3. Introduction
• Cloud Computing
Utility computing where resources are
provided as a service over the internet.
• Enterprise consumers – Real Benefiters
• End Users - ??
4. Objective
Design elastic applications to augment the
resource constrained platforms with elastic
computing resources from the cloud.
Targeted for Consumer Electronic devices
6. Key Terms
• Weblets
- Partitions of an Elastic Application.
- Functions Independently
- Communicate with each other
- Reasonable Amount of Data
dependency
- Migratable
7. Key Terms
• Device Elasticity Manager
- Runs on the Device side.
- Maintains the Configuration changes
during Run Time.
- Contains the Cost Module.
- Contains Optimizer.
9. Challenges
• New Application Model is needed.
• Protocol for Run Time Communication
• Cost Objective Functions
• Framework has to be transparent
• Security And Privacy
.
11. Threat Models
• Threats to Mobile Devices.
- Compromising DEM and Device
• Threats to Cloud Platform And Application
Container.
- Compromises CES
• Threats to Communication Channels.
- Worm & Viruse Attacks
- MITM, Packet Injection, DDOS
12. Security Objectives
• Trustworthy weblet containers.
• Authentication And Secure Session
Management
• Authorization & Access Control
• Logging And Auditing
.
13. Authentication And Secure
Session Management
• Secure Installment of Elastic Applications
- Binaries of Weblets.
- UI Components.
- Metadata encoded in to Manifest
- SHA1 value of binaries
• Part of the weblets can be installed in
CES.
.
14. Authentication Between Weblets
• Weblets residing in cloud and consumer
device have to be authenticated prior to
communication.
.
15. • Weblets residing in cloud and consumer
device have to be authenticated prior to
communication.
.
17. Authorization of Weblets
• Deals with accessing the authorized web
servers from the cloud.
• Two type of keys are obtained while
logging in
- Application Session Key (ask)
- Application Secret Key (ass)
• These keys are shared in 4 different ways.
18. Authorization of Weblets ….
• Shared User credential.
• Shared Session Information
• Use Session Information Only On device
weblet
• oAuth-like
20. Conclusion
• Proposes an elastic application framework
with new application model and elasticity
Infrastructure.
• Further analyses the impending threats to
the framework and the alternatives to be
considered.
• Another important aspect is about the
authentication and secure communication
between weblets.