Yang Luo,Tian Puyang,Wu Luo,Qingni Shen,Anbang Ruan,Zhonghai Wu

DOI: https://doi.org/10.1007/978-3-319-50011-9_17

2016-01-01

Abstract:Recently a large number of existing cloud systems adopt representational state transfer (REST) as the interface of their services. The end users or even components inside the cloud invoke RESTful calls to perform various actions. The authorization mechanisms of the existing clouds fail to supply two key elements: unified access control and flexible support for different policies. Moreover, different clouds usually provide distinct access control concepts and policy languages. This might cause confusion for customers whose business is distributed in multiple clouds. In this paper, we propose a multi-policy authorization framework called MultiPol to support various access control policies for OpenStack. The end users can customize or even integrate different policies together to form a single decision via logical connectors. This paper presents the design and implementation of MultiPol, including a new service called Policy Service and an attachment module called Request Filter. Experiments on OpenStack show that MultiPol has improved the flexibility and security of policy management without affecting other services. Meantime, the average performance overhead is as low as 7.8%, which is acceptable for practical use. Since MultiPol is built on REST, it is also adaptive to other clouds which also provide RESTful interfaces.

Wenjuan Li,Lingdi Ping,Xuezeng Pan

DOI: https://doi.org/10.1109/iceie.2010.5559829

2010-01-01

Abstract:Security and interoperability is the biggest challenge to promote cloud computing currently. Trust has proved to be one of the most important and effective alternative means to construct security in distributed systems. In order to efficiently and safely construct entities' trust relationship in cloud and cross-clouds environment, this paper proposed a novel cloud trust model and a new cloud security framework. The propose trust model is domain-based. It divides one cloud provider's resource nodes into the same trust domain. It designs different trust strategies for different roles. Trust recommendation is treated as one type of cloud services just like computation or storage. Based on the proposed trust model, it introduced a novel cloud security framework with an independent trust management module. Using the proposed security model, it introduced some trust-based security mechanisms. Results of simulation experiments show that the proposed security model can achieve high transaction success rate with high trust accuracy.

Qiang Wu,Ran Wang,Xincheng Yan,Chunming Wu,Rongxing Lu

DOI: https://doi.org/10.1109/MWC.001.2100251

IF: 12.777

2022-01-01

IEEE Wireless Communications

Abstract:Opening-up sharing has prompted the multi-tenancy architecture, whereby different vendors (including outsourcees) work together with network operators to form a vibrant service ecosystem, resulting in several advantages as well as risks. In particular, the static nature of existing architectures in network functions virtualization-based (NFV-based) clouds facilitate hacking. Thus, much attention has been focused on determining how to avoid the uncontrollable cloud security induced by complex production relations and non-trustworthy software/hardware sources when the two sets of security risks intersect. In this article, we investigate latent persistent threats against cloud environments and determine a high degree of complementarity and consistency between the NFV-based cloud environment and the dynamic defense concept. More specifically, new NFV-based cloud features provide an effective implementation for dynamic defense, while the generalized robustness of dynamic defense theory allows for high security gains. Intrinsic cloud security (iCS) is then proposed to align NFV-based clouds, mimicking defense and the moving target defense (MTD) paradigm to implement a seamless integration and symbiosis evolution between security and NFV-based clouds. We quantify the impact on system overhead to account for efficiency and cost issues. The simulation analysis demonstrates that the enhanced mode is able to consistently obtain a more beneficial and stable defense compared with the counterparts.

Irum Rauf,Elena Troubitsyna

DOI: https://doi.org/10.48550/arXiv.1805.05519

2018-05-15

Software Engineering

Abstract:The widespread adoption of cloud computing has resulted in the proliferation of open source cloud computing frameworks that give more control to enterprises over their data and networks. Though the benefits of open source software are widely recognized, there is a growing concern over their security assurance. Often open source software is a subject of frequent updates. The updates might introduce or remove a variety of features and hence violate security properties of the previous releases. Obviously, a manual inspection of security would be prohibitively slow and inefficient. In this work, we propose an automated approach that can help developers to assure the security of open source cloud framework even in the presence of frequent releases. Our methodology consists of creating a (stateful) wrapper that emulates the usage scenarios with explicit representation of security and functional requirements as contracts. We use a model-driven approach to model REST APIs of KeyStone, an identity service in OpenStack. OpenStack is an open source cloud computing framework providing IaaS. Our models define structural and behavioral properties of Keystone together with its security requirements. We detail the implementation of these models in Django Web Framework and also show how to use the behavioral interfaces to implement a service monitor for the cloud services. This mechanism facilitates verification and validation of functional behavior and security requirement in an automated manner.

