Document Type : Research Paper

Authors

1 LJMU - School of Comp. & Math.Liverpool, UK

2 University of Anbar - College of Computer

10.37652/juaps.2012.63157

Abstract

Cloud computing is a new consumption and delivery model for IT services. The cloud has become an attractive platform for enterprises to deploy and execute their business services for business to business (B2B) and government to government (G2G) collaborations, etc. There are many concerns about cloud computing especially in terms of security, privacy and trust. These main issues have prevented businesses from fully accepting cloud platforms. Cloud computing demands three primary security requirements: confidentiality, integrity, and availability. In this paper we discuss some these issues by reviewing a recently proposed model [1] that interestingly handles secure messaging among services deployed within the same cloud or on different clouds. Then, we report on our ongoing work which is based on enhancing and developing this model. This is mainly achieved by adding a new service layer which is responsible for offering a high level of trust between collaborative parties. The added layer facilitates the integration of this model with the Public-Key Infrastructure (PKI). The main objective of the developed model is to increase the trust of the whole system by preventing any unauthorized party from joining the connectivity service. Indeed, our system can prevent any involved organization from launching masquerade attacks

Keywords

Main Subjects

[1]Shiping Chen, Surya Nepal, and Ren Ping Liu, "Secure Connectivity for Intra-cloud and Inter-cloud Communication,"ICPP Workshops,2011,pp.154-159.
[2] Srinivasa Rao, Nageswara Rao, and Kusuma Kumari, "Cloud computing: An overview,” Journal of Theoretical and Applied Information Technology, Vol.9, No.1, 2009.
[3] Ahmad-Reza Sadeghi, Thomas Schneider, and Marcel Winandy,"Token-based cloud computing - Secure outsourcing of data and arbitrary computations with lower latency," 3rd International Conference on Trust and Trustworthy Computing (TRUST'10) - Workshop on Trust in the Cloud, June 22, Berlin, Germany.
[4] Jeffrey Voas and  Jia Zhang, "Cloud computing new wine or just new bottle,” Journal of IT Professional, Volume 11, Issue 2, March 2009.    
 [5] P. Mell and T. Grance, The NIST Definition of Cloud Computing, National Institute of Standards and Technology, 2009.
[6] VICTOR DELGADO, “Exploring the limits of cloud computing,” Master of Science Thesis, Stockholm, Sweden 2010.
[7]. Jianfeng Yang and Zhibin Chen, “Cloud Computing Research and Security Issues,” International Conference on Computational Intelligence and Software Engineering (CiSE), Wuhan, China December 2010, pp. 1-3.
 [8]. Joe Nisha . “Cloud Computing – An overview on cloud computing concepts,” India Study Channel, Posted on 06 Sep 2011.
[9] Pardeep Kumar, Vivek Kumar Sehgal , Durg Singh Chauhan, P. K. Gupta and Manoj Diwakar, “Effective Ways of Secure, Private and Trusted Cloud Computing,” IJCSI International Journal of Computer Science, May 2011.
[10] S. Srinivasamurthy, F. Wayne, and D. Q. Liu, “Survey on Cloud Computing Security,” Computer, 2010 (available at http://salsahpc.indiana.edu/CloudCom2010/).
[12]. W. Zhao, "Implementation of Software Tools for the Medium-Size Certification Authority _ X.509 Certificate", ECE Dept., George Mason University, December 2003.
[13]. http://en.wikipedia.org/wiki/ PKI (public key infrastructure).
[14] E. YILDIZ ,"A Proposal for Turkish Government Public Key Infrastructure Trust Model" , MSc Thesis, December 2001.
[15]. Sufyan T. F. Al-Janabi. and Amer Kais. “Development of Certificate Authority Services for Web Applications” The First International Conference on Future Communication Networks (ICFCN ’2012), Baghdad, Iraq, April 2012 (Submitted).
[16] ITU-T Recommendation X.509, “The Directory: Public Key and Attribute Certificates Framework, 2000.
[17] Amazon EC2: http://aws.amazon.com/ec2/.
[18] OpenVPN: http://openvpn.net.
[19] Apache Tomcat: http://tomcat.apache.org/.