensitivity of the data and applications in each process, and the degree of business criticality and differentiation. Most banks will follow a hybrid cloud strategy which can also be a cloud owned by and located within the bank,but operated by a third-party.[5] D. Security challenges pertaining to each of the three cloud service models Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Fig. 1 The three cloud services ans SecaaS which acts as a firewall Secaas is a service oriented approach to IT security architecture and thus a consequent evolution of traditional security landscapes. It is defined as a model for the delivery of standardized and comprehensive security, functionality in accordance with Saas model. It thus follows the cloud computing complying with related principals. In the figure we can see that a new cloud service Secaas is included which ISSN: 2231-5381 http://www.ijettjournal.org Page 294

acts as a firewall. The end users when accessing the cloud services has to cross this firewall which protects the cloud. The security enablers include technologies,such as cryptography, directories and key stores that are utilized to perform the tasks. II.SERVICE ORIENTED CLOUD BASED ARCHITECTURE SOA, a flexible, modular approach to delivering IT services, is an essential foundation for emerging technologies like cloud. Plus, SOA provides significant advantages over current IT architectures. While it lowers costs, its primary benefit is the improvement in agility that it provides to organizations, enabling them to respond to the increasing rate of change occurring in nearly every business around the world.[7] A. Five key reasons to utilize SOA on the way to cloud: 1)Accessibility: the cloud is accessible through a SOA interface 2)Visibility: SOA tools and techniques can help an organization find services that meet its needs. 3)Extensibility: Cloud services can be modified and customized using SOA techniques. 4)Matching Expectations: Cloud services require clear SLA S, deploy these using SOA contract management techniques. 5)Adherence to standard: SOA policy management techniques validate that an organization follow appropriate cloud standards. While the cloud undoubtedly presents enormous benefits to the business, moving away from a centralized IT architecture can open up a business to new risks. Utilizing specific techniques within SOA can improve security, such as using an intermediary for communication and run-time policy enforcement to ensure that communications are secure. In a cloud environment, it is important to always investigate who is responsible for securing the cloud and whether their security matches the organization s expectations. If not, the organization should work with a partner to ensure that all areas of security across the architecture are sufficient. Planning how to measure and test security means SOA contracts can be proposed while SOA services are still relatively small in number. The figure2 given shows how we can implement the three security services in a single place as secaas. Fig. 2 Secaas using SOA model In the figure, we can see three main cloud services i.e Iaas, Saas, Paas.above these we have Secaas which makes use of SOA model to address security issues. The SOA Security Pattern addresses security along four dimensions: 1)Authentication It must be possible for the service provider to ascertain the identity of the service requester. 2)Authorization The service provider must be able to determine whether the requester has the appropriate rights to invoke the service. 3)Message Confidentiality Message contents must only be visible to the intended recipient. 4)Message Integrity It must be possible to guarantee that a message has not been altered or tampered with in transport between the service consumer and the service provider. The security information related to the message payload is typically contained in the message header as shown in the figure. The security header for the message contains a security token, a digital signature when necessary, and information related to the encryption of the message if the message has been encrypted. Authentication is supported through the use of client-side x.509 certificates, username and password, and Security Assertion Markup Language (SAML) certificates. Message confidentiality can be guaranteed at the transport layer via Secure Sockets Layer (SSL) or within individual messages. Encryption at the message level ensures confidentiality across multiple hops in the integration infrastructure. Message integrity can be guaranteed through signing using digital certificates. Time stamps are used to prevent replay attacks[8]. ISSN: 2231-5381 http://www.ijettjournal.org Page 295

