A Design Of Cloud Security Model For Openstack Object Storage
Loading...
Date
2015-10
Authors
Ibrahim, Hala A
Journal Title
Journal ISSN
Volume Title
Publisher
Universiti Sains Malaysia
Abstract
Over the past decade, cloud computing security has expanded from a promising
secure business concept to one of the fastest-growing segments of the information
technology industry. The trend of Open Source Software based cloud computing
solutions gets a wide acceptance from the community especially the OpenStack object
storage Swift; the Swift widely used. Nevertheless, the security elements with respect
to authentication and authorisation, access control and data protection in the existing
OpenStack Swift model has various vulnerabilities and weaknesses. This research
proposes a robust cloud security model for the OpenStack Swift object storage within
cloud computing environment, i.e CloudSecure. CloudSecure is a multi-user based
model in which every owner communicate with cloud in a secure channel where each
owner is enabled with different levels of security namely CAPTCHA to identify
human verification and Blowfish symmetric cryptography for user credentials in the
authentication process as well as authorisation process and MD5 hash function is
been applied on both sides; the client and the cloud computing server side to verify
the data integrity. Moreover, for the selection of the most efficient proxy server from
the proxies’ pool, keystone manager in the proposed model implements the scheduler
that selected the suitable proxy based on least number of users, available hardware
processing, and memory resources. For secure data communication between the
client and the servers, a secure channel is been created using RSA (Rivest-Shamir-
Adleman) asymmetric encryption to protect sensitive data transmission and storage on
cloud. The research focuses on qualitative evaluation comparing new features that
makes the proposed model more robust in terms of security. The experiments were
conducted in real-time environments by conducting functionality comparison
between the CloudSecure model and the OpenStack Swift model. To verify the
robustness of the above cryptographic algorithm in proposed CloudSecure model,
cryptanalysis is been applied namely Brute force attack against the Blowfish
symmetric cryptography and Birthday attacks against the MD5 hash function in the
authentication process while Man-in-the-middle (MITM) attacks against the RSA
asymmetric cryptographic algorithm on both models; the existing OpenStack swift
model and CloudSecure model. A research evaluation is performed to solidify the
justification and detailed discussion is conducted to analyse the robustness and reliability of
the CloudSecure model in terms of security. In conclusion, the proposed CloudSecure
model is more secure and robust as compared to the existing OpenStack Swift model.
Description
Keywords
Open Source Software based , cloud computing.