Weitere ähnliche Inhalte
Ähnlich wie Secure hash based distributed framework for utpc based cloud authorization
Ähnlich wie Secure hash based distributed framework for utpc based cloud authorization (20)
Mehr von IAEME Publication
Mehr von IAEME Publication (20)
Secure hash based distributed framework for utpc based cloud authorization
- 1. INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING &
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
TECHNOLOGY (IJCET)
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
ISSN 0976 – 6367(Print)
ISSN 0976 – 6375(Online)
Volume 3, Issue 3, October - December (2012), pp. 54-65 IJCET
© IAEME: www.iaeme.com/ijcet.asp
Journal Impact Factor (2012): 3.9580 (Calculated by GISI) ©IAEME
www.jifactor.com
SECURE HASH BASED DISTRIBUTED FRAMEWORK FOR UTPC
BASED CLOUD AUTHORIZATION
C. Lalrinawma Dr. Masih Saikia
Dept of Computer Sciences. HOD. Dept. of Computer Sciences
Govt. Zirtiri Residential Science College Pragjyotish College
Mizoram, India Guwahati, India
E-Mail: lalrinawma.gzrsc@gmail.com
ABSTRACT
The paper introduces a cloud-enabled framework for parameterized security in large-scale
Smartphone based wireless sensor network. The research work also highlights some of the
effective implementation of service broker included in aggregation service in sensor network.
The cumulative collected throughput information is considered to be forwarded to the cloud
users using conventional cloud interfaces. A cloud interface is built with newly introduced
concept of Unit Transaction permission coin (UTPC) as a security token for cloud user
authorization that is integrated in Android platform (v2.2). The UTPC generation process
includes hash function (SHA/MD5) that is most difficult to break by any intruder. The empirical
process consists of registration and authentication phase using micro-platform computation in
untrusted environment considering the IMEI and IMSI of the considered trusted handheld
device. The result accomplished is unique and lightweight that is easily compatible with any real
time application that runs on cloud environment.
Keywords-: Smartphone, Android, Cloud Computing, Cloud Security, SHA, MD5, Hash
Function.
I. INTRODUCTION
Cloud computing [1] gets its name from the drawings usually accustomed illustrate the
internet. Cloud computing may considered as a new consumption and delivery model for IT
services. The idea of cloud computing represent a shift in paradigm where the end user need not
54
- 2. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
recognize the main points of a selected technology. The service is totally managed by the supplier.
Users will consume services at a rate that's set by their explicit requirements. Such on-demand
services are often provided at any time. There is an critical need to ensure secure storage,
managing, sharing and analyzing the huge amounts of complicated (e.g., semi-structured and
unstructured) information to work out patterns and trends so as to enhance the standard of care,
higher safeguard the state and explore energy. Attributable to the essential nature of the
applications, it is vital that cloud platform should be secure. The main security challenge with
cloud application is that the owner of the information might not have control management of
wherever the information is located. This is often as a result of if one desire to take advantage of
the advantages of victimization cloud computing, one should additionally utilize the resource
allocation and programming provided by clouds. Therefore, if user wants to safeguard the
information within the interior of untrusted processes, the security protocols within client
interface should be stressed more. The rising cloud computing model tries to deal with the
explosive growth of web-connected devices, and handle huge amounts of knowledge [2].
With the increased pervasiveness of sensory devices for military and civilian uses comes the
demand for effective processing of the large amounts of data they collect. This demand can only
be met with the low-cost computing resources offered by today’s cloud computing systems.
Today’s cloud [3] can already support data-intensive computing at a low cost: for example, a
large-scale computing task can be accomplished on Amazon’s Elastic Compute Cloud (EC2) [4]
at an expense as low as 10 cents per CPU hour. So far little effort has been made in applying the
ultra cost effective cloud platform towards analyzing and managing sensor data. Recently, we
have made the first step towards building a practical sensor cloud system. Different from prior
work on sensor networks, we assume that sensors communicate directly with a proxy or broker on
a cloud. In our research, we consider a group of sensors organized as a hierarchical structure or
some types of partitions, which communicate with their cloud proxies through wireless channels.
