Mutual Protection in a Cloud Computing Environment

Albeshri, Aiiad; Caelli, William

doi:10.1109/hpcc.2010.87

Cited by 32 publications

(10 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…This particular architecture design helps users to modify security policies according to their need. However, outsourcing identity providers few concerns [93] including: (1) how to make sure that there will be no shift of data and processes to another location; (2) how to delete data after expiration of contract and (3) how to avoid both accidental and deliberate interference across the domain of clouds. In principle, there is no scheme to match the access control requirements with those that are provided by cloud providers.…”

Section: Federated Identity Management Systemmentioning

confidence: 99%

Cloud Computing Security: A Survey

2014

View full text Add to dashboard Cite

Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures. OPEN ACCESSComputers 2014, 3 2

show abstract

Section: Federated Identity Management Systemmentioning

confidence: 99%

Cloud Computing Security: A Survey

2014

View full text Add to dashboard Cite

show abstract

“…It is common for modern organisations to utilise and benefit from the adoption of cloud and internet based computing. Users of cloud computing infrastructure can concentrate on the delivery of high value/profit services at high levels of Quality of Service (QoS), without being pre-occupied with large-scale investments in hardware and specialist skills for the support and maintenance of such systems [1], [2]. In particular the regular upgrades and expense of licenses of application software used to run business processes, related transactions and decision-support systems [3] are a significant demand upon an organisation's resources.…”

Section: Introductionmentioning

confidence: 99%

Dynamic Multiparty Authentication of Data Analytics Services Within Cloud Environments

Al-Aqrabi

Hill

2018

2018 IEEE 20th International Conference on High Performance Computing and Communications; IEEE 16th International Conference On

View full text Add to dashboard Cite

Approaches to the provision of data analytics for businesses offer methods to analyse and model data, enabling informed decision making to improve business performance and profitability. Typically, analytics processing is an intensive task and the demand for business insight, on-demand, means that organisations make use of elastic cloud provisioned resources to host such services. However, within the shared domains of multi-tenant cloud computing, business data and models are exposed to greater security threats and compromised privacy, since an unauthorised user may be able to gain access to highly sensitive, consolidated business-critical information. Business analytics processes are often composed from orchestrated, collaborating services, which are consumed by users from multiple cloud systems (in different security realms), which need to be engaged dynamically at runtime. If heterogeneous cloud systems located in different security realms do not have direct authentication relationships, then it is a considerable technical challenge to enable secure collaboration. In order to address this security challenge, a new authentication framework is required to establish trust amongst business analytics service instances and users by distributing a common session secret to all participants of a session. We address this challenge by designing and implementing a secure multiparty authentication framework for dynamic interaction, for the scenario where members of different security realms express a need to access orchestrated services. This novel framework exploits the relationship of trust between session members in different security realms, to enable a user to obtain security credentials that access cloud resources in a remote realm. The mechanism assists cloud session users to authenticate their session membership, thereby improving the performance of authentication processes within multiparty sessions. We see applicability of this framework beyond multiple cloud infrastructure, to that of any scenario where multiple security realms has the potential to exist, such as the emerging Internet of Things (IoT).

show abstract

“…As both individuals and organisations embrace the benefits of cloud computing infrastructure, more and more data storage and business process services are being transferred or established in clouds [1]. This shift from local to remote infrastructure drastically reduces the effort and expenditure [4] required for system maintenance [2], [3], enabling system users to concentrate on business concerns such as QoS and performance, etc.…”

Section: Introductionmentioning

confidence: 99%

A Scalable Model for Secure Multiparty Authentication

Al-Aqrabi

Hill

2018

2018 IEEE SmartWorld, Ubiquitous Intelligence &Amp; Computing, Advanced &Amp; Trusted Computing, Scalable Computing &Amp; Commu

View full text Add to dashboard Cite

Distributed system architectures such as cloud computing or the emergent architectures of the Internet Of Things, present significant challenges for security and privacy. Specifically, in a complex application there is a need to securely delegate access control mechanisms to one or more parties, who in turn can govern methods that enable multiple other parties to be authenticated in relation to the services that they wish to consume. We identify shortcomings in an existing proposal by Xu et al for multiparty authentication and evaluate a novel model from Al-Aqrabi et al that has been designed specifically for complex multiple security realm environments. The adoption of a Session Authority Cloud ensures that resources for authentication requests are scalable, whilst permitting the necessary architectural abstraction for myriad hardware IoT devices such as actuators and sensor networks, etc. In addition, the ability to ensure that session credentials are confirmed with the relevant resource principles means that the essential rigour for multiparty authentication is established.

show abstract

Mutual Protection in a Cloud Computing Environment

Cited by 32 publications

References 6 publications

Cloud Computing Security: A Survey

Cloud Computing Security: A Survey

Dynamic Multiparty Authentication of Data Analytics Services Within Cloud Environments

A Scalable Model for Secure Multiparty Authentication

Contact Info

Product

Resources

About