Word Files
Reference for Downloading Educational Files
  2. Computer Engineering
  3. Examining, comparing and simulating security solutions in cloud computing

Examining, comparing and simulating security solutions in cloud computing

Number of pages: 116 File Format: word File Code: 31038
Year: 2014 University Degree: Master's degree Category: Computer Engineering
Tags/Keywords: cloud computing - cloud computing - cloud computing - Cloud computing security - Cloud processing - Digital signature - Intrusion detection systems - Privacy protection - Security in cloud computing - Security solutions in cloud computing
  • Part of the Content
  • Contents & Resources

  • Summary of Examining, comparing and simulating security solutions in cloud computing

    Dissertation for receiving a master's degree in computer science (M.Sc)

    Software orientation

    Abstract

    Regarding the future of cloud computing and the expansion of its applications and the benefits of this technology, there are always challenges for users, one of the most important and controversial of these challenges is privacy protection. Considering the storage of private data of users and business data of companies in cloud computing, privacy protection is a very important issue for users using cloud computing and cloud service providers themselves. Among the cloud attacks, there are four main attacks, which include flood attack, package attack, malicious code attack, and information theft attack. At first, these attacks and the methods of dealing with them will be examined, and finally, in this report, by simulating these four proposed security solutions of cloud computing in NS2 software and comparing the results obtained, we will examine the issues related to privacy protection in the cloud and the challenges ahead, and we will make suggestions for users and providers.

    Keywords

    Cloud computing[1], privacy[2], privacy protection[3], intrusion detection systems, digital signature

    Chapter One

     Introduction

     

     

    1-Chapter One: Introduction

     

     

    1-1-Definition

    According to the extent of the security issue in cloud computing, the examination of this category is required to be separated into different parts. At the beginning, there should be a general definition of cloud computing and then intrusion detection systems will be explained. 1-1-1- Mobile cloud computing Cloud computing refers to distributed and parallel systems that include sets of computers that are connected to each other. These computers are dynamically provisioned and viewed as one or more integrated computing resources based on service agreements. These agreements are established during the exchange of messages between servers and users. Cloud computing tries to create a new generation of data centers by providing services and services in dynamically networked virtual machines, and this action is realized in such a way that users can access applications from anywhere in the world. [1]

    According to the definition of Wikipedia, the National Institute of Technology and Standards (NIST) defines cloud computing as follows:

    "Cloud computing is a model for providing easy access to a set of modifiable and configurable computing resources (such as: networks, servers, storage space, applications and services) based on user demand through the network in such a way that this access can be done with minimal need for resource management or direct intervention. The service provider should be provided quickly."

    Generally, cloud computing users do not own the physical infrastructure of the cloud, but rent it from third-party providers to avoid costs. They consume resources as a service and pay only for the resources they use. Many of the provided cloud computing services, by using the public computing model, provide the possibility of using these services in a similar way to public industries (such as electricity). Meanwhile, other types of service providers offer their services on a subscription basis.

    1-1-2- Intrusion detection systems in cloud computing

    The open and distributed structure of cloud processing and services has become a target for attackers' cyber attacks. Legacy intrusion detection and prevention systems are largely inefficient for deployment in cloud computing environments due to their open and proprietary nature. The introduction of intrusion detection and prevention systems and their different functioning and classifications can be the latest achievement in the field of identifying the challenges of cloud computing deployment.

    During the past years, human societies have become more dependent on technology. Users rely on computer networks to receive news, stock prices, e-mail and online shopping. The integrity and availability of all these systems requires defense against a number of threats. Amateur hackers, competing companies, terrorists, and even foreign governments have the motivation and potential ability to carry out sophisticated attacks against computer systems. Therefore, information security is important for the safety and economic well-being of society.