Evan F. Bollig,Graham T. Allan,Benjamin J. Lynch,Yectli A. Huerta,Mathew Mix,Edward A. Munsell,Raychel M. Benson,Brent Swartz

DOI: https://doi.org/10.1145/3219104.3219165

2018-07-23

Abstract:While traditional HPC has and continues to satisfy most workflows, a new generation of researchers has emerged looking for sophisticated, scalable, on-demand, and self-service control of compute infrastructure in a cloud-like environment. Many also seek safe harbors to operate on or store sensitive and/or controlled-access data in a high capacity environment. To cater to these modern users, the Minnesota Supercomputing Institute designed and deployed Stratus, a locally-hosted cloud environment powered by the OpenStack platform, and backed by Ceph storage. The subscription-based service complements existing HPC systems by satisfying the following unmet needs of our users: a) on-demand availability of compute resources, b) long-running jobs (i.e., $> 30$ days), c) container-based computing with Docker, and d) adequate security controls to comply with controlled-access data requirements. This document provides an in-depth look at the design of Stratus with respect to security and compliance with the NIH's controlled-access data policy. Emphasis is placed on lessons learned while integrating OpenStack and Ceph features into a so-called "walled garden", and how those technologies influenced the security design. Many features of Stratus, including tiered secure storage with the introduction of a controlled-access data "cache", fault-tolerant live-migrations, and fully integrated two-factor authentication, depend on recent OpenStack and Ceph features.

Distributed, Parallel, and Cluster Computing

Montida Pattaranantakul,Ruan He,Zonghua Zhang,Ahmed Meddahi,Ping Wang

DOI: https://doi.org/10.1109/TDSC.2018.2889709

2021-01-01

Abstract:AbstractNetwork Functions Virtualization (NFV) has been widely recognized as an effective way to implement and consolidate hardware-based network functions by using software-based approaches, with a potential to significantly reducing CAPEX and OPEX. In particular, NFV orchestrators (e.g., Tacker, Cloudify, and ONAP) play a vital role in managing and orchestrating various virtualized network resources (e.g., VMs, Virtualized Network Functions), and TOSCA is one of the standard data models to fulfil such a role. However, it remains unclear how the security mechanisms can be seamlessly integrated into the entire lifecycle of those virtualized network assets. Starting with a comparative analysis on the available NFV orchestrators, we extend the TOSCA model to incorporate security attributes of interest, and leverage the extended model to create access control policies at cloud scale. Specifically, a security orchestrator is developed, which contains a TOSCA-parser and a novel tenant-specific access control paradigm. One of the salient features of our security orchestrator is that it allows to dynamically generate access control models and policies for different tenant domains, resulting in a flexible and scalable protection coverage that is across different NFV layers and multiple data centers. To validate its feasibility and effectiveness, we develop a security orchestrator prototype and test its performance with respect to throughput, scalability, and adaptability. The experimental results demonstrate that all the desirable properties can be achieved, and the throughput of our security orchestrator can be maintained at a satisfactory level regardless of the varying number of tenants, users, or objects that are deployed in the cloud.

Tian Puyang,Qingni Shen,Yang Luo,Wu Luo,Zhonghai Wu

DOI: https://doi.org/10.1109/ICC.2017.7997107

2017-01-01

Abstract:Failing to promote the least privilege principle in administration can lead to substantial vulnerabilities in cloud computing. A malicious insider like a compromised cloud administrator can affect security of data and workloads belonging to cloud customers. Enforcing the least privilege principle in cloud administration can fairly restrict the permissions of administrators and reduce the attack surface. However, writing a least privilege policy can be hard and error prone for cloud service providers. In this paper, we propose a framework called Least Privilege for Cloud (LPCloud) to address these concerns. LPCloud automatically produces policies for minimization of administrators' privileges at the granularity of representational state transfer (REST) application program interfaces (API), and enforces the policies without affecting current systems. Specifically, we introduce a novel algorithm to partition privileges based on dependencies between API calls. This paper presents design of LPCloud, including a service called Policy Generator which produces partitioned policies and a component named Policy Enforcer to enforce the policies. We implement a prototype of our framework in OpenStack Mitaka. Experiments indicate that LPCloud can produce proper policies to enforce the least privilege principle. Meantime, the average performance overhead is 10.1% which is in acceptable level.