The sensor platforms studied in our research are ones with multiple sensors that can each measure
different properties of the environment. For example, we might have GPS for positioning,
microphones for sound, laser-range finders for scanning surroundings, temperature indicators,
wireless radios etc. We can imagine a host of different autonomous and manned devices that
contain these sensors including vehicles, robots, smart-grid nodes, mobile computers, and smart
phones. For each device, we have a number of different sensors that can provide different
environmental readings on a near continuous basis, further these hosts all contain reasonable
computational power and power supplies for continuous function. Finally, they all have reliable
cellular network conductivities. We imagine that these hosts are continually collecting data from
their environment, performing some level of data processing and publishing the outcomes to a
cloud for further analysis or data storage. For the purposes of our studies, we examine modern
Android smart phones as exemplar hosts in our work. Cloud computing exhibit five essential
characteristics defined by NIST (National Institute of Standards and Technology) [5].
a) On-demand self-service. A consumer can unilaterally provision computing capabilities.
b) Broad network access. Capabilities are available over the network and accessed through
standard mechanisms that promote use by heterogeneous thin or thick client platforms.
c) Resource pooling. The provider’s computing resources are pooled to serve multiple
consumers, with different physical and virtual resources dynamically assigned and reassigned
according to consumer demand.
d) Rapid elasticity. Capabilities can be rapidly and elastically provisioned, in some cases
automatically, to quickly scale out and rapidly released to quickly scale in.
55
- 3. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
e) Measured service. Cloud systems automatically control and optimize resource use by
leveraging a metering capability at some level of abstraction appropriate to the type of service.
Cloud computing can be defined as the provision of computing services via the Internet such as
[5] Applications (software-as-a-service, or SaaS), Platforms, Infrastructure (IaaS), Process
orchestration and integration Figure 1 shows the proposed open secure architecture of cloud
computing which is enhanced version of work done in [6]. The Open Security Architecture cloud
computing pattern is an attempt to illustrate core cloud functions, the key roles for oversight and
risk mitigation, collaboration across various internal organizations, and the controls that require
additional emphasis.
The security aspects of cloud computing is as follows:
a) Infrastructure Security: The security challenges at various levels namely network level, host
level and application level are not specifically caused by cloud computing instead are
exacerbated by its use. The issues of infrastructure security and cloud computing can be
addressed by clearly defining trust boundaries by understanding which party provides which
part of security [5].
b) Data Security and Storage: Data security [10][11] is a significant task, with a lot of
complexity. Methods of data protection, such as redaction, truncations, obfuscation, and
others, should be viewed with great concern. Not only are there no accepted standards for
these alternative methods, but also there are no programs to validate the implementations of
whatever could possibly be developed. Homomorphic encryption can be used for data security
encryption. But with this approach key management is a problem [5].
c) Identity and Access Management: The key critical success factor to managing identities at
cloud providers is to have a robust federated identity management architecture and strategy
internal to the organization. Using cloud-based “Identity as a Service” providers may be a
useful tool for outsourcing some identity management capabilities and facilitating federated
identity management with cloud providers [7].
d) Security Management: From a security management perspective, a key issue is the lack of
enterprise-grade access management features. The scope of security management of cloud
services will vary with the service delivery model, provider capabilities, and maturity.
Customers will have to make trade-offs with respect to the flexibility and control offered by
the SPI services. The more flexible the service, the more control you can exercise on the
service, and with that come additional security management responsibilities. In a virtualized
environment where infrastructure is shared across multiple tenants, your data is commingled
with that of other customers at every phase of the life cycle—during transit, processing, and
storage. Hence, it is important to understand the location of the service, service-level
guarantees such as inter-node communication, and storage access (read and write) latency [5].
e) Privacy: Privacy is an important issue for cloud computing, both in terms of legal compliance
and user trust and this need to be considered at every phase of design. The key challenge for
software engineers to design cloud services in such a way as to decrease privacy risk and to
ensure legal compliance. The following tips are recommended for cloud system designers,
architects, developers and Testers [8].
a. Minimize personal information sent to and stored in the cloud.
b. Protect personal information in the cloud.
c. Maximize user control.
