Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Data Management

Rough Draft - WordPress.com

advertisement 
Kevin 1
Security in Cloud Computing Literature Review
By Kevin Hall
Security in the Cloud – Introduction
As our dependability on technology continues to grow, we see an increase of storage and
power required to run a website and/or store data. The only logical solution to this growing
problem is to begin the transition to cloud computing. Cloud computing is divided into three
services; Software as a service (SaaS), Platform as a Service (PaaS), and Infrastructure as a
Service (IaaS)[Describe each of these?]. These are necessary when someone doesn’t have the
computing power to do the desired task locally; so they seek outside resources that have an
abundance of cloud storage. Not only can they work directly on the cloud, which eliminates the
need for anything, more than an internet connection. But they can also store data which is
available anywhere the cloud accessible. These two factors play a major role in why we must
make the transition into the cloud. However as more people make this move, it gives more of an
incentive to hackers to try to break through the cloud. As the cloud evolves so does the hacker’s
techniques. This makes it pretty difficult to keep these vital pieces of technology secure. During
this literature review we will be looking at different methodologies to help secure the cloud. But
it is imperative IT security specialists increase their efforts to secure what holds everyone's
information.
Encryption, Encryption, Encryption
While there is no right answer to this looming problem, there are a lot of theories of what
we could do to at least improve on the current system in use. Zahir Tari looks towards
“Homomorphic Encryption” as a possible solution. This type of encryption will allow an entry to
Kevin 2
be carried out on encrypted data, thus creating encrypted results. When those results are
decrypted it should read as they were entered (Zahir). This is done by a special algorithm and the
algorithms vary based on the cloud service being used. One of the formulas that Zahir chose to
use is: Ek(a) ⊕c Ek(b) = Ek(a ⊕p b)(Zahir). Which will turn “Name: John” into “Name:
Ek(John)” on the surface. Note that this is one of hundreds of algorithms that is in use. When
it’s being transmitted it will likely be a long string of characters (A-z| 0-9) that is only readable
to someone who has the algorithm. The limitations to Homomorphic Encryption is that it is
restricted to only a single operation, whether that be addition or multiplication. This makes it
possible to hack into and if the algorithm is cracked, all of the data within that cloud service
could be under threat.
Two Factor Authentication
The previous ideology is similar to what Nitin Nagar published in his “Two Factor
Authentication using M-pin Server for Secure Cloud Computing Environments” article, claiming
that the M-pin 2FA (Two Factor Authentication) required some encryption. The Two Factor
Authentication is the basic username and password system that the user sees at any website
login. They incorporate the M-pin to add a level of security to that information. The M-pin is an
identity based cryptosystem that uses elliptic curve to repair the flaws of the original two factor
authentication platform, PKI (elaborate on PKI?). An example the Nagar uses: At a bank we’re
given a numerical pad to enter our 4 digit pass code into. Once the code is entered, the M-pin is
initialized and a secret key and token is created based off that entry. That key is then placed in
the HTML storage area (elaborate?) and the token is sent to an Authentication Server (AS) to be
validated. Once validated the user will gain access to the account associated with that
information they entered. (Nitin).
Kevin 3
Encryption in the IaaS
I mentioned before that there are three different services provided by the cloud; IaaS,
PaaS, and SaaS. Dan Gonzales wrote an insightful paper on how to solely protect IaaS service.
The IaaS is the only tangible of the three, it’s where the hardware, servers, and other parts of the
infrastructure are physically stored. Gonzales’s idea was to create a cloud trusts both virtually
and physically. These trust put each part of the system in different enclaves. This allowed them
to specialize the way they secured an enclave based on its necessities. It also made it so if the one
enclave were to be infiltrated; they couldn’t reach other enclaves, preventing a total breach.
Similar to Nagar and Zahir, Gonzales uses the 2 factor- time limited token code for their CSP
(Cloud Service Provider) which shows regardless of how someone wants to secure they will need
some sort of authenticating process. Whether that be through a 3rd party authenticating service or
an in house authenticating service.
Smart-Frame
The article by Joonsang introduced a solution that wasn’t found in any of the other
articles, and that’s the Smart-Frame. The Smart-Frame is a versatile information management
framework based on cloud computing technology. Their idea was to create three hierarchical
levels (Top, Regional, and End-User) where the first two levels consist of entirely cloud
computing and the last one uses a smart device. (Joonsang). In addition to those, the security
solution they came up with was an identity based encryption, signature, and identity based proxy
re-encryption. The re-encryption gives proxies permission to alter the cipher text so that it can be
decrypted. This is the first instance of recryption I’ve found in an article and based off the
evidence shown in the article it looks to be a safe but timely option. One example expressed in
Kevin 4
the reading was the ENEL Telegestore project in Italy, considered the first commercial project to
use the smart grid technology. It was a huge success and several other smart grid projects
followed after their success (Joonsang). While this article had a different frame work and
algorithm, it still used the basic principle of encryption to secure their cloud services.
Conclusion
The answer to the cloud security issue is not black and white, and there will always be some grey
area. Obviously we need to continue to innovate the cloud and bolster it up to its capabilities,
because we have barely scratched the surface of what can be done. The only way we can fix this
major problem is to stay one step ahead of the hackers, and think that can be achieved by
implementing Joonsang’s idea, the Smart-Fame ideology.
Kevin 5
Works Cited
(APA)
Tari, Zahir, and Xun Yi. "Security and Privacy in Cloud Computing." IEEE Cloud
Computing (2015): 30-38. Print.
Nagar, Nitin, and Ugrasen Suman. "Two Factor Authentication Using M-pin Server for Secure
Cloud Computing Environment." International Journal of Cloud Applications and
Computing (2014): 42-54. Print.
Gonzales, D. (2015). Cloud-Trust a Security Assessment Model for Infrastructure as a Service
(IaaS) Clouds. IEEE Cloud Computing.
Baek, J. (2015). A Secure Cloud Computing Based Framework for Big Data Information
Management of Smart Grid. IEEE Transactions on Cloud Computing, 3(2), 233-243.
Watson, P. (2014). Multilevel Security for Deploying Distributed Applications on Clouds,
Devices and Things. 381-385.
Xiong, J. (2014). A Secure Data Self-Destructing Scheme in Cloud Computing. IEEE
Transactions on Cloud Computing, 448-458.
Related documents
Slide - People
Slide - People
Cloud Computing - Lutheran Services in America
Cloud Computing - Lutheran Services in America
RESUME
RESUME
Lisa Neal-Graves, Director Technology Insights, Intel
Lisa Neal-Graves, Director Technology Insights, Intel
Cisco Video Strategy - Distributed Computing Industry Association
Cisco Video Strategy - Distributed Computing Industry Association
More on the project
More on the project
Document
Document
Abstract - ieeeclass
Abstract - ieeeclass
Download
advertisement