III.BANKING IN THE CLOUD Cloud computing is much more than simply renting servers and storage on-demand to reduce infrastructure costs-as many believe. In fact, a bank may have many reasons for moving to the cloud, but the primary reason will likely be applications. A key stumbling block for major investments in new technologies has always been the capital expenditure needed for new infrastructure. With cloud computing, financial institutions only have to budget for operational expenses and pay for the services they use. This makes it easier and more cost effective to test new applications on the cloud versus current traditional infrastructure [3]. No single cloud computing services model is expected to meet all the technology requirements for every financial institution. Instead, banks should develop and maintain an application portfolio consisting of both cloud and on-premise applications. While investments in legacy systems are expected to continue, cloud based services are ideal for newer business areas. Cloud-based services are expected to provide the advantage of both lower investments in implementing business strategies and faster turnaround time for product and service offerings, especially those delivered over mobile devices and the Internet.A good example is Singapore, where all major banks provide internet banking platforms. Using cloud reduces software licencing costs by centralizing across enterprise, efficient use of hardware and network assets, better absorb explosions of data without increasing network investments. But still there are security issues in moving core data to the public cloud but with smarter privacy like 3 factor authentication(smartcard, password, bio-metric identification like voice signature) would become smarter reducing disruption and increasing satisfaction. Using this SecaaS makes availability efficient because we are not providing security in individual cloud services (Iaas, Paas,Saas) rather addressed in a single SOA model Secaas. It addresses authentication, authorization, message integrity and confidentiality by applying various authentication and authorization techniques(username, passwords, smart cards, biometrics), encryption and decryption algorithms are used, digital signatures are used and also acts like a firewall in network topology but again security concern should be taken care because the entire security feature is available in a single place for hackers Example: BBVA banks on Google cloud operates in 26 countries and the applications used are gmail, chat, calendar, docs and video conferencing to achieve a cultural change[5]. CHALLENGES IN CLOUD TABLE 1 Challenge Description Possible approach Identification and authentication Authorization Confidentiality Integrity and reliability Non-repudation Availability identification is the process whereby a network element recognizes a valid users identity and authentication is a process of verifying claimed identity of user Determine whether the requester has the appropriate rights to invoke the service. Limiting information access and disclosure to authorized users Refers to the trustworthiness of information resources To ensure that transferred message has been sent and received by the parties claiming to have sent and received the message Availability of information resources User id s and passwords, smartcards, cryptography,biometric identification Physical isolation, cryptography Load balancing techniques Security threats in cloud are: malicious insider attack, denialof-service, man-in-the middle attack, message alteration, replay attack, false repudation, insecure interfaces and APIs, shared technology issues, data loss or leakage, account or service hijacking and unknown risk profile. The areas of Cloud Security as a Service that most likely will interest consumers and security professionals are: Identity Services and Access Management Services Data Loss Prevention (DLP) Web Security Email Security Security Assessments Intrusion Management, Detection, and Prevention (IDS/IPS) Security Information and Event Management (SIEM) Encryption Business Continuity and Disaster Recovery Network Security [8] ISSN: 2231-5381 http://www.ijettjournal.org Page 296

IV Conclusion Authors Profile Cloud computing is a Kind of network where user can use services provided by Service provider on pay per use bases. It is a research area which provides a wide range of applications under different topologies where every topology computing that is expected to be adopted by government, manufacturers and academicians in the near future. Banks appreciate the relevance of cloud and SOA solutions. At the moment, however many are reluctant to entrust their sensitive customer and financial data to public cloud services run by third parties. Data privacy and security regulation in many countries prohibit the storage and processing of customer data outside national borders. Banks are also worried about disastrous impact of a serious breach of security or privacy. This paper gives an overview of how we can provide a separate Security as a cloud service using SOA model, which addresses security issues like Authentication, Authorization, Message confidentiality and message integrity. In this approach load balancing is easy but the entire cloud will be affected if the hacker attacks the single security service. Hence extensive work has to be done towards securing the single SOA integrated cloud security as a service. REFERENCES [1] Cloud security alliance, top threats to cloud computing v1.0, prepared by CSA march 2010 [2] TC Dinesh, Senior principal, Infosys limited, what the future of online banking authentication, finacle from Infosys [3] Sudhir sriram, cloud computing in Banking, www.capgemini.com/financialservices [4] Santosh Nikam1, Chandrabhan Ghuge2, Harish Bhabad 3, Ajeet Patel4, Pankaj Kulkarni I-BANKING AN APPLICATION OF CLOUD COMPUTING, www.ijater.com ISSN No: 2250-3536 Volume 2, Issue 6, Nov. 2012 Shalini G, Currently Working has Assistant Professor in the Department of Computer science and engineering at Dr.TTIT, KGF has profound knowledge in research and area of interest is Network Security, cloud Computing, operating System Etc., Hamsalatha.J, Currently Working has Assistant Professor in the Department of Computer science and engineering at Dr.TTIT, KGF has profound knowledge in research and area of interest is storage area network, cloud computing, Data Security Etc., Dr.M.ShivaKumar, Head of the Department of Computer science and engineering Dr.TTIT, KGF has profound knowledge in research and area of interest is Network Security, cloud computing, operating System Etc. and guided for this paper, [5] Emmanuel viale, a new era in banking, www.accenture.com [6]s.subhashini, v.kavitha, A survey on security issues in service delivery models of cloud computing, www.elseier.com/locate/jnca, 2010 [7] Andy Mulholland, Ruse Daniele,tim hall,mary Johnson,pite chargin,www.hp.com/wp_cloudcomputing_soa [8]Soa security Design and implementation,ibm,www.redbooks.com, isbn: 0738486655 ISSN: 2231-5381 http://www.ijettjournal.org Page 297

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information