Ruoyu Wu,Xinwen Zhang,Gail‐Joon Ahn,Hadi Sharifi,Haiyong Xie

IF: 56.9

2013-01-01

Science

Abstract:Organizations and enterprises have been outsourcing their computation, storage, and workflows to Infrastructure-as-a-Service (IaaS) based cloud platforms. The heterogeneity and high diversity of IaaS cloud environment demand a comprehensive and finegrained access control mechanism, in order to meet dynamic, extensible, and highly configurable security requirements of these cloud consumers. However, existing security mechanisms provided by IaaS cloud providers do not satisfy these requirements. To address such an emergent demand, we propose a new cloud service called access control as a service (ACaaS), a service-oriented architecture in cloud to support multiple access control models, with the spirit of pluggable access control modules in modern operating systems. As a proof-of-concept reference prototype, we design and implement ACaaSRBAC to provide role-based access control (RBAC) for Amazon Web Services (AWS), where cloud customers can easily integrate the service into enterprise applications in order to extend RBAC policy enforcement in AWS. We describe challenges and lessons in implementing ACaaSRBAC, demonstrate how this service can be seamlessly integrated with enterprise cloud applications, and discuss evaluation results.

Jiang Lan,Gu Chunhua

DOI: https://doi.org/10.1109/csa.2013.16

2013-01-01

Abstract:To protect data users stored on cloud platform, a new access control method that combines Oakley algorithm and a hierarchical scheme by privilege was proposed. CP-ABE algorithm, Oakley protocol and hierarchical management by privilege were integrated creatively to a new effective and secure access control model (OHB-model). The proposed scheme supported user dynamic topology changes. It could be used for hierarchical access control on cloud platform. Through the theoretical analysis and experimental verification, the security vulnerabilities could be solved effectively.

Yang Luo,Qingni Shen,Cong Li,Kang Chen,Zhonghai Wu

DOI: https://doi.org/10.1007/978-3-319-27051-7_44

2015-01-01

Abstract:Among modern cloud infrastructures, live migration of virtual machines offers many advantages like scalability and elasticity but also leads to risks in the meantime. Security issues of live migration have been studied and classified into three threats: control plane, data plane and migration module. Lots of work has focused on the latter two aspects. However, the security of control plane has yet to be analyzed. This paper starts by introducing three classes of control plane threats: load balancing, scheduling and transmission. We then elaborate how scheduling attack can subvert the VM scheduling algorithm via the proposed scheduling algorithm reverse approach (SARA). We evaluate the effects of SARA using datasets gathered from OpenStack. This work is a beneficial attempt to compromise the control plane of VM migration, which can be used as a self-test tool for cloud service providers to test the defences against network intruders.

Malik Imran-Daud

DOI: https://doi.org/10.48550/arXiv.1612.09527

2016-12-30

Cryptography and Security

Abstract:Thanks to the advent of the Internet, it is now possible to easily share vast amounts of electronic information and computer resources (which include hardware, computer services, etc.) in open distributed environments. These environments serve as a common platform for heterogeneous users (e.g., corporate, individuals etc.) by hosting customized user applications and systems, providing ubiquitous access to the shared resources and requiring less administrative efforts; as a result, they enable users and companies to increase their productivity. Unfortunately, sharing of resources in open environments has significantly increased the privacy threats to the users. Indeed, shared electronic data may be exploited by third parties, such as Data Brokers, which may aggregate, infer and redistribute (sensitive) personal features, thus potentially impairing the privacy of the individuals. A way to palliate this problem consists on controlling the access of users over the potentially sensitive resources. Specifically, access control management regulates the access to the shared resources according to the credentials of the users, the type of resource and the privacy preferences of the resource/data owners. The efficient management of access control is crucial in large and dynamic environments. Moreover, in order to propose a feasible and scalable solution, we need to get rid of manual management of rules/constraints (in which most available solutions rely) that constitutes a serious burden for the users and the administrators. Finally, access control management should be intuitive for the end users, who usually lack technical expertise, and they may find access control mechanism more difficult to understand and rigid to apply due to its complex configuration settings.

