Secure authentication mechanisms for the management interface in cloud computing environments
作者: Liliana Filipa Baptista Soares
DOI:
关键词: The Internet 、 Virtualization 、 Data center 、 Cloud computing 、 Provisioning 、 Computer science 、 Software as a service 、 Server 、 Computer security 、 Virtual machine
摘要: For a handful of years, cloud computing has been hot catchphrase. The industry massively adopted it and the academia is focusing on improving technology, which evolving at quick pace. paradigm consists in adopting solutions provisioned by some providers that are hosted data centers. Customers therefore tied to those third-party entities, since they becomes involved their businesses for being responsible Information Technologies (IT) infrastructures outsourced clouds. This implies customers have totally or partially migrate on-premises off-premises clouds, including, but not limited to, email, web applications, storage databases, even complete servers become wrapped services accessed via Internet. Clouds deliver scalable elastic networking, storage, processing capabilities an on-demand self-provisioned manner pay-as-you-go business model. benefits significantly, allowing them promote without worrying about inherent IT infrastructures. supplied clouds basically encapsulated one three main service delivery models: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), Software-as-a-Service (SaaS). They building blocks unfolding Anything-as-a-Service (XaaS) specifically customized customer requirements. IaaS mixes novel virtualization techniques with current technologies allow run Operating Systems (OSes) build entire virtual PaaS allows develop applications consistent platforms remotely, while SaaS enables enjoying pre-built software little control over application flow. These models can public private hybrid version two. Adopting model means accessing subscribed through Internet from anywhere globe. usually management interface Virtual Machines (VMs) arrange center, VMs standard remote connection protocols. authentication is, therefore, utmost importance, mostly because exposed dangers, contrarily traditional tools deeply within trusted perimeter company conventional networks. dissertation first identifies such problems reviewing approaches pointing out advantages weaknesses. example, single compromised account constitutes inherently more dangerous threat when compared website accounts, attacker gains potentially security-related configurations as well. result money losses both providers, malicious terminate VM instances running crucial applications. problem also resides fact security static
参考文章(62)
Jidong Xiao, Zhang Xu, Hai Huang, Haining Wang, Security implications of memory deduplication in a virtualized environment dependable systems and networks. pp. 1- 12 ,(2013) , 10.1109/DSN.2013.6575349
G.E. Moore, Cramming More Components Onto Integrated Circuits Proceedings of the IEEE. ,vol. 86, pp. 56- 59 ,(1998) , 10.1109/JPROC.1998.658762
Luis M. Vaquero, Luis Rodero-Merino, Daniel Morán, Locking the sky: a survey on IaaS cloud security ieee international conference on cloud computing technology and science. ,vol. 91, pp. 93- 118 ,(2011) , 10.1007/S00607-010-0140-X
Bruce Schneier, Two-factor authentication: too little, too late Communications of The ACM. ,vol. 48, pp. 136- ,(2005) , 10.1145/1053291.1053327
Hussain Al-Aqrabi, Lu Liu, Jie Xu, Richard Hill, Nick Antonopoulos, Yongzhao Zhan, Investigation of IT Security and Compliance Challenges in Security-as-a-Service for Cloud Computing international symposium on object component service oriented real time distributed computing. pp. 124- 129 ,(2012) , 10.1109/ISORCW.2012.31
Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Julio Lopez, Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms ieee symposium on security and privacy. pp. 523- 537 ,(2012) , 10.1109/SP.2012.38
Diogo A.B. Fernandes, Liliana F.B. Soares, Mario M. Freire, Pedro R.M. Inacio, Randomness in Virtual Machines ieee/acm international conference utility and cloud computing. pp. 282- 286 ,(2013) , 10.1109/UCC.2013.57
Peter Kieseberg, Manuel Leithner, Martin Mulazzani, Lindsay Munroe, Sebastian Schrittwieser, Mayank Sinha, Edgar Weippl, QR code security Proceedings of the 8th International Conference on Advances in Mobile Computing and Multimedia - MoMM '10. pp. 430- 435 ,(2010) , 10.1145/1971519.1971593
Amlan Jyoti Choudhury, Pardeep Kumar, Mangal Sain, Hyotaek Lim, Hoon Jae-Lee, None, A Strong User Authentication Framework for Cloud Computing asia-pacific services computing conference. pp. 110- 115 ,(2011) , 10.1109/APSCC.2011.14
Issa Traore, Isaac Woungang, Mohammad S. Obaidat, Youssef Nakkabi, Iris Lai, Combining Mouse and Keystroke Dynamics Biometrics for Risk-Based Authentication in Web Environments 2012 Fourth International Conference on Digital Home. pp. 138- 145 ,(2012) , 10.1109/ICDH.2012.59