Provenance based presentation on cloud computing security

716 views
605 views

Published on

Provenance based presentation on cloud computing security

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
716
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Provenance based presentation on cloud computing security

  1. 1. Research Supervisor: Dr. Kazi Sakib Associate Professor and BIT Program Chair, IIT, DU Asif Imran :BIT0119 Provenance Research presentation 1
  2. 2. • Proposed Research• Existing Research Work• Cloud Provenance Detection: Background Study• Experimental Environment Provenance Research presentation 2
  3. 3. How can an effective provenance model fromsystem logs be derived that will ensure improvedmanagement of cloud data forensics? Provenance Research presentation 3
  4. 4. Provenance Research presentation 4
  5. 5. Existing Research Provenance Research presentation 5
  6. 6.  Provenance Detection: Scientific Workflows [1], [2], [3], [4] Accountability as a Service (AaaS) [5], [6], [7] Hidden Provenance information [8] Provenance Research presentation 6
  7. 7.  Cloud Security Alliance (CSA) [9], [10] ◦ Abuse and nefarious use of cloud computing ◦ Insecure application programming interfaces ◦ Malicious insiders ◦ Data loss and leakages ◦ Unknown risk profile Provenance Research presentation 7
  8. 8.  Provenance for secure cloud administration: limited availability System, file-centric provenance data capturing: limited extent Provenance Research presentation 8
  9. 9.  Log-based provenance detection: minimal effort Provenance storage and representation Provenance Research presentation 9
  10. 10. Cloud Provenance:Background Study Provenance Research presentation 10
  11. 11. Service Reason of Failure (Assumed) DurationAmazon S3 Authentication mechanisms overloaded by 2 hours remote attacks (no action taken) Google Error from the end of the maintenance 4.6 hoursAppEngine engineer’s program (no action taken) Gmail The contact list mechanism crashed (tested 1.4 hours for bugs) Provenance Research presentation 11
  12. 12. Provenance Research presentation 12
  13. 13. Provenance Research presentation 13
  14. 14.  Cloud Environment Network Infrastructure Database Management System Servers Provenance Research presentation 14
  15. 15. Experimental Environment for Cloud Provenance Detection Provenance Research presentation 15
  16. 16. Server HardwareCloud Controller node which runs the following: Processor: 64-bit x86 Network, Memory: 16 GB RAM Volume Disk space: 1900 GB (SATA or SAS or SSD) API Volume storage: 100 GB (SATA) for volumes attached to the Scheduler compute nodes Image services Network: one 1 GB Network Interface Card (NIC) minimumCompute node which runs the following: Processor: 64-bit x86 Virtual instances Memory: 16 GB RAM (32 GB minimum) System log information Disk space: 2 TB GB (SATA) Communication with the Compute Network: two 1 GB NICs Provenance Research presentation 16
  17. 17.  Compute Nova-Network Nova-Scheduler Glance Provenance Research presentation 17
  18. 18. Glance Keystone NovaProvenance Research presentation 18
  19. 19. Images: Windows, CentOSProvenance Research presentation 19
  20. 20. Provenance Research presentation 20
  21. 21.  [1] A. Haeberlen, ―A case for the accountable cloud,‖ ACM SIGOPS, Operating Systems Review, vol. 44, no. 2, 2010, pp. 52-57. [2] S. Pearson and A. Benameur, ―Privacy, Security and Trust Issues Arising from Cloud Computing,‖ Proc. The 2nd International Conference on Cloud Computing 2010, IEEE, 2010, pp. 693-702. [3] M. Vouk, ―Cloud computing—Issues, research and implementations,‖ Proc. 30th International Conference on Information Technology Interfaces, 2008 (ITI 2008) IEEE, 2008, pp. 31-40. [4] S.B. Davidson, S. Khanna, S. Roy, J. Stoyanovich, V. Tannen and Y. Chen, ―On provenance and privacy,‖ Proc. Proceedings of the 14th International Conference on Database Theory (ICDT), ACM, 2011, pp. 3-10. [5] J. Yao, S. Chen, C. Wang, D. Levy and J. Zic, ―Accountability as a Service for the Cloud,‖ Proc. IEEE Service Computing Conference 2010 (SCC 2010), IEEE, 2010, pp. 81-88. [6] J. Wei, X. Zhang, G. Ammons, V. Bala and P. Ning, ―Managing security of virtual machine images in a cloud environment,‖ ACM, 2009, pp. 91-96. Provenance Research presentation 21
  22. 22.  [7] W.Z.P. Ning, X.Z.G. Ammons, R. Wang and V. Bala, ―Always Upto- date–Scalable Offline Patching of VM Images in a Compute Cloud,‖ IBM Technical Papers, no. RC24956, 2010. [8] R.K.L. Ko, B.S. Lee and S. Pearson, ―Towards Achieving Accountability, Auditability and Trust in Cloud Computing,‖ Proc. International workshop on Cloud Computing: Architecture, Algorithms and Applications (CloudComp2011), Springer, 2011, pp. 5. [9] Cloud Security Alliance, ―Top Threats to Cloud Computing (V1.0),‖ 2010; https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf. [10] J. Brodkin, ―Gartner: Seven cloud-computing security risks,‖ Infoworld, 2008, pp. 1–3. [11] W. Zhou, M. Sherr, T. Tao, X. Li, B.T. Loo and Y. Mao, ―Efficient querying and maintenance of network provenance at internet-scale,‖ Proc. 2010 International Conference on Management of Data (SIGMOD 2010), ACM, 2010, pp. 615-626. [12] M. Mowbray, S. Pearson and Y. Shen, ―Enhancing privacy in cloud computing via policy-based obfuscation,‖ The Journal of Supercomputing, 2010, pp. 1-25. [13] ―OpenStack Compute Administration Guide‖ 2011 Provenance Research presentation 22
  23. 23. (asifimran33@gmail.com) Provenance Research presentation 23

×