56
- 4. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
d. Allow user choice.
e. Specify and limit the purpose of data usage.
f. Provide feedback.
f) Audit and Compliance: A programmatic approach to monitoring and compliance will help
prepare CSPs (Cloud Service Provider) and their users to address emerging requirements and
the evolution of cloud business models. To drive efficiency, risk management, and
compliance, CSPs need to implement a strong internal control monitoring function coupled
with a robust external audit process. To gain comfort over their in-cloud activities, CSP users
need to define their control requirements, understand their CSP’s internal control monitoring
processes, analyze relevant external audit reports, and properly execute their responsibilities
as CSP users [5].
g) Security-as-a-Service: Security-as-a-service is likely to see significant future growth for two
reasons. First, a continuing shift in information security work from in-house to outsourced
will continue. Second, several other information security needs are present for organizations
currently, but they will accelerate in need and complexity with the growing adoption of cloud
computing. The two proactive controls are important to the growth of cloud computing:
identity management that is inter-cloud and scalable to the cloud size, and (encryption) key
management. The two reactive controls are needed for audit and compliance purposes as well:
scalable and effective SIEM, and data leakage prevention (DLP). Providing solutions to each
of these controls will be difficult and requires significant complexity that must be hugely
scalable and yet easy to use [5].
II.PROBLEM DESCRIPTION
While cost and ease of use are two great benefits of cloud computing, there are significant
security concerns that need to be addressed when considering moving critical applications and
sensitive data to public and shared cloud environments. To address these concerns, the cloud
provider must develop sufficient controls to provide the same or a greater level of security than
the organization would have if the cloud were not used. Listed here are ten items to review when
considering cloud computing. As more companies move to cloud computing, look for hackers to
follow. Some of the potential attack vectors criminals may attempt include:
• Denial of Service (DoS) attacks - Some security professionals have argued that the cloud is
more vulnerable to DoS attacks, because it is shared by many users, which makes DoS attacks
much more damaging. Twitter suffered a devastating DoS attack during 2009.
• Side Channel attacks – An attacker could attempt to compromise the cloud by placing a
malicious virtual machine in close proximity to a target cloud server and then launching a side
channel attack.
• Authentication attacks – Authentication is a weak point in hosted and virtual services and is
frequently targeted. There are many different ways to authenticate users; for example, based
on what a person knows, has, or is. The mechanisms used to secure the authentication process
and the methods used are a frequent target of attackers.
• Man-in-the-middle cryptographic attacks – This attack is carried out when an attacker places
himself between two users. Anytime attackers can place themselves in the communication’s
path, there is the possibility that they can intercept and modify communications.
57
- 5. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
In prior research work, we summarize the security and privacy challenges we face when
building a trustworthy sensor-cloud system, which come from the following perspectives:
• The environment in which sensors work can be compromised by the adversary. For example,
the adversary can artificially reduce or raise temperatures to cause the sensors to collect
improper data.
• Individual sensors can be vulnerable to attacks. This can happen when the adversary has
physical access to the sensors, or remote access through propagating malware.
• Information flows within the cloud can be intercepted and stolen or modified by compromised
cloud nodes.
• The cloud client can be infected by malicious code implanted by an adversary, which can lead
to further security breaches within a sensor-cloud system.
• The communication channels between the sensors and the cloud and between the client and
the cloud are vulnerable to different types of attacks. Even when the data transferred over the
channels is fully encrypted: side-channel information leaks constitute creditable threats.
The prior research pinpoints a subset of issues within the problem space that need immediately
attention. Specifically, we investigated I) techniques for detecting anomalous use of sensors,
particularly, when the adversary gains unauthorized physical access to smart phones; ii) we
demonstrated that intelligent Smartphone-based malware can be built to “understand” the context
of a phone conversation and extract a small amount of high-value information from the context
(Given the small quantity of such sensitive information, the malware can deliver it to its master
through covert channels, even without direct network access); and iii) prior research shows that
even in the presence of Wi-Fi encryption and HTTPS protection, the traffic features of the
communication between sensors and the cloud, and between the cloud and its clients can easily be
analyzed to infer highly-sensitive user data.
III. PROPOSED SYSTEM
The proposed system identifies recent progress and follow-up on previously discussed research
plans on these fronts, including detection of anomalous use of sensors, and defenses against
Smartphone malware and side-channel leaks.
