The document discusses secure and high-speed communication within and between cloud infrastructures. It aims to analyze different data migration techniques for optimizing security and performance of intra-cloud and inter-cloud communication. A private cloud network was created using OpenStack's Nova Architecture to communicate with Amazon's Elastic Cloud public cloud platform. Results show that the Virtual Private Networking technique OpenVPN provides strong security while HTTPS and Secure Copy provide minimal security without sacrificing performance for data migration within and between clouds.

1. Secure
and
High
Speed
Intra-­‐Cloud
and
Inter-­‐Cloud
Communication
Richard
Jung,
Luis
Villarreal,
Waymon
Ho,
Pouya
Naghizadeh,
and
Dr.
Yun
Tian,
Ph.D
Department
of
Computer
Science,
College
of
Engineering
and
Computer
Science
CLOUD
ARCHITECTURE
OBJECTIVES
• Create
a
Linux-­‐based
server
environment.
• Create
a
private
cloud
infrastructure
using
OpenStack’s
Nova
Architecture
• Create
a
public
cloud
plaCorm
on
Amazon’s
ElasEc
Cloud
(EC2)
server.
• Analyze
different
data
migraEon
techniques
for
opEmizing
security
and
performance
in
cloud
connecEvity
for
intra-­‐cloud
and
inter-­‐cloud
communicaEon.
METHODS
RESULTS
ACKNOWLEDGMENTS
We
would
like
to
thank
the
(STEM)2
Program
and
its
partnership
with
Citrus
College,
allowing
undergraduate
community
college
students
the
opportunity
to
conduct
research
during
the
Summer
Research
Experience
of
2014.
We
would
also
like
to
thank
Dr.
Yun
Tian,
for
her
guidance
and
supervision
throughout
the
program,
and
Pouya
Naghizadeh,
for
his
knowledge
and
support
throughout
the
8-­‐
week
experience.
This
work
was
funded
by
the
Department
of
EducaEon
Grant
#P031C110116
(STEM)2.
CONCLUSION
INTRODUCTION
REFERENCES
[1]
B.
Grobauer
et
al.,
(2011,
Aug
15).
Understanding
Cloud
Compu4ng
Vulnerabili4es
[Online].
Available:
h^p://www.infoq.com/arEcles/ieee-­‐cloud-­‐compuEng-­‐vulnerabiliEes
[2]
V.
Rajaraman.
"Cloud
CompuEng."
Resonance,
vol.
19,
pp.
242-­‐258,
Jan
2014.
[3]
Amazon
ElasEc
Compute
Cloud
(EC2).
[Online]
Available:
h^p://aws.amazon.com/ec2/
[4]
Openstack
Home
Page.
[Online]
Available:
www.openstack.org
[5]
The
OSI
Model’s
Seven
Layers
Defined
and
FuncEons
Explained.
[Online].
Available:
h^p://support.microsoj.com/kb/103884
[6]
T.
Dehne.
“Parallel
CompuEng,
Parallel
Development.”
R&d
Magazine,
vol.
50,
pp
22-­‐23,
May
2008.
[7]
Y.
Liu
et
al.
“Ensuring
Data
ConfidenEality
in
Cloud
CompuEng:
“An
EncrypEon
and
Trust-­‐based
SoluEon,”
Department
of
InformaEon
Sciences
and
Technology,
Penn
State,
PA,
2014.
The
rising
growth
of
cloud
infrastructures
has
introduced
a
cost-­‐efficient
soluEon
for
business
and
enterprises;
allowing
companies
to
lease
their
compuEng
power
to
clients,
eliminaEng
the
need
for
physical
hardware.
The
ability
to
provide
computaEonal
services
while
adopEng
a
pay-­‐as-­‐
you-­‐go
service
allows
clients
to
effecEvely
use
cloud-­‐compuEng
services
as
a
uElity
such
as
gas
and
water
[1].
However,
the
transfer
of
data
between
client
and
cloud
have
become
an
increasingly
large
security
vulnerability,
pushing
the
need
for
improvements
in
data
confidenEality
[2].
This
study
aims
to
invesEgate
data
migraEon
security
issues
by
observing
standard
migraEon
techniques
within
an
inter-­‐cloud
and
intra-­‐
cloud
network,
such
as
Hypertext
Transfer
Protocol
(HTTP),
Hypertext
Transfer
Protocol
Secure
(HTTPS),
Virtual
Private
Networking
(OpenVPN),
and
the
Linux-­‐based
Secure
Shell
(SSH)
migraEon
technique
-­‐
Secure
Copy
(SCP).
Results
show
that
OpenVPN
provides
a
powerful
security
soluEon
while
HTTPS
and
SCP
provide
minimal
security
without
sacrificing
performance.
DISCUSSION
There
are
many
factors
that
need
to
be
considered
that
may
influence
the
accuracy
of
the
results
such
as
number
of
clients
on
the
network,
bandwidth
fluctuaEons,
network
interference
leading
to
packet
loss,
and
complexity
of
encrypEon
ciphers.
