You are here

FAU Collections » FAU Research Repository » FAU Theses and Dissertations

reference architecture for cloud computing and its security applications

Download pdf | Full Screen View

Date Issued:
2013
Summary:
Cloud Computing is security. In complex systems such as Cloud Computing, parts of a system are secured by using specific products, but there is rarely a global security analysis of the complete system. We have described how to add security to cloud systems and evaluate its security levels using a reference architecture. A reference architecture provides a framework for relating threats to the structure of the system and makes their numeration more systematic and complete. In order to secure a cloud framework, we have enumerated cloud threats by combining several methods because it is not possible to prove that we have covered all the threats. We have done a systematic enumeration of cloud threats by first identifying them in the literature and then by analyzing the activities from each of their use cases in order to find possible threats. These threats are realized in the form of misuse cases in order to understand how an attack happens from the point of view of an attacker. The reference architecture is used as a framework to determine where to add security in order to stop or mitigate these threats. This approach also implies to develop some security patterns which will be added to the reference architecture to design a secure framework for clouds. We finally evaluate its security level by using misuse patterns and considering the threat coverage of the models.
Title: A reference architecture for cloud computing and its security applications.
230 views
135 downloads
Name(s): Hashizume, Keiko.
College of Engineering and Computer Science
Department of Computer and Electrical Engineering and Computer Science
Type of Resource: text
Genre: Electronic Thesis Or Dissertation
Date Issued: 2013
Publisher: Florida Atlantic University
Physical Form: electronic
Extent: xiii, 358 p. : ill. (some col.)
Language(s): English
Summary: Cloud Computing is security. In complex systems such as Cloud Computing, parts of a system are secured by using specific products, but there is rarely a global security analysis of the complete system. We have described how to add security to cloud systems and evaluate its security levels using a reference architecture. A reference architecture provides a framework for relating threats to the structure of the system and makes their numeration more systematic and complete. In order to secure a cloud framework, we have enumerated cloud threats by combining several methods because it is not possible to prove that we have covered all the threats. We have done a systematic enumeration of cloud threats by first identifying them in the literature and then by analyzing the activities from each of their use cases in order to find possible threats. These threats are realized in the form of misuse cases in order to understand how an attack happens from the point of view of an attacker. The reference architecture is used as a framework to determine where to add security in order to stop or mitigate these threats. This approach also implies to develop some security patterns which will be added to the reference architecture to design a secure framework for clouds. We finally evaluate its security level by using misuse patterns and considering the threat coverage of the models.
Identifier: 851069286 (oclc), 3360787 (digitool), FADT3360787 (IID), fau:4099 (fedora)
Note(s): by Keiko Hashizume.
Thesis (Ph.D.)--Florida Atlantic University, 2013.
Includes bibliography.
Mode of access: World Wide Web.
System requirements: Adobe Reader.
Subject(s): Computer networks -- Design and construction
Cloud computing
Electronic data processing -- Distributed processing
Persistent Link to This Record: http://purl.flvc.org/fcla/dt/3360787
Use and Reproduction: http://rightsstatements.org/vocab/InC/1.0/
Host Institution: FAU