58
- 6. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
Cloud User Access
User_ID,
Pswd
User Unlock Access
Authentication
UTPC Generated
on Stud’s Mobile
Matches with the
Android Handset Server’s generated
Password
UTPC Generation Process Password generated
SHA Hash Function and entered by the
MD5 Hash Function Stud
using IMEI, IMSI and
using the result of
Registration time of
SHA function
Mobile Phone
Generated
Challenge
Final UTPC for Hash
function entered by Send to
Stud User
UTPC generated by Server
Sent to Server
and match with UTPC
entered by the Stud
Figure 1 Proposed Schema
The main aim of the project work is to develop an Architectural Model for multi-factor
authentication system for secure sensor cloud application, where we will produce unit instance
authorization token in the forward direction. The core idea is to produce multiple Unit Transaction
Permission Coin (UTPC) from an initial seed in a parallel process with the service provider itself,
e.g., an online bank, by utilizing two different types of hash functions, which come with a nested
chain using Brokering network. The resulting chain provides forwardness and infiniteness and it
should run on multiple systems of wired or wireless network. The base paper “Towards Secure
Cloud Bursting, Brokerage and Aggregation” drafted by Srijith K. Nair, Sakshi Porwal, Theo
Dimitrakos, Ana Juan Ferrer, Johan Tordsson, Tabassum Sharif, Craig Sheridan, Muttukrishnan
Rajarajan, and Afnan Ullah Khan. The respective author proposed the concept of cloud bursting
and cloud brokerage and elaborates the open management and security issues connected with the
two models. The work also introduces a feasible model that is capable of enhancing the brokerage
based cloud services. But unfortunately, security concerns written in the paper is not enough to
mitigate core attacks like side-channel leak or DoS attack. Moreover, the paper is more theoretical
in nature without any core information of implementation modules or algorithms or any research
methodology nor any performance analysis results or implementation. Some other past research
work has also seen the discussion related to the requirements for securing communication using in
Smartphone towards cloud computing. Therefore, the current paper has considered the sensors to
be modern Smartphone. Therefore, the proposed project work will be towards implementing the
core concept written in the above mentioned base paper with our contribution in designing a
secure real-time application on Android based smart phone using brokering network.
Our proposed system is mainly classified into two modules:
A. Registration Phase:
The cloud user gets the two different hash functions, and an initial seed, established on his mobile
phone. To ensure that the information is completely shared with the service provider, the seed is
59
- 7. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
produced by the shared and unique parameters of the host and user, e.g., the International Mobile
Equipment Identity (IMEI), International Mobile Subscriber Identity (IMSI), and registration date.
B. Authentication Phase:
The steps of the login and authentication process between the user and service provider are as
follows. The user logs in to the service provider’s website, e.g., an online bank, requesting access.
As a response to this access request, a secure session is established, i.e., an SSL session, allowing
the user to enter his authentication privileges, i.e., user name and password, the first factor of
authentication, what the user knows. Also the user provides the server with his unit instance
authorization token current status. The current status allows the server to synchronize his seed
with the client’s current seed to get the same seed value on both sides before sending a challenge.
The server randomly challenges the user with new indexes. The user enters those indexes, in his
Unit Transaction Permission Coin (UTPC)) generator to get the corresponding UTPC. The user
responds with this corresponding UTPC. The server compares the received UTPC with the
calculated one. According to the server check, done in the previous step, the server will transfer
an authorization execution or a communication termination.
Through the registration process, the user gets two different hash functions, which could be SHA-
1, and hB(.), which could be MD5 [11], along with an initial seed, “Sint” as the concatenation of
the IMEI, IMSI, and registration time, which could be
“1234567891234561234567891234507012010200259”
Assuming IMEI is “123456789123456,” IMSI is “12345678912345,” and the registration time is
“7/1/2010 20:02:59.” After logging into the service provider’s website using a different and static
username and password, the first factor of authentication, the server asks the user for the UTPC’s
current status. If the user has generated numerous UTPCs without using them, he might have
reached an UTPC status of, for example, “17.” The user will submit his current status to the server
to allow the server to calculate the current seed
Scrt=hA17(Sint)= 1220848648030773785924867285680707842195071405780,
that means that the server has calculated seventeen cascaded hashes of its initial seed “Sint” using
the SHA-1 algorithm, to be synchronized with the client. After that the server sends a random
challenge value of new indexes, e.g., x, y = 3, 4, which means the user has to calculate his session
UTPC using this formula:
UTPC=hB4(hA3(Scrt))= 68606061177919188523363813602016333158.