    Therefore, information security is important and vital for the safety and economic well-being of society, considering that the rapid growth and widespread use of electronic data processing and electronic business is done through wired and wireless communication networks, the Internet, and web applications. [1]

    Cloud processing service architecture is a combination of 3 layers of infrastructure, platform and application that are interdependent. Each layer may be vulnerable by various programming or user or service provider configuration errors. A cloud processing system can be vulnerable to various threats, including threats related to comprehensiveness, confidentiality and availability of resources and virtual infrastructure. This problem becomes more important when a cloud environment with massive processing and storage capacity is invaded by an insider. The importance of this issue becomes more clear when we know that in 2011, a hacker using Amazon Elastic cloud processing service attacked Sony's online entertainment systems by registering and opening an account.

    Cloud services are accessible and convenient for hackers when they introduce themselves as service customers. Not having full control over the infrastructure is a big concern for cloud service customers. This shows the role of detection systems in protecting the user's information assets in cloud computing. [1]

    1-1-3- Security in cloud computing

    The concept of security and confidentiality[1] is different among different countries, societies and jurisdictions and is formed with the help of public expectations and legal interpretations, although it is not impossible to provide a complete definition of privacy and security, it is difficult. Obligations that include privacy include collection, use, disclosure, storage and destruction of personal data. Due to the lack of any global consensus on what constitutes privacy, here we use the definition provided by the American Institute AICPA [2] and the Canadian Institute CICA [3]:

    Privacy includes the rights and obligations of individuals and organizations in relation to the collection, use, preservation and disclosure of private information of individuals.  [2]              

    1-1-4-Digital signature

    One of the most important current methods of creating security in the network is digital signature. Digital signature is based on encryption methods through public and private keys. Currently, it is used in many countries for various applications, from issuing emails to financial transfers and signing binding documents, as a tool that gives life to information, and its use in electronic networks has become a necessity, and in a situation where emails sent to a person's electronic mailbox cannot be verified in terms of security, digital signature enables the person in question to carry out transactions with security.

    1-2- Methodology Research

    1- Studying topics related to security in the web and cloud computing

    2- Proposing a problem

    3- Choosing a specific problem in the discussion of security in cloud computing and its complete and comprehensive review

    4- Analysis of the investigated problem

    5- Conclusion

    To achieve the above objectives, reference books, online databases, the Internet, respected articles and the experiences of professors are used.

    1-3- specific research objectives

    Critically examine cloud security issues and the current cloud computing security model.

    Identify the main limitations of the current security model and simulate security attacks for cloud data and information security.

    Creating a typical scenario where there is no implementation to combat cloud attacks, and creating a scenario with the application of cloud security solutions.

    Measuring cloud performance in this scenario using four Some performance criteria.

    Comparison of scenario results and related graphs and cloud performance evaluation and understanding of the required security level.

    1-4- Project achievement

    The main goal of this project is to check the security of cloud computing which is created under four different scenarios in the NS2 simulator environment. The first scenario examines the security solution in the attack through malicious codes, the second scenario is the security solution for attacking the SOAP package, while the third scenario is the security solution for the flood attack. All four scenarios are compared as benchmarks for individual applications as well as for estimating true cloud performance.

  • Contents & References of Examining, comparing and simulating security solutions in cloud computing

    List:

    Abstract 1

    Chapter One: Introduction

    1-1-Definition. 3

    1-1-1-mobile cloud computing. 3

    1-1-2- intrusion detection systems in cloud computing. 4

    1-1-3- Security in cloud computing. 4

    1-1-4-digital signature. 5

    1-2- Research methodology. 5

    1-3- specific objectives of the research. 5

    1-4- The achievement of the project 6

    1-5- The importance and necessity of conducting research. 7

    1-5-1- SOAP package attack (Wrapping Attack) - platform layer as a service. 9

    1-5-2- Attack through malicious codes (Malware-Injection) - Application software layer. 10

