Fig 1 - uploaded by Ionel Gordin
Content may be subject to copyright.
![Fig. 1. Openstack network architecture [2]](profile/Ionel-Gordin/publication/326050958/figure/fig1/AS:1059879716392962@1629706424303/Openstack-network-architecture-2_Q320.jpg)
Contexts in source publication
Context 1
... storage, management of secrets (i.e. passwords), encryption keys and also X.509 certificates Before any security assessment, it is important to know the first the network structure. Based on this information security scans can be conducted on primary nodes and from there we can move forward to analyze the communication type between services. Fig. 1, represents graphically the network architecture of OpenStack. ...
Similar publications
We report on the 2018 edition of the Confluence Competition, a competition of software tools that aim to (dis)prove confluence and related properties of rewrite systems automatically.
We determine the rotational velocity of solar coronal bright features using the cross-correlation method applied to 21.1 nm EUV images obtained by the Atmospheric Imaging Array (AIA) instrument onboard the Solar Dynamics Observatory (SDO) spacecraft. We reduce the problem to the determination of the maximum of the cross-correlation function constru...
The high demand of artificial intelligence services at the edges that also preserve data privacy has pushed the research on novel machine learning paradigms that fit those requirements. Federated learning has the ambition to protect data privacy through distributed learning methods that keep the data in their data silos. Likewise, differential priv...
Based on the well known modelling cycle we develop a concept of modelling in mathematics education using technology. We discuss the specifics of modelling with computers and handhelds and show some technical possibilities of software tools for mathematics classes. Exemplary we show different modelling cycles using technology based on the three majo...
Citations
... It is more than enough to support this hypothesis just by analyzing the offers of cloud services by companies like Google and Amazon which provide solutions, such as Google Cloud Platform or Amazon Web Services [10]. There are also plenty of other platforms which are being offered by smaller companies working in Infrastructure as a Service (IaaS) [10] models which are based, for example, on the Open Source OpenStack [9] platform. This trend is caused by many factors, such as the price of such service or possibility to integrate most popular project methodology i.e. an agile development of IT system life cycle [4]. ...
... Software Platforms involve the use of automated tools and software to analyze security during research in the design or enhancement of algorithms, protocols, techniques, solutions or applications [144]. Moreover, these Software Platforms are typically used in the later stages of the research during evaluation and result comparisons [145]. Various publications have utilized several Software Platforms to perform analysis and evaluation for the security and privacy of 6G networks. ...
... Research on key technology of Network Security situation awareness of private cloud in enterprises [6] The paper concentrates on network security situational awareness of private cloud in the era of big data and analyses the relevant evaluation indexes. Cloud Threat Defense -a threat protection and compliance solution [7] This paper explores the security issues related to clod computing and proposes a cloud native scalable security solution for the cloud. ...
Cybersecurity is referred to the process, technologies and practices for protection of devices, networks, data from damage and unauthorized access. Cybersecurity has always been important because military, government, financial and corporate organizations collect, store and process enormous amounts of data on computers and on the other devices. As the older threats are eradicated, newer threats are being added to the system by the adversaries. This project is aimed to provide a secure communication between a server and a client. Many cryptographic libraries are available for this purpose but many libraries do not have adequate documentation. Now a days it is necessary to monitor and regulate the data security systems