• No results found

Securing Elastic Applications for Cloud Computing. Many to One Virtualization

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Securing Elastic Applications for Cloud Computing. Many to One Virtualization"

Copied!
12
0
0

Loading.... (view fulltext now)

Download now ( 12 Page )

Full text

(1)

Securing Elastic Applications for Cloud Computing

Many to One Virtualization

Xinwen Zhang, Joshua Schiffman, Simon Gibbs,

Anugeetha Kunjithapatham, and Sangoh Jeong

Samsung Information Systems America

Pennsylvania State University

Outline

• Cloud Computing for CE devices

• Elastic Application concept and examples

• Security problems and approaches

(2)

2

-CE + Cloud Computing (1 of 2)

ƒ

Cloud is a platform

for

service delivery

ƒ

Push from services into devices

IT View of

Cloud Computing

cloud = web service platform

3

-CE + Cloud Computing (2 of 2)

ƒ

Cloud is a platform

for

new applications

that

run across the cloud and device

(“elastic applications”)

ƒ

Expand the device into the cloud

Proposed CE View of

Cloud Computing

cloud = data/core center + API

API

(3)

4

-Ongoing Approaches for Mobile + Cloud

• CloneCloud (HotCloud’09)

– Clone of phone image at cloud

• Dynamic Composable Computing (HotMobile’08)

– Dynamic composition of functions with mobile devices and surrogates.

• Cloudlet (PVC’09)

– Offloading VM to proximate infrastructure – 60-90s on VM synthesis

• HW-supported VM migration (Atom) (MobiCase’09)

– Focus on mobility of app

• …

• Elastic Device/Application

– On application level

– Dynamic execution configuration – More flexible and easy for parallel…

Motivation

CE Devices

Compute – Fixed Storage – Fixed* Power – Limited Bandwidth – Limited Applications – CONSTRAINED

The Cloud

Compute – ELASTIC Storage – ELASTIC Applications – UNCONSTRAINED

The goal of the Elastic Device project is to enable development of cross device/cloud

applications. The advantages are:

• Remove device constraints, create new classes of powerful applications

• Help realize a new business modelfor device applications • Provide developers a transition path to multi/many core

(4)

6

-Core

Operating System UI Container

Elastic Layer

Elastic Device Concept

Hardware Battery Application Store When device resources are sufficient App Core App Cloud Platform When device resources are notsufficient Core App New! RAM Flash 7 7

-Elastic Applications (EA)

EA are cloud aware applicationsWeblets

– Define discrete application components – Communicate using REST interface – Run on Device or Cloud

– Can be replicated to handle loads

Application GUI

– Launches the program

– Directs the creation of new weblets

Manifest

– Meta-data of EA

– Dynamic configuration info – Integrity of weblets – Policies for each weblet

• E.g. JVM, network, access control, location

Elastic App

Weblet Weblet App GUI Weblet Manifest Manifest Integrity Access Control Location Info Security Settings

(5)

8 8

-Elastic Devices (ED)

• ED support EAs

– Enable seamless migration of weblets – Manage resources to optimize costs – Interface with cloud providers

Elastic Manager

– Spawns weblets on demand – Migrates weblets to / from cloud – Senses resource availability

Cloud Fabric Interface

– Exposes cloud services to devices – Controls weblets on behalf of EM

• Start / Stop / Create / Destroy

– Can provide PaaS or IaaS model

Elastic Device

Elastic Manager

Weblet App GUI

Cloud Fabric Interface Weblet

Weblet Weblet

Benefits

• Many-to-one virtualization

– Seamlessly expands and shrinks of platform capability

• Dynamic user experience

– User control of expending/shrinking based on factors such as battery consuming, monetary cost, latency/throughput, etc.

• Device flexibility

– CE device computation and storage capabilities need not be designed to satisfy the most demanding applications.