Xiang Wang,Zhi Liu,Jun Li,Baohua Yang,Yaxuan Qi

DOI: https://doi.org/10.1109/icccn.2014.6911782

2014-01-01

Abstract:Multi-tenant infrastructures deployed in cloud datacenters need network security protection. However, the rigid control mechanism of current security middleboxes induces inflexible orchestration, limiting the agile and on-demand security provision in virtualized datacenters. This paper presents Tualatin, a consolidated framework of delivering security services in multi-tenant datacenters. It meets security requirements of different scenarios by hardware and software co-design. Leveraging Software-Defined Networking (SDN) and OpenFlow techniques, Tualatin provides fine-grained security protection in dynamically changing network topologies, where both switches and security middleboxes are programmatically controlled by logically centralized controllers. With service-level APIs exposed, Tualatin could be easily integrated with other Cloud Management System (CMS). A proof-of-concept system has been deployed in a Tier-IV datacenter, providing customizable network security services for tenant Virtual Private Cloud (VPC) infrastructure.

Yang Luo,Qingni Shen,Zhonghai Wu

DOI: https://doi.org/10.48550/arXiv.1903.09756

2019-03-23

Abstract:Access control is an important component for web services such as a cloud. Current clouds tend to design the access control mechanism together with the policy language on their own. It leads to two issues: (i) a cloud user has to learn different policy languages to use multiple clouds, and (ii) a cloud service provider has to customize an authorization mechanism based on its business requirement, which brings high development cost. In this work, a new access control policy language called PERM modeling language (PML) is proposed to express various access control models such as access control list (ACL), role-based access control (RBAC) and attribute-based access control (ABAC), etc. PML's enforcement mechanism is designed in an interpreter-on-interpreter manner, which not only secures the authorization code with sandboxing, but also extends PML to all programming languages that support Lua. PML is already adopted by real-world projects such as Intel's RMD, VMware's Dispatch, Orange's Gobis and so on, which proves PML's usability. The performance evaluation on OpenStack, CloudStack and Amazon Web Services (AWS) shows PML's enforcement overhead per request is under 5.9us.

Cryptography and Security

Xitao Wen,Yan Chen,Chengchen Hu,Chao Shi,Yi Wang

DOI: https://doi.org/10.1145/2491185.2491212

2013-01-01

Abstract:ABSTRACTThe OpenFlow (OF) paradigm embraces third-party development efforts, and therefore suffers from potential trust issue on OF applications (apps). The abuse of such trust could lead to various types of attacks impacting the entire network. In this paper, we propose PermOF, a fine-grained permission system, as the first line of defense, in order to apply minimum privilege on apps. We summarize a set of 18 permissions to be enforced at the API entry of the controller. To accommodate the isolation requirements, we propose a customized isolation mechanism, which achieves comprehensive resource isolation and access control.

Luyang Zhang,Ruonan Rao

DOI: https://doi.org/10.1109/DBTA.2010.5659024

2010-01-01

Abstract:In open pervasive computing environment, various devices and applications are frequently changeable. It is hard to authenticate strange entities for lack of centralized management authority. In order to solve access control problem in open pervasive environment, a trust based access control framework is introduced in this paper, and a corresponding prototype system is designed, implemented and integrated into R-OSGi, which is a widely used middleware in pervasive environment. The system is based on sunxacml and employs Pervasive Trust Management Model as well as XACML based access control policy, supports dynamic trust degree evaluation and trust degree based decision-making for authorization.

Clinton Dsouza,Gail-Joon Ahn,Marthony Taguinod

DOI: https://doi.org/10.1109/iri.2014.7051866

2014-08-01

Abstract:With the increasing user demand for elastic provisioning of resources coupled with ubiquitous and on-demand access to data, cloud computing has been recognized as an emerging technology to meet such dynamic user demands. In addition, with the introduction and rising use of mobile devices, the Internet of Things (IoT) has recently received considerable attention since the IoT has brought physical devices and connected them to the Internet, enabling each device to share data with surrounding devices and virtualized technologies in real-time. Consequently, the exploding data usage requires a new, innovative computing platform that can provide robust real-time data analytics and resource provisioning to clients. As a result, fog computing has recently been introduced to provide computation, storage and networking services between the end-users and traditional cloud computing data centers. This paper proposes a policy-based management of resources in fog computing, expanding the current fog computing platform to support secure collaboration and interoperability between different user-requested resources in fog computing.