The server has to calculate the same value in a parallel process, and as soon as the client responds,
the server will match the two values to give either a yes or no.
C. Micro Platform Computation Phase:
The android enabled phones may be in the control of trusted (or semi-trusted) individuals, or be
located in some potentially untrusted environment. Certain reasons for using Samsung Android
(v2.2) are:
• Improved Security: With the addition of numeric pin or alpha-numeric password options to
unlock device. Exchange administrators can enforce password policy across devices.
• Remote Wipe: Exchange administrators can remotely reset the device to factory defaults to
secure data in case device is lost or stolen.
60
- 8. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
• Java Compatibility: Performance of the browser has been enhanced using the V8 engine,
which enables faster loading of JavaScript-heavy pages.
• Kernel Memory Management Boost: Improved memory reclaim by up to 20x, which results in
faster app switching and smoother performance on memory-constrained devices
Further, they have a reasonable processing capability on modern low-power processors, such as
an ARM architecture processor running at 500–800MHZ. It is assumed that the phones have
standard sensors including, eGPS, 802.11x, Bluetooth v2 (Class 1, 2 or 3), temperature,
orientation, acceleration, audio microphone, and camera (stills or video). In particular, our project
focuses on the use of Samsung Android (v2.2) development phones, due to the ease of
programming and their ability to multi-task. The communication between the sensors and the
computing infrastructure is mediated by a brokering network that uses a publish / subscribe
model.
IV. FRAMEWORK IMPLEMENTATION
The computing environments of a sensor grid are fraught with different kinds of threats, which
endanger the security and privacy assurance the system can provide. Mitigation of these threats
relies on establishing trust on individual system layers through proper security control. In this
section, we survey the security and privacy risks on each layer of senor-grid computing and the
technical challenges for controlling them. A sensor grid interacts with its operating environment
through a set of sensors. Those sensors work either autonomously or collaboratively to gather data
and dispatch them to the grid. Within the grid, a brokering system filters and routes the data to
their subscribers, the clients of the sensor grid. We now describe the security and privacy issues
on each layer of such an operation. This includes the environment the sensors are working in; the
sensors; the grid; the clients; and the communications between the sensor and grid, and the grid
and clients. The proposed system is designed on Windows 32-bit OS with 1.84 GHz processor
with broadband connectivity of 100 Mpbs. The programming is done on MyEclipse IDE. The
experiment for the proposed system is done on real time Samsung Galaxy Smartphone with
Android 2.2. Hence Android Development Tools (ADT) is used as it is a plug-in for the
MyEclipse IDE that is designed to give a powerful, integrated environment in which to build
Android applications.
ADT extends the capabilities of Eclipse to let you quickly set up new Android projects, create an
application UI, add packages based on the Android Framework API, debug your applications
using the Android SDK tools, and even export signed (or unsigned) .apk files in order to distribute
your application. The Android software development kit (SDK) includes a comprehensive set of
development tools. These include a debugger, libraries, a handset emulator based on QEMU,
documentation, sample code, and tutorials. Currently supported development platforms include
computers running Linux, Mac OS X 10.5.8 or later, Windows XP or later. The proposed system
will be experimented with active wireless connectivity between the system and Android enable
device.
61
- 9. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
Figure 2 Broker Login Options
Figure 3 Generation of the UTPC, IMEI No, IMSI No and Registration time stamp
The above figure 3 highlights the initial authentication login for student. Initially the student has
to sign up a new account where they have to furnish all the details as shown in Figure 4.
Figure 4: Sign-up Information feeding.
62
- 10. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
After the successful sign-up, the student can log in to their privilege account using the similar user
ID and password, which was successfully fed at the time of sign up process.
Figure 5: Captacha Authentication.
Once the student logs and their initial user ID and password are accepted, then they will be
prompted to feed the random digital information displayed by Captacha application as shown in
Figure 5. Now, after the successful sign up, the student can now perform initial login
authentication for which they will be asked to feed UTPC and Current status, both of which is
generated at the Mobile interface as shown in Figure 6 and 7.
Figure 6: UTPC & Current Status generation in Android Interface
Figure 7 Feeding UTPC and Current Status from Android Interface to Client interface.
