Abstract
Cloud computing technology is a general concept and idea such as existing distributed computing, parallel computing, Pervasive computing and Ubiquitous computing. We have been studying OpenStack which was an Open cloud project under the KOREN (Korea Advanced Research Network) environments. In this paper, we propose a secure smart-work service model-based OpenStack. There are mainly two kinds of security breaches that can occur under the proposed environment. Nova is vulnerable to DoS attack in OpenStack. SQL Injection can be attacked in the process during which the user requests authorization, which results in data being saved in Swift. Looking more deeply into these two types of attack, we can divide DoS attack into Jolt2, Tear-drop, and SYN-Flooding attack. We simulated attacks in an experimental environment and summarized the results. With the objective of being able to provide Smart-Work service in the KOREN environment, we proposed solutions to various kinds of attacks against the security system and carried out modeling work with the data from the experiment conducted in the Cloud service environment we examined above.
Similar content being viewed by others
References
Mell, P., Grance, T.: NIST Cloud Computing Definitions. http://csrc.nist.gov/gorups/SNS/cloudcomputing (2009)
Grandison, T., Maximillen, M., Thorpe, S., Alba, A.: Towards a formal definition of a computing cloud. In: Proceeding of IEEE Services, 2010 6th World Congress on Services, 5–10 July 2010 Hawthorne, NY, USA, pp. 191–192 (2010)
Thorpe, S.: Virtual machine history model framework for a data cloud digital investigation. J. Converg. 3(4), 9–14 (2012)
Baek, S.-J., Park, S.-M., Yang, S.-H., Song, E.-H., Jeong, Y.-S.: Efficient server virtualization using grid service infrastructure. J. Inf. Process. Syst. 6(4), 553–562 (2010)
Song, E.-H., Kim, H.-W., Jeong, Y.-S.: Visual monitoring system of multi-hosts behavior for trustworthiness with mobile cloud. J. Inf. Process. Syst. 8(2), 347–358 (2012)
Gellman, R.: Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing. http://www.worldprivacyforum.org/pdf/WPF_Cloud_Privacy_Report.pdf (2009)
Balduzzi, M., Zaddach, J., Balzarotti, D., Kirda, E., Loureiro, S.: A security analysis of amazon’s elastic compute cloud service. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing, New York, USA, pp. 1427–1434 (2012). doi:10.1145/2245276.2232005
Bindra, G.S.: Cloud security: analysis and risk management of VM images. In: 2012 International Conference on Information and Automation (ICIA), New Delhi, India, 6–8 June 2012, pp. 646–651 (2012)
Rosado, D.G., Gomez, R., Mellado, D., Fernandez-Medina, E.: Security analysis in the migration to cloud environments. Future Internet 4(2), 469–487 (2012). doi:10.3390/fi4020469
Beloglazov, A., Piraghaj, S.F., Alrokayan, M., Buyya, R.: Deploying OpenStack on CentOS using the KVM hypervisor and GlusterFS distributed file system. Technical Report CLOUD-TR-2012-3 (2012) http://www.cloudbus.org/reports/OpenStack-CentOS-KVM-glusterfs-guide-Aug2012.pdf
Beernaert, L., Matos, M., Vilaca, R., Oliveira, R.: Automatic elasticity in OpenStack. In: Proceeding of the Workshop on Secure and Dependable Middleware for Cloud Monitoring and Management (2012). doi:10.1145/2405186.2405188
Sefraoui, O., Aissaoui, M., Eleuldj, M.: OpenStack: toward an open-source solution for cloud computing. Int. J. Comput. Appl. 55(3), 38–42 (2012)
Jackson, K.: OpenStack Cloud Computing Cookbook. Packt Publishing, Birmingham (2012). ISBN 9781849517324
OpenStack LLC: Openstack: The Open Source Cloud Operating System. http://www.openstack.org/software/ (2012)
OpenStack LLC: OpenStack Compute Administration Manual. http://docs.openstack.org/trunk/openstack-compute/admin/content/index.html (2012)
OpenStack LLC: OpenStack Install and Deploy Manual. http://docs.openstack.org/diablo/openstack-compute/admin/os-compute-adminguide-diablo.pdf (2012)
Acknowledgements
This work was supported by NIA, KOREA under the KOREN program (1295100001-120010100).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Kim, JM., Jeong, HY., Cho, I. et al. A secure smart-work service model based OpenStack for Cloud computing. Cluster Comput 17, 691–702 (2014). https://doi.org/10.1007/s10586-013-0251-1
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-013-0251-1