LI Min,QIN Zhi-guang

DOI: https://doi.org/10.3969/j.issn.1001-3695.2013.01.066

2013-01-01

Abstract:Based on analysis the current popular PaaS,this paper brought some security requirements forward together with the P_FACSM(PaaS_fair access control safe model).The model took ABAC as the foundation,the fairness QoS as environmental constraints,and combined with the authorization of the OAuth protocol.P_FACSM not only could guarantee the integrity and confidentiality of data in PaaS,but also could ensure the maximum fairness of the QoS.Moreover,it could protect the terminal users' account privacy.After the theoretical analysis and related projects practical application,this model can reach good security guarantee and get high time efficiency.

Yu Zhang,Jing Chen,Ruiying Du,Lan Deng,Yang Xiang,Qing Zhou

DOI: https://doi.org/10.1109/TrustCom.2014.42

2014-01-01

Abstract:In the past few years, cloud computing has emerged as one of the most influential paradigms in the IT industry. As promising as it is, this paradigm brings forth many new challenges for data security because users have to outsource sensitive data on untrusted cloud servers for sharing. In this paper, to guarantee the confidentiality and security of data sharing in cloud environment, we propose a Flexible and Efficient Access Control Scheme (FEACS) based on Attribute-Based Encryption, which is suitable for fine-grained access control. Compared with existing state-of-the-art schemes, FEACS is more practical by following functions. First of all, considering the factor that the user membership may change frequently in cloud environment, FEACS has the capability of coping with dynamic membership efficiently. Secondly, full logic expression is supported to make the access policy described accurately and efficiently. Besides, we prove in the standard model that FEACS is secure based on the Decisional Bilinear Diffie-Hellman assumption. To evaluate the practicality of FEACS, we provide a detailed theoretical performance analysis and a simulation comparison with existing schemes. Both the theoretical analysis and the experimental results prove that our scheme is efficient and effective for cloud environment.

Hanene Boussi Rahmouni,Kamran Munir,Mohammed Odeh,Richard McClatchey

DOI: https://doi.org/10.48550/arXiv.1202.5482

2012-11-13

Abstract:There is widespread agreement that cloud computing have proven cost cutting and agility benefits. However, security and regulatory compliance issues are continuing to challenge the wide acceptance of such technology both from social and commercial stakeholders. An important facture behind this is the fact that clouds and in particular public clouds are usually deployed and used within broad geographical or even international domains. This implies that the exchange of private and other protected data within the cloud environment would be governed by multiple jurisdictions. These jurisdictions have a great degree of harmonisation; however, they present possible conflicts that are hard to negotiate at run time. So far, important efforts were played in order to deal with regulatory compliance management for large distributed systems. However, measurable solutions are required for the context of cloud. In this position paper, we are suggesting an approach that starts with a conceptual model of explicit regulatory requirements for exchanging private data on a multijurisdictional environment and build on it in order to define metrics for non-compliance or, in other terms, risks to compliance. These metrics will be integrated within usual data access-control policies and will be checked at policy analysis time before a decision to allow/deny the data access is made.

Distributed, Parallel, and Cluster Computing

Mohemed Almorsy,John Grundy,Amani S. Ibrahim

DOI: https://doi.org/10.1109/cloud.2011.9

2011-07-01

Abstract:Although the cloud computing model is considered to be a very promising internet-based computing platform, it results in a loss of security control over the cloud-hosted assets. This is due to the outsourcing of enterprise IT assets hosted on third-party cloud computing platforms. Moreover, the lack of security constraints in the Service Level Agreements between the cloud providers and consumers results in a loss of trust as well. Obtaining a security certificate such as ISO 27000 or NIST-FISMA would help cloud providers improve consumers trust in their cloud platforms' security. However, such standards are still far from covering the full complexity of the cloud computing model. We introduce a new cloud security management framework based on aligning the FISMA standard to fit with the cloud computing model, enabling cloud providers and consumers to be security certified. Our framework is based on improving collaboration between cloud providers, service providers and service consumers in managing the security of the cloud platform and the hosted services. It is built on top of a number of security standards that assist in automating the security management process. We have developed a proof of concept of our framework using. NET and deployed it on a testbed cloud platform. We evaluated the framework by managing the security of a multi-tenant SaaS application exemplar.