63
- 11. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
Once the UTPC and current status is authenticated, the new index will be generated automatically
in web interface as shown in Figure 8.
Figure 8 Generation of new Index
The generated new index value will be then fed to the Android mobile interface. Once the new
index value is authenticated in the mobile interface, the next sequence, it will generate a new
UTPC, in same mobile interface as shown in Figure 9. The student needs to take the newly
generated UTPC and feed in to their web-interface for final authentication as shown in Figure 10.
Figure 9: Generation of UTPC in Android Interface.
Figure 10 Feeding newly generated UTPC in Client Interface.
Cloud computing facilitates storage of data at a remote site to maximize resource utilization. As a
result, it is critical that this data be protected and only given to authorized individuals. This
essentially amounts to secure third party publication of data that is necessary for data outsourcing,
as well as external publications. Since data in the cloud will be placed anywhere, it is important
that the data is encrypted. We are using secure co-processor as part of the cloud infrastructure to
enable efficient encrypted storage of sensitive data.
64
- 12. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),
ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME
V. CONCLUSION
The current paper has outlined the research on secure sensor networks in the context of a high-
level cloud based brokering architecture and highlighted various research challenges going
forward. The analysis for security challenges are illustrated related to assessing the trustiness of
the sensing elements supported environmental sensor knowledge, police investigation and
defensive against “sensory malware” on such sensors, and mitigating aspect channel leaks once
sensing element devices communicate with the cloud. The work attempts to believe these
elements of the general cloud based mostly sensing element specific area unit the smallest amount
trustworthy since they're out of the management of the cloud “back end.” Thus, addressing these
challenges can facilitate defend the integrity of the sensing platforms, the privacy of users UN
agency carry mobile sensors, yet because the delivery of sensing element knowledge to the cloud.
the long run work of the Cloud computing can improve organization’s performance by utilizing
minimum resources and management support, with a shared network, valuable resources ,
bandwidth, software’s and hardware’s in a very value effective manner and restricted service
supplier dealings. the long run sweetening of the this application, we tend to explore the “middle
ground”, wherever users will still share physical hardware resource, however user networks area
unit isolated and accesses area unit controlled within the method the same as that in enterprise
networks
REFERENCES
[1] http://www.ibm.com/cloud-computing/us/en/. Accessed on 27th Aug, 2012
[2] Michael Gregg, Security Concerns for Cloud Computing, Global Knowledge Training LLC, 2012
[3] Wang, L., Laszewski,V., Gregor, Kunze, Marcel, Tao, Jie. Cloud computing: A Perspective study,
Proceedings of the Grid Computing Environments (GCE) workshop. Held at the Austin Civic Center:
Austin, Texas: 16 November 2008.
[4] Michael, A, Fox,A., Rean Griffith, Anthony D. Joseph, Randy Katz, Andy Konwinski, Gunho Lee,
David Patterson, Ariel Rabkin, Ion Stoica, Matei Zaharia. A view of cloud computing.
Communications of the ACM , Volume 53 Issue 4, pages 50-58. April 2010.
[5] The NIST Definition of Cloud Computing, version 15, by Peter Mell and Tim Grance, October 7,
2009, National Institute of Standards and Technology (NIST), Information Technology Laboratory
(www.csrc.nist.gov)
[6] Tim Mather, Subra Kumaraswamy, Shahed Latif Cloud Security and Privacy : An Enterprise
perspective of Risks and Compliance, O'Reilly Media, Inc., 2009
[7] Open Security Architecture http://www.opensecurityarchitecture.org/
[8] Discovering Identity: Cloud Computing: Identity and Access Management DOI
=http://blogs.sun.com/identity/entry/cloud_computing_identity_and_access
[9] Siani Pearson. Taking Account of Privacy when Designing Cloud Computing Services. CLOUD '09:
Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing,
pages 44-52. May 2009
[10] Security Guidance for Critical Areas of Focus in Cloud Computing, April 2009. DOI
=http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
[11] Weichao Wang, Zhiwei Li, Rodney Owens, Bharat Bhargava. Secure and Efficient Access to
Outsourced Data. CCSW '09: Proceedings of the 2009 ACM workshop on Cloud computing security,
pages 55-65. November 2009
65