    1-5-3-Flooding Attack - Platform layer as a service. 11

    1-5-4- Information theft - (Data Stealing) Platform layer as a service. 11

    1-6- The aspect of newness and innovation in research. 11

    Chapter Two: Background of the research

    2-1- Description of the research. 14

    2-2- History of research. 14

    2-2-1- History of cloud computing research. 14

    2-2-1-1-Advantages and strengths of Cloud Computing. 14

    2-2-1-1-1-lower costs. 14

    2-2-1-1-2-more speed. 15

    2-2-1-1-3-scalability. 15

    2-2-1-1-4- Fast and permanent software update. 15

    2-2-1-1-5-Storage of information. 15

    2-2-1-1-6-Global access to documents. 16

    2-2-1-1-7-independent of hardware. 16

    2-2-1-2-weaknesses of cloud computing. 16

    2-2-1-2-1-need for permanent internet connection. 16

    2-2-1-2-2-doesn't work with slow internet connections. 16

    2-2-1-2-3-limitation of features 17

    2-2-1-2-4-lack of data security 17

    2-2-1-3-types of cloud. 17

    2-2-1-3-1-Public cloud. 17

    2-2-1-3-2-Private cloud 17

    2-2-1-3-3-Community cloud. 17

    2-2-1-3-4-Hybrid cloud 17

    2-2-1-4- Introduction of cloud diagrams and architectures. 18

    2-2-1-4-1-Single "All-in-one" Server 18

    2-2-1-4-2-Non-Redundant 3-Tier Architecture. 18

    2-2-1-4-3-Multi-Datacenter architecture 19

    2-2-1-4-4-Autoscaling architecture. 20

    2-2-1-4-5-scalable architecture with Membase. 20

    2-2-1-4-6-scalable multilayer architecture with Memcached. 21

    2-2-1-4-7 Scalable Queue-based Setups. 21

    2-2-1-4-8 internal hybrid architecture. 22

    2-2-1-4-9-Scalable alarm-based and queue-based architecture. 22

    2-2-1-4-9-Hybrid Cloud Site Architectures. 22

    2-2-1-4-10-multi-cloud scalable architecture. 22

    2-2-1-4-11-multi-cloud failover architecture 23

    2-2-1-4-12-multi-cloud disaster recovery architecture. 23

    2-2-1-4-12- cloud architecture and dedicated hosting. 23

    2-2-2-Research history of intrusion detection and prevention systems in cloud computing. 24

    2-2-2-1- Conclusion from the history of intrusion detection and prevention systems research. 25

    2-2-2-1- 1- Classification of intrusion detection and prevention systems. 25

    2-2-2-1-2- The challenges of developing detection and prevention systems. 30

    2-2-2-1-3- intrusion prevention detection systems in cloud computing. 30

    2-2-2-1-4- Security issues in cloud computing. 31

    2-2-2-1-5- The challenges of deploying detection systems and preventing intrusions in cloud computing environments. 31

    2-2-2-1-6- intrusion detection and prevention systems based on cloud computing. 32

    2-2-2-1-7- Requirements for intrusion detection and prevention systems. 34

    2-2-3-Research history of creating security in cloud computing. 35

    2-2-3-1- The concept of privacy in cloud computing. 35

    2-2-3-2-Types of information requiring protection. 36

    2-2-3-3- Data life cycle 36

    2-2-3-3-1-Generation 37

    2-2-3-3-2- Use (Use) 37

    2-2-3-3-3-Transfer 37

    2-2-3-3-4-Transformation (Transformation) 37

    2-2-3-3-5-Storage 37

    2-2-3-3-6-Archive 38

    2-2-3-3-7-Destruction 38

    2-2-3-4-Privacy issues and its challenges. 38

    2-2-3-4-1-Access 38

    2-2-3-4-2-Compliance 38

    2-2-3-4-3-Storage 38

    2-2-3-4-4-Retention38

    2-2-3-4-1-Access 38

    2-2-3-4-2-Compliance 38

    2-2-3-4-3-Storage 38

    2-2-3-4-4-Retention 39

    2-2-3-4-5-Destruction 39

    2-2-3-5-Audit & Monitoring 39

    2-2-3-6-Privacy Breaches 39

    2-2-3-7-Common techniques to protect privacy. 39

    2-2-3-7-1- Encryption Model 39

    2-2-3-7-2-Access Control Mechanism. 40

    2-2-3-General research history in the investigation of security solutions in cloud computing. 40