• Dependability

– Migrating applications to cloud when device is low in battery/weak signal

• Future proof:

(6)

10

-Challenges

ƒ

Application model (data model, concurrency, lang features, …)

ƒ

Performance (QoS, caching, scheduling, …)

ƒ

Dynamic configuration (costs, migration, replication, …)

ƒ

Security (new threats, data privacy, access control, …)

11

-Reference Architecture

Sensing Device Elasticity Manager Elastic Layer Http(s) http Router UI Container Application Store Application Installation Elastic Device Cloud Fabric Interface manifestweblet1 weblet 2 UI Elastic Application Cloud Manager Node Manager Cloud Sensing Application Manager UI Weblet2 Weblet1 Weblet Container Weblet Container IaaS/PaaS Cloud Elasticity Service Http(s)

ƒ

Elastic application package

including UI and weblets

ƒ

Cloud nodes running on Amazon

EC2 instances

ƒ

Web service –based CFI

ƒ

Application installation on both

(7)

12

-Elasticity Patterns and Applications

• Elastic image processing

• Elastic augmented reality

• Elastic augmented video

Elastic Image Processing

Samsung Q1

Samsung Omnia

on device: image processing

on cloud: image processing

ElasticIP App ImageWeblet 1 ImageWeblet n ImageWeblet 2 … ImageWeblet App on Device (Analysis & Filtering of images)

(8)

14

-Elastic Augmented Video

Samsung Q1

planar object recognition and replacement

on device: feature point extraction from video, tracking, compositing

on cloud: matching live features against library of target images ElasticAV App Splitter Matcher 1 Matcher n Matcher 2

Tracker Camera ElasticAV Application

(identify, track & replace “target” images)

Composito r

15

-Elastic Augmented Reality

Samsung

Galaxy

on device: using compass and GPS to align POI markers with live video from camera

on cloud: POI service and crowd simulator (gives # people in proximity to POI’s) ElasticAV App POI Servic e Crowd Sim Tracker GPS ElasticAR Application

(register POI icons & real-time info on live camera) Composit or Compass Camera

(9)

16

-Security Threats

• Threats from Applications

– Untrusted applications can damage the weblets,

weblet containers, the elastic manager, and their behaviors

• Compromise the code and data integrity of installed elastic applications • Change or disable the elastic manager’s functionality

• Launch weblets on cloud platforms without user authorization/awareness

• Threats in the Cloud

– Malicious change to cloud VM, including VM itself and any configurations. – Malicious change to weblet code and data on cloud side

– Malicious change to network and cost settings: e.g., use expensive network connections – Hidden malicious activities that consume cloud resources

• Threats on the Network

– Man-in-the-Middle (MITM) attack:

• Passive eavesdropping all the traffic in the middle • Active replay attack

• Session hijack.

– Dynamic Denial-of-Service (DDoS) attack to both ED and cloud – Generate random traffic to weblets such consume user bill

Elastic Application Security Requirements

• Trust

– Applications must trust both the cloud and device.

• Weblets

– Communication with weblets must be secure. Only application should be able to issue requests to its weblets.

– Privacy of weblet data. Maintaining isolation.

• Migration

– What happens to access rights when an weblet is migrated. – How are sessions maintained when a weblet is migrated.

• Monitoring / Aggregation

– Want to monitor and collect device and cloud data. Privacy considerations. – Using cloud to detect malicious behavior.

(10)

18

-5 Security Aspects

Main() Elastic Manager CFI Weblet Weblet Weblet Weblet Elastic Device

III: Building trusted elastic device: • Secure downloading and installation • Secure Elastic app runtime environment

Application Store

IV: Building trusted cloud VM:

• Authenticated installation and launching weblets • Secure weblet runtime in cloud

• Trusted behavior or cloud VM, e.g., no hidden resource consuming

II: Resource Usage Monitoring, Logging, and Auditing • Monitoring resource usage on both ED and cloud • Detect and confine any malicious behavior

I: Building secure communication between weblets: • Secure session management

• Comm. upon authentication • Secure weblet migration

Other web services or clouds (e.g., Facebook, Twitter)

V: Authorization to access external services: • Fine-grained permission control • Secure revocation • Privacy control

19

-Secure Session and Authentication

• Issues and Challenges:

– Secure session and authentication with heterogeneous clouds

• Cloud weblets may need access other cloud/ws on behalf of user, so need permission

