Analysis of Multilevel Framework for Cloud Security
This article proposes a novel and trusted multilevel security framework for securing cloud resources used in a collaborative deployment. A secure communication protocol is also proposed for communication among the cloud resources from different Cloud Service Users (CSU) and among the non trusted groups. Two level security frameworks are Domain level and cloud service provider (CSP) level. A Domain contains a number of CSUs for the same trusted group. The Domain level security ensures and evaluates the trustworthiness of its individual CSU. The CSP level security ensures and evaluates the trustworthiness of various domains. In the proposed framework, security agents are to be deployed both at the Domain level and at the CSP level to evaluate and maintain the trust To support collaboration user must allow inbound traffics to its own Virtual Machine (VM) from VMs of other (CSU). This can be used by the agents to control access between two VMs belonging to the same domain or in two different security groups. The proposed framework ensures that the trust-level of an entire domain does not fall due to malicious activities of only a small minority of members.
KeywordsCloud service users Virtual machine Domain level CSP Level security Group Graph security protocol
Unable to display preview. Download preview PDF.
- 1.Ramgovind, S., Eloff, M.M., Smith, E.: The Management of Security in Cloud computing. In: Proc. Information Security for South Asia (ISSA 2010), pp. 1–7. IEEE Press (2010)Google Scholar
- 3.Takabi, H., Joshi, J.B.D., Ahn, G.-J.: SecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments. In: Proc. 2010 IEEE 34th Ann. Computer Software and Applications Conf. Workshops, pp. 393–398. IEEE Press (2010)Google Scholar
- 4.Zhou, M., et al.: Security and Privacy in Cloud Computing: A Survey. In: Proc. 6th Int’l Conf. Semantics, Knowledge and Grids, pp. 105–112. IEEE Press (2010)Google Scholar
- 5.Popovic, K., Hocenski, Z.: Cloud Computing Security Issues and Challenges. In: Proc. 33rd Int’l Convention on Information and Comm. Technology, Electronics and Microelectronics (MIPRO 2010), pp. 344–349. IEEE Press (2010)Google Scholar
- 6.Morsy, M.A., Grundy, J., Müller, I.: An Analysis of the Cloud Computing Security Problem. In: Proc. 17th Asia Pacific Software Eng. Conf. 2010 Cloud Workshop (APSEC 2010). IEEE Press (2010)Google Scholar
- 11.Bleikertz, S., Schunter, M., Probst, C.W., Pendarakis, D., Eriksson, K.: Security audits of multi-tier virtual infrastructures in public infrastructure clouds. In: Proceedings of the 2010 ACM Workshop on Cloud Computing Security. ACM, New York (2010) ISBN: 978-1-4503-0089-6Google Scholar