    2-2-3-1-causes of cloud computing security failure. 42

    2-2-4-Digital signature research record. 42

    2-2-4-1- What is digital signature and digital security? 42

    2-2-4-2- What is a digital certificate? 43

    2-2-4-3-Register for a digital certificate. 43

    2-2-4-4-Distribution of digital certificate. 43

    2-2-4-5-Different types of digital certificates. 44

    2-2-4-6-digital signature from the perspective of programming. 44

    2-2-4-7-How to create a digital signature. 45

    2-2-4-8-how a digital signature works. 46

    2-2-4-9-how to create and use keys 47

    2-2-4-10-possible attacks against digital signatures. 47

    2-2-4-11-What is the certification center? 47

    2-2-4-12-What is cryptography? 48

    2-2-4-13-identification through digital signature. 49

    2-2-4-14- Digital signature underlying the security of electronic exchanges. 49

    2-2-4-15-What is meant by digital signature? 50

    2-2-4-16- To what extent does the use of digital signature guarantee the security of exchanging financial and confidential documents? 50

    2-2-4-17-What is SSL? 52

    2-2-4-17-1- What is InstantSSL? 53

    2-2-4-17-2- Advanced authentication technology 53

    2-2-4-17-3- Online access to your profile in the cloud. 53

    2-2-4-18-Encryption concepts. 54

    2-2-4-18-1-Introduction and terms. 54

    2-2-4-18-2- Algorithms 55

    2-2-4-18-3- Public key encryption. 55

    2-2-4-18-4-Hash value. 56

    2-2-4-18-5- Are you authentic? 57

    2-2-4-18-6-symmetric key systems. 59

    2-2-4-18-7-Asymmetric key systems. 60

    2-2-4-19- The structure and initial process of establishing a secure connection. 63

    2-2-4-20-similar protocols. 64

    2-2-4-21-concept of certificate in SSL protocol. 64

    2-2-4-22-certification centers. 65

    2-2-4-23- The general steps of establishing and creating secure communication on the web. 65

    2-2-4-24-Notes on certificates 66

    2-2-4-25-Identification. 67

    2-2-4-26- WEP security services - Authentication. 67

    2-2-4-27- Authentication without encryption. 68

    2-2-4-28- Authentication with RC4 encryption. 69

    2-2-4-29- Confidentiality and security. 70

    2-2-4-30- Integrity. 71

    2-2-4-31-The primary security weaknesses of WEP. 72

    2-2-4-32-Dangers, attacks and security requirements. 74

    2-2-4-33-problems and disadvantages of SSL. 76

    2-2-4-33-1-Security problem in SSL. 76

    2-2-4-33-2-problems of electronic commerce in Iran. 77

    Chapter three: research method

    3-1-tools used in simulation. 79

    3-2-Installing NS-2 in Fedora Linux. 79

    Chapter Four: Conclusion

    Conclusion. 83

    4-1- Suggested possible solutions for cloud computing security solutions attacks. 84

    4-2- Comparison criteria used in simulation and the relationship of each of them to cloud security separately. 86

    4-2-1- Delay Time criterion. 86

    4-2-2- Throughput Security criterion. 86

    4-2-3- Response Time criterion. 87

    4-2-4- Traffic Ratio criterion. 87

    4-3- The results obtained from the simulation of security solutions with NS2 software. 87

    4-3-1- Delay Time (Sec) 87

    4-3-1-1- Conclusion from the simulation of Delay Time criteria. 88

    4-3-2- Throughput Security (Kb) 89

    4-3-2-1- Conclusion from the simulation of Throughput Security measure. 90

    4-3-3- Response Time (Sec) 90

    4-3-3-1- Conclusion from the simulation of Time Response criteria. 91

    4-3-4- Packet Traffic Ratio (%). 92

    4-3-4-1- Conclusion from the simulation of the Traffic Ratio criterion. 93

    4-4- General conclusion from the simulation and comparison of cloud security solutions. 93

     

    Chapter Five: Conclusion and Suggestions

    Conclusion.