– Weblet migration: seamless accessing resource after migration

• weblet migrates between ED and clouds

• Session migration is need to provide seamless runtime performance

– Least of privilege:

– not sharing user account credential in cloud weblets – otherwise malicious weblets can get all user info

– Give less trust to cloud weblets

– So far, user does not trust cloud environment too much

– Permission delegation:

• a cloud weblet only can access authorized resources specified by the user or application developer

– Must be efficient

– Must have minimum application developer awareness:

• we are building an infrastructure for application developers

– Must have minimum user interference:

(11)

20 -Device

Elasticity Manager Local Weblet Cloud Node

Main CFI

LaunchWeblet(wid1)

LaunchWeblet(cfi,wid2,wsk,wss) GenerateSession(wsk,wss)

LaunchWeblet (localhost,wid1,wsk,wss)

app_method(p1,..,pn, wsk, N1, wid1,wid2, sig) Decide location to launch wid1

Select cloud node to launch

WebletOK(wid2_url,wid2,wsk,sig) WebletOK(wid2_url,wid2,wsk,sig) GetWeblets(wsk) WebletList(wsk) LaunchWeblet(nodeid,wid2,wsk,wss) LaunchWeblet(wid2,wsk,wss) Cloud Weblet WebletOK(wid1_url,wid1,wsk,sig) LaunchWeblet(wid2) WebletOK(wid2_url,wid2,wsk,sig) Https Http

Authentication & Session Management

Security Objectives

Session Identity

– To identify a session between weblets in different locations – Identify instances of the same

elastic app (EA)

Prevent network attacks

– Replay attack – Session hijack

Accountability

– Monitor usage and cost of elastic applications WebletOK(wid1_url,wid1,wsk,sig) WebletOK(wid2_url,wid2,wsk,sig)

Secure Migration

Security Objectives

Integrity

– Maintain session secrets and tokens during migration

– Resume secure communication between weblets

Transparency

– Transparent to cloud-level migration (When a cloud node weblet container is migrated from one physical machine to another.)

(12)

22

-Ongoing and Future Work

• Fine-grained authorization for cloud-based weblets

– Delegate subset of permissions to cloud weblets: less trust for cloud components – For least-privilege, information flow control, etc.

• Secure elasticity layer

– Resistant to compromise

• Verifying distributed application integrity with less trust on service provider

– Results depend on all weblets’ integrity – Data and control flow integrity verification

• Establishing trust in public cloud systems

– Trusted Computing

– Integrity Measurement / Verification

23

References

Download now ( PDF - 12 Page - 485.74 KB )

Related documents

Mechanical and solid particle erosion behavior of modified rice-husk filled epoxy composite

The composite are prepared with different concentration of rice husk and the erosive wear behavior and mechanical properties of the composites has been studied with different

Data Fusion based on Game Theory for Speaker Diarization

To establish the required principles to set the pay-off values it is necessary to consider several properties related to both systems, which have been observed by means of several

Examining the Mortality of an Unsheltered Homeless Cohort From Boston, MA, 2000 Through 2009

previous homelessness mortality research conducted at BHCHP and clinical evidence were applied to a cohort of unsheltered individuals living on the streets of Boston and

Literature review of tire-pavement interaction noise and reduction approaches

Based on the position of the receiver, tire noise can be categorized as interior noise (inside the vehicle) and exterior noise (outside the vehicle). As such, there

ALL STARS ALL-WEATHER ALL ACTION!

• Either a horse must run a minimum of three times on the all-weather surfaces in Great Britain, Ireland or France during the Qualifying period which runs between 29 October

Biosphere-atmosphere exchange of volatile organic compounds over C4 biofuel crops

It is unlikely that VOC emissions from the growth of switchgrass or corn, even if planted on very large scales, contribute signi ficantly to regional ozone formation, but the

Mahamudra - The Method of Self-Actualization

As far as the "object matter" is concerned, there is no difference between ordinary and aesthetic perception (the woman in our concrete world and the

Environmental Implications of Peri-urban Sprawl and the Urbanization of Secondary Cities in Latin America

According to the Economic Commission for Latin America and the Caribbean, the population of slum households accounted for 32 percent of the region’s population in 2001 and