Data
migraEon
is
a
key
vulnerability
in
cloud
compuEng,
and
protecEng
data
through
network
transfers
lay
the
foundaEon
for
research
into
advanced
and
new
areas
of
cloud
compuEng.
For
example,
one
of
the
areas
that
is
crucial
to
bringing
a
powerful
soluEon
for
cloud-­‐compuEng
performance
is
parallel
compuEng
[6].
The
integraEon
of
mulEple
CPU
cores
allows
faster
encrypEon
of
data
in
the
storage
and
migraEon
level.
Another
area
that
will
be
studied
is
the
opEmizaEon
of
data
storage
security,
specifically
in
soluEons
such
as
adopEng
a
Trust-­‐based
model
for
ensuring
data
confidenEality
between
cloud
consumers
and
cloud
providers
[7].
Inter-­‐Cloud
Results
0
2000000
4000000
6000000
8000000
10000000
12000000
HTTP
HTTPS
OpenVPN
Average
Bytes
Per
Second
(B/s)
Data
MigraMon
Techniques
100
MB
200
MB
512
MB
0
50
100
150
200
250
300
350
400
450
500
100
200
512
Time
Elapsed
(seconds)
File
Size
(megabytes)
HTTP
HTTPS
OpenVPN
Intra-­‐Cloud
Results
this,
the
development
of
a
private
cloud
architecture
(Fig.
1a)
was
necessary
to
communicate
with
a
public
cloud
plaCorm
on
Amazon’s
ElasEc
Cloud
service
[3].
The
physical
configuraEon
adopted
an
8-­‐node
architecture,
which
was
used
to
create
a
private
cloud
network
using
OpenStack’s
Nova
Architecture
(Fig.
1b)
[4].
Figure
1(b)
-­‐
OpenStack’s
Nova
Architecture
[4].
Figure
1(a)
-­‐
The
physical
configuraEon
of
the
private
cloud
network.
The
primary
purpose
of
this
research
is
to
invesEgate
the
d i ff e r e n t
techniques
of
data
migraEon
w i t h i n
t w o
cloud
networks.
To
accomplish
Figure
2(a)
–
The
data
migraEon
techniques
to
be
tested.
Figure
2(b)
-­‐
EncrypEon-­‐size
(bits)
of
the
different
data
migraEon
techniques.
Four
different
data
migraEon
techniques
will
be
studied:
Hypertext
Transport
Protocol
(HTTP),
HTTP
Secure
(HTTPS),
Virtual
Private
Networking
using
OpenVPN,
and
Linux’s
Secure
Copy
(SCP)
command.
Files
were
uploaded
using
a
file
management
applicaEon,
capturing
packets
sent
from
cloud
to
cloud
and
client
to
cloud.
Figure
3(a)
–
Intercepted
data
transmission
over
HTTP.
Figure
3(b)
–
Intercepted
data
transmission
over
HTTPS.
Results
show
that
HTTP
and
HTTPS
throughput
and
latency
are
almost
similar,
while
OpenVPN
shows
a
significant
decline
in
both
areas.
Figure
4(a)
-­‐
Average
throughput
of
data
migraEon
techniques
in
Inter-­‐Cloud
CommunicaEon.
Figure
4(b)
-­‐
Latency
results
in
data
migraEon
techniques
in
Inter-­‐Cloud
CommunicaEon.
Figure
5(a)
-­‐
Average
throughput
of
data
migraEon
techniques
in
Intra-­‐Cloud
CommunicaEon.
Figure
5(b)
-­‐
Latency
results
in
data
migraEon
techniques
in
Intra-­‐Cloud
CommunicaEon.
Results
indicate
that
HTTP
and
SCP
have
minimal
gaps,
with
HTTP
leading
in
throughput
and
latency.
Figure
6
-­‐
The
Open
Systems
InterconnecEon
model
(OSI)
[5].
The
different
data
migraEon
techniques
tested
within
this
study
operate
on
two
layers
of
the
Open
Systems
InterconnecEon
(OSI)
Model
[5].
HTTP
and
HTTPS
operated
within
the
ApplicaEon
layer,
while
OpenVPN
and
SCP
operate
in
the
Transport
layer.
Results
conclude
that
OpenVPN
is
a
powerful
choice
for
secure
connecEvity,
uElizing
a
large
2048-­‐
bit
encrypEon,
while
HTTPS
and
SCP
powers
over
HTTP
in
terms
of
performance
and
security,
uElizing
a
256-­‐bit
encrypEon
size
while
sacrificing
minimal
performance
drops.
0.00
2000000.00
4000000.00
6000000.00
8000000.00
10000000.00
12000000.00
14000000.00
HTTP
SCP
Average
Bytes
Per
Second
(B/s)
Data
MigraMon
Techniques
100
MB
200
MB
512
MB
0
10
20
30
40
50
60
100
200
512
Elapsed
Time
(Seconds)
File
Size
(Megabytes)
HTTP
SCP
0
500
1000
1500
2000
2500
HTTP
SCP
/
HTTPS
OpenVPN(RSA)
EncrypMon
Size
(bits)
Keywords:
cloud-­‐compu1ng,
security,
data
migra1on