Examining, comparing and simulating security solutions in cloud computing
How To Access The File
Related Contents:
Number of pages: 104 Category: IT Information Technology Engineering

Master's Thesis of Information Technology Engineering, Information Systems Management, Abstract The Internet and computer world is becoming more complex and evolving every day. One of the products of this evolution is cloud computing. Due to this issue, data sensitivity and information privacy seriously become an important concern for organizations. Companies pay special ...

Number of pages: 104 Category: Computer Engineering

Master's Thesis in Computer Engineering Major: Software Abstract: Cloud processing and cloud environment and cloud databases are the place to store information on the web and the best solution should be used to increase their security. Our problem here is the classification of confidential and top-secret data and then their encryption for storage in the cloud. For this, speed ...

Number of pages: 90 Category: Computer Engineering

Dissertation for obtaining a master's degree in computer engineering, majoring in software. Abstract: Task scheduling algorithm, which is an NP-complete problem, plays a key role in cloud computing systems. The colonial competition algorithm is one of the newest evolutionary optimization algorithms. As its name suggests, this algorithm is based on the modeling of the ...

Number of pages: 90 Category: Computer Engineering

Dissertation for Master's Degree in Computer Engineering, Software Orientation Abstract: With the advancement of hardware, then operating systems, followed by software, the demand for more services and higher speed and power has also increased, and this situation has reached a point where users cannot run their desired software without suitable hardware. By producing and ...

Number of pages: 115 Category: IT Information Technology Engineering

Master thesis of information technology engineering, information systems management, abstract cloud computing as a new computing model in which software, hardware, infrastructure, platform, data and other resources are provided to cloud users virtually and as a service, on demand and through the internet by cloud providers. This model is based on pay-per-use, that is, users pay ...

Number of pages: 85 Category: Computer Engineering

Master's Thesis in Computer Engineering Abstract: In recent years, due to the growing number of requests and the joining of new customers to the world of computing, computer systems Computing should also change and be more powerful and flexible than before. In the meantime, cloud computing was presented as a model beyond a system that currently has the ability to respond to most ...

Number of pages: 72 Category: Computer Engineering

Master's Thesis in Computer Engineering (Software) Abstract: Reducing energy consumption in the cloud environment using virtual machine migration Reducing energy consumption is one of the most important issues of the day, especially in the industry sector. In recent years, the ever-increasing human needs for computer systems have caused the creation and expansion of more and ...

Number of pages: 75 Category: Computer Engineering

Dissertation for M.Sc Computer Engineering - Software Abstract: The rapid growth in demand for computing power has led computing to move towards a cloud computing model based on massive virtualized data centers. Cloud computing allows users to provide computing resources efficiently and dynamically to meet their needs. The use of these resources certainly requires payment by the ...

Number of pages: 129 Category: Computer Engineering

Dissertation for receiving a master's degree in computer engineering (Sc. M) orientation: software. Abstract Failure in systems with sensitive applications can cause irreparable disasters. The design of this category of systems should be such that in the event of an error, they are able to perform their duties correctly, in addition to preventing the occurrence of errors as much ...

Number of pages: 75 Category: Computer Engineering

Abstract The evolution of computing is such that it can be assumed as the fifth basic element after water, electricity, gas and telephone. In recent years, increasing attention has been paid to cloud computing. Cloud computing is a large-scale distributed model that provides customers with a scalable and virtualized pool of managed computing power, storage, and services over the ...