An authentication framework for peer-to-peer cloud
Authors: 
Geong Sen Poh, Mohd Amril Nurman Mohd Nazir, Bok-Min Goi, Syh-Yuan Tan, Raphael Chung-Wei Phan, Maryam Safiyah ShamsudinAuthors Info & Claims
Geong Sen Poh, Mohd Amril Nurman Mohd Nazir, Bok-Min Goi, Syh-Yuan Tan, Raphael Chung-Wei Phan, Maryam Safiyah ShamsudinAuthors Info & ClaimsPages 94 - 101
Abstract
Cloud computing provides on demand computation and storage services delivered via applications, system software and hardware rendered as services. Due to its on demand nature, it has high variable workloads and requires real-time efficiency and availability. Most cloud computing systems use a centralised model to provision services, but reliance on a central entity to control scheduling decision and maintain all cloud hosts may constitute a computing bottleneck. A system failure will cause service outage, sometimes for a few hours as had happened before. In addition, the central entity needs to support heavy workloads in terms of service provisioning to all resource hosts. These issues can be addressed by distributing cloud resources using structured peer-to-peer (P2P) overlay networks as was recently proposed. However these proposals do not examine potential security issues of a P2P-based cloud, one of them being how peers verify the identities of one another over a decentralised setting. Therefore we propose an authentication framework for P2P cloud consisting of various approaches for authenticating entities and messages. The framework combines cryptographic primitives and security mechanisms proposed for existing structured P2P network.
References
[1]
Amazon. Amazon EC2. http://aws.amazon.com/ec2/.
[2]
M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia. A view of cloud computing. Commun. ACM, 53(4): 50--58, 2010.
[3]
A. M. Azab, P. Ning, Z. Wang, X. Jiang, X. Zhang, and N. C. Skalsky. Hypersentry: enabling stealthy in-context measurement of hypervisor integrity. In CCS '10, pages 38--49. ACM, 2010.
[4]
O. Babaoglu, M. Marzolla, and M. Tamburini. Design and implementation of a P2P Cloud system. In SAC '12, pages 412--417. ACM, 2012.
[5]
B. Balacheff, L. Chen, S. Pearson, D. Plaquin, and G. Proudler. Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall PTR, 2003.
[6]
M. Castro, P. Druschel, A. Ganesh, A. Rowstron, and D. S. Wallach. Secure routing for structured peer-to-peer overlay networks. SIGOPS Oper. Syst. Rev., OSDI '02, 36(SI): 299--314, 2002.
[7]
Z. Chen, Y. Zhao, X. Miao, Y. Chen, and Q. Wang. Rapid Provisioning of Cloud Infrastructure Leveraging Peer-to-Peer Networks. In ICDCS Workshops '09, pages 324--329, 2009.
[8]
J. Crampton, H. W. Lim, K. G. Paterson, and G. Price. User-friendly and certificate-free grid security infrastructure. International Journal of Information Security, 10(3): 137--153, 2011.
[9]
A. Dent and C. Mitchell. User's Guide to Cryptography and Standards. Artech House, 2004.
[10]
T. Dierks and E. Rescorla. The TLS Protocol Version 1.1. RFC 4346, 2006.
[11]
J. R. Douceur. The Sybil Attack. In IPTPS '01, pages 251--260, London, UK, 2002. Springer-Verlag.
[12]
Eucalyptus. Eucalyptus. http://www.eucalyptus.com/.
[13]
Google. Google AppEngine. https://cloud.google.com/products/.
[14]
K. Graffi, D. Stingl, C. Gross, H. Nguyen, A. Kovacevic, and R. Steinmetz. Towards a P2P Cloud: Reliable Resource Reservations in Unreliable P2P Systems. In ICPADS 2010, pages 27--34, 2010.
[15]
M. Gupta, P. Judge, and M. Ammar. A reputation system for peer-to-peer networks. In NOSSDAV '03, pages 144--152. ACM, 2003.
[16]
C.-J. Hsu, W.-C. Chung, K.-C. Lai, K.-C. Li, and Y.-C. Chung. A Novel Approach for Cooperative Overlay-Maintenance in Multi-overlay Environments. In CloudCom '10, pages 81--88, 2010.
[17]
Levine, B. Neil, C. Shields, and B. N. Margolin. A Survey of Solutions to the Sybil Attack. (2006-052), 10/2006 2006.
[18]
Z. Li, X. Xu, L. Shi, J. Liu, and C. Liang. Authentication in Peer-to-Peer Network: Survey and Research Directions. In NSS '09, pages 115--122, 2009.
[19]
F. Liu, J. Tong, J. Mao, R. Bohn, J. Messina, L. Badger, and D. Leaf. Nist cloud computing reference architecture. NIST Special Publication 500-292, 2011.
