Dynamic Secure Interconnection for Security Enhancement in Cloud Computing

Authors

  • Liwen He
  • Feiyi Huang
  • Jie Zhang
  • Bin Liu
  • Chunling Chen
  • Zonghua Zhang
  • Yang Yang
  • Weifeng Lu

Keywords:

Cloud Computing, virtualization management, security, dynamic secure interconnection

Abstract

Cloud computing brings efficiency improvement on resource utilization nd other benefits such as on-demand service provisioning, location independence and biquitous access, elastic resource pooling, pay as usage pricing mode, etc. However, t also introduces new security issues because the data management and ownership re separated, and the management is operated on a virtualized platform. In this paper,  novel dynamic secure interconnection (DSI) mechanism is proposed to isolate he cloud computing system into a couple of dynamic virtual trust zones with different ecurity policies implemented for different customers so as to enhance security. xperimental results are presented to demonstrate the feasibility and effectiveness of he DSI mechanism.

References

Xiaoming Lu, Weihua Cao, Xusheng Huang, Feiyi Huang, Liwen He, Wenhong Yang, Shaobin ang, Xiaotong Zhang and Hongsong Chen (2010);

A Real Implementation of DPI in 3G etwork, Proceedings of 2010 IEEE Global Telecommunications Conference (GLOBECOM 010), 1-5.

Cloud Computing Survey, IDC Enterprise Panel, [Online] Available: ttp://blogs.idc.com/ie/?p=210, Aug. 2008.

S. Pearson and A. Benameur, Privacy (2010); Security and Trust Issues Arising from Cloud omputing, Proceedings of 2010 IEEE Second International Conference on Cloud Computing echnology and Science (CloudCom), 693-702.

S. Pearson (2009); Taking account of privacy when designing cloud computing services, roceedings of ICSE Workshop on Software Engineering Challenges of Cloud Computing, LOUD '09, 44-52.

Jon Brodkin (2008); Gartner: Seven Cloud Computing Security Risks, July 008, Available at http://www.infoworld.com/article/2652198/security/gartner-seven-cloudcomputing- ecurity-risks.html.

K. Kortchinsky (2009);

CLOUDBURST: A VMware Guest to Host Escape Story, BlackHat, SA, 2009.

T. Ristenpart, E. Tromer, H. Shacham and S. Savage (2009); Hey, You, Get Off of My Cloud: xploring Information Leakage in Third-party Compute Clouds, CCS'09, ACM, Chicago, lliois, November 2009.

B. Payne et al. (2008); Lares: An Architecture for Secure Active Monitoring Using Virtualization, roceedings of IEEE Symposium of Security and Privacy, IEEE Press, 233-247.

C. Li, A. Raghunathan and N. Jha (2011); A trusted virtual machine in an untrusted management nvironment, IEEE Transactions on Services Computing , 5(4): 472 - 483.

M. Achemlal, S. Gharout and C. Gaber (2011); Trusted Platform Module as an Enabler or Security in Cloud Computing, 2011 Conference on Network and Information Systems ecurity (SAR-SSI), 1-6.

Imad M. Abbadi, Muntaha Alawneh and Andrew Martin (2011);

Secure Virtual Layer Management n Clouds, Proceedings of IEEE 10th International Conference on Trust, Security nd Privacy in Computing and Communications (TrustCom), 2011, 99-110.

Muntaha Alawneh and Imad M. Abbadi (2008); Preventing information Leakage between ollaborating Organizations, Proceedings of the 10th International Conference on Electronic ommerce, ACM Press, August 2008, 185-194.

Amazon EC2 cloud outage downs Reddit, Quora, CNN News, [Online] Available: ttp://money.cnn.com/2011/04/21/technology/amazon server outage/index.htm

Kai Hwang and Deyi Li (2010);

Trusted Cloud Computing with Secure Resources and Data oloring, IEEE Internet Computing, 14(5); 14-22. http://dx.doi.org/10.1109/MIC.2010.86

http://www.dropbox.com/.

S. Pearson, (2009); Taking account of privacy when designing cloud computing services', roceedings of ICSE Workshop on Software Engineering Challenges of Cloud Computing, ay 2009, 44-52.

Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang and Yong Tang (2010); Trusted Data haring over Untrusted Cloud Storage Providers, Proceedings of 2010 IEEE Second International onference on Cloud Computing Technology and Science (CloudCom), 2010, 97-103.

C.Wang, S. Chow, Q.Wang, K. Ren and W. Lou (2011); Privacy-Preserving Public Auditing or Secure Cloud Storage, IEEE Transactions on Computers, 1-14.

J. Lennox (2006); RFC 4572: Connection-Oriented Media Transport over the Transport ayer Security (TLS) Protocol in the Session Description Protocol (SDP), July 2006.

A. Huttunen, B. Swander, V. Volpe, L. DiBurro and M. Stenberg (2005); RFC 3948 UDP ncapsulation of IPsec ESP Packets, January 2005.

Published

2016-03-24

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.