• No results found

Concept Design of Testbed based on Cloud Computing for Security Research

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Concept Design of Testbed based on Cloud Computing for Security Research"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

Concept Design of Testbed based on Cloud

Computing for Security Research

ByungRae Cha and JongWon Kim

School of Information and Communications, GIST, Korea [email protected], [email protected]

Abstract. Recently, there has been increasing researches on computing

environment caused by changes in computing paradigm of security aspects with respect to big data issues and eco-system of cloud computing. Because the cloud computing is operated on a variety of devices, there is a demand for the security aspects corresponding to various cloud computing devices. In this sense, this paper proposes concept design of a test bed for security research and describes a scenario for SRTB (Security Research TestBed based on cloud computing) case study.

Keywords: Cloud Computing, Testbed, Security Research, Multi-tenancy,

Virtualization, Resource Management

1 Introduction

Recently there has been increasing researches on computing environment caused by changes in computing paradigm of security aspects in relation to cloud computing. Big data issues and eco-system of cloud computing are operated on a variety of devices which are required for the security aspects corresponding to various cloud computing devices. However, there are multiple difficulties in establishing the actual computing environment for security verification and performing a security test based on the clouds computing environment in terms of time and cost. In order to resolve these problems, this paper proposes the pilot research in association with a test bed for cloud computing-based virtualization and multi-tenancy security research. In addition, we describe a scenario for Security Research TestBed based on cloud computing (SRTB) case study. This paper is organized as follows. In section 2, the SRTB is defined. In section 3, explanation on the functions of SRTB is presented. Section 4 describes the scenario of SRTB. Finally, our conclusion and future work is presented in section 5.

(2)

monitoring tools. Cloud resources are controlled by the resource management. The cloud resources are also virtualized by the virtualization. Multiple security researches are simultaneously supported by multi-tenancy. The template tools provide a variety of template functions with relation to VM, computing, and networking. The monitoring tools are monitoring the relative target to connection with the template tools.

In the aspects of resource management of SRTB, the cloud resources can be divided into physical, logical, and composite resources. In the accessing resources for security researchers, their authentication procedure and an access control policy for the assigned resources are given. The virtualization of SRTB greatly supports computing, storage, and network virtualization. Multi-tenancy of SRTB means the use of one S/W by several users. SRTB in multi-tenancy environment makes a resource pool and provides one service based on it. All security researchers share this service as shown in Figure 1. The greatest advantage of multi-tenancy is economy of scale. If SRTB is used, researchers do not need to make new individual system for security research and can minimize IT investment. Also, as only one system is managed, the management cost can be reduced. When errors are found, all researchers can have the same benefits by one correction and use simultaneously by one upgrade. The template tools of SRTB provide a template for the system constructed for assigned resources (i.e. computing, storage, and networking). The monitoring tools of SRTB provide a variety of tools to monitor the system produced in the template tools as shown in Figure 2.

(3)

Fig. 2. Template and Monitoring Tools of SRTB

3 Functions of SRTB

SRTB functions include resource management, VM preliminary and tolerance, script, emulator, template, and monitoring functions. Resource management functions of SRTB include resource management which is assigned to a researcher and a SRTB administrator. Function of a VM preliminary and tolerance provides additional resources to the assigned resources for flexibility. In order to solve the system operation problems, a tolerance function are offered with respect to giving emergency state to VM operation. Functions of script and emulator provide the emulator function of NS and help researchers describe a scenario using a NS script. It sets a network by analyzing a NS script code and fitting script code objects to the NS script driven and described in VM. For template and monitoring functions, see Figure 2. To conduct security research and test in SRTB, the utilization of resources should be assigned by the SRTB administrator. Administrator constructs VM, OS, and storage using the provided template and the connected template. It also constructs a virtual network using the constructed system. In addition, administrator constructs a variety of monitoring tools based on the constructed system and networking for monitoring and inspection. The security researchers make a security research scenario by the NS or shell script using the constructed system, networking, and monitoring tools. Lastly, the security researchers implement the security research scenarios by the NS or shell script. When the security research scenario is implemented, the results of monitoring and inspection by monitoring tools are produced in many different forms. The results are analyzed by the statistical techniques and data mining methods. The results are also reported in GUI environment. When the security research scenario and analysis are completed, the assigned resources are withdrawn to the SRTB administrator. The produced results by the security research scenario are stored in researcher's private storage or shared storage by researcher groups.

(4)

Fig. 3. Case Study 1 of SRTB

The multi-tenancy function of SRTB provides many products including digital forensic analysis tools (i.e. EnCase, FTK, etc.) for monitoring and implements computing and networking forensic. Results from the implementation of forensic are analyzed and reported, as shown in Figure 4.

(5)

This study conducted pilot research to propose a test bed for security research and described a scenario for SRTB case study. Further study is required to develop in order to a proto type to improve test bed environment and functions proposed in the pilot research.

Acknowledgments.

This research was supported by Basic Science Research

Prog-ram through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (2012R1A1A2041274). This paper was suppor-ted by Startup Business Growth Technical Development Project funded by the Small and Medium Business Administration (S2111889, “Development of Dedicated SIP Ser-ver based on virtualization for Voice-OTP mobile App.”).

References

1. http://www.isi.edu/nsnam/ns/

2. http://www.guidancesoftware.com/encaseforensic.htm 3. http://accessdata.com/products/digital-forensics/ftk

References

Download now ( PDF - 5 Page - 175.39 KB )

Related documents

Building the Positive Law Firm: The Legal Profession at Its Best

The 2008 financial collapse catalyzed sweeping changes in the legal profession that resulted in dwindling work for law firms and client demands for deep price discounts. But most

Validation Date: 29/11/2013. Ratified Date: 14/01/2014. Review dates may alter if any significant changes are made

Where the complainant wishes to make a formal complaint, staff should ensure that they give them the appropriate complaints leaflet and support and that the Patient

Cseq-simulator: a data simulator for CLIP-Seq experiments

In order to picture the overall performance of the selected alignment tools, we determined the fraction of reads that could not be mapped (unmapped), that mapped to multiple

Effect of Sample Size on Cotton Plant Mapping Analysis and Results

On average, 37 plants per cultivar among five cultivars were required to reach a statistical power of 0.90, with the required number based on the magnitude of difference

Annual Meeting of the Israel Neurosurgical Society in conjunction with the Israel Spine Society and the Israeli Trauma Association

Morning tour of Beit Shean and then transfer to Pastoral Kfar Blum Rate for single room: US$435. Rate for double room (2 people): US$660

Open Government. Informing Engaging Embracing Change

Government will release human resource spending by department and agency in an open data format to ensure government accountability and transparency and provide the public with

Stability of marketable payoffs with re-trading

We will show that Assumption K’ is satisfied by the re-trading extension of a financial structure when there is a unique node of issuance of all initial asset, Assumption K’