[20]
E. K. Lua, J. Crowcroft, M. Pias, R. Sharma, and S. Lim. A survey and comparison of peer-to-peer overlay network schemes. Communications Surveys Tutorials, IEEE, 7(2): 72--93, quarter 2005.
[21]
P. Mell and T. Grance. The NIST definition of cloud computing. NIST Special Publication 800-145, 2011.
[22]
Microsoft. Microsoft Azure. http://www.windowsazure.com/en-us/.
[23]
C. J. Mitchell, editor. Trusted Computing. IEE Press, 2005.
[24]
C. Modi, D. R. Patel, B. Borisaniya, A. Patel, and M. Rajarajan. A novel framework for intrusion detection in cloud. In SIN '12, pages 67--74. ACM, 2012.
[25]
OpenNebula.org. OpenNebula. http://www.opennebula.org/.
[26]
R. Ranjan and R. Buyya. Decentralized overlay for federation of enterprise clouds. Arxiv preprint arXiv:0811.2563, 2008.
[27]
R. Ranjan, L. Zhao, X. Wu, A. Liu, A. Quiroz, and M. Parashar. Peer-to-Peer Cloud Provisioning: Service Discovery and Load-Balancing. In Cloud Computing, Computer Communications and Networks, pages 195--217. Springer London, 2010.
[28]
S. Ratnasamy, P. Francis, M. Handley, R. Karp, and S. Shenker. A scalable content-addressable network. In SIGCOMM '01, pages 161--172. ACM, 2001.
[29]
A. Rowstron and P. Druschel. Pastry: Scalable, Distributed Object Location and Routing for Large-scale Peer-to-Peer Systems. In Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms, Middleware 2001, pages 329--350. Springer-Verlag London, 2001.
[30]
E. Sit and R. Morris. Security considerations for peer-to-peer distributed hash tables. In IPTPS'01, pages 261--269. Springer-Verlag, 2002.
[31]
I. Stoica, R. Morris, D. Karger, M. F. Kaashoek, and H. Balakrishnan. Chord: A scalable peer-to-peer lookup service for internet applications. In SIGCOMM '01, pages 149--160. ACM, 2001.
[32]
S. Subashini and V. Kavitha. A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1): 1--11, 2011.
[33]
L. Toka and P. Michiardi. Uncoordinated peer selection in p2p backup and storage applications. In IEEE INFOCOM Workshops 2009, pages 1--6. IEEE, 2009.
[34]
D. S. Wallach. A survey of peer-to-peer security issues. In ISSS'02, pages 42--57. Springer-Verlag, 2003.
[35]
Y. Wang and J. Vassileva. Trust and reputation model in peer-to-peer networks. In P2P 2003, pages 150--157, 2003.
[36]
T. Ylonen and C. Lonvick. RFC4252: The Secure Shell (SSH) Authentication Protocol.
[37]
A. Yu, Y. Qin, and D. Wang. Obtaining the Integrity of Your Virtual Machine in the Cloud. In CloudCom '11, pages 213--222, 2011.
Index Terms
- An authentication framework for peer-to-peer cloud
Recommendations
Peer-to-peer service provisioning in cloud computing environments
This paper aims to advance the management and delivery of services in large, heterogeneous, uncertain, and evolving cloud computing environments. The goal is important because such systems are becoming increasingly popular, yet existing service ...
A framework for architecting peer-to-peer receiver-driven overlays
NOSSDAV '04: Proceedings of the 14th international workshop on Network and operating systems support for digital audio and videoThis paper presents a simple and scalable framework for architecting peer-to-peer overlays called Peer-to-peer Receiver-driven Overlay (or PRO). PRO is designed for non-interactive streaming applications and its primary design goal is to maximize ...
Comments
Information & Contributors
Information
Published In
November 2013
483 pages
ISBN:9781450324984
DOI:10.1145/2523514
- General Chairs:
- Atilla Elçi,
- Manoj Singh Gaur,
- Mehmet A. Orgun,
- Oleg B. Makarevich
Copyright © 2013 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
- Macquarie U., Austarlia
- MNIT: Malaviya National Institute of Technology
- Aksaray Univ.: Aksaray University
- SFedU: Southern Federal University
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 26 November 2013
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
SIN '13
Sponsor:
- MNIT
- Aksaray Univ.
- SFedU
SIN '13: The 6th International Conference on Security of Information and Networks
November 26 - 28, 2013
Aksaray, Turkey
Acceptance Rates
Overall Acceptance Rate 102 of 289 submissions, 35%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 218Total Downloads
- Downloads (Last 12 months)3
- Downloads (Last 6 weeks)0
Reflects downloads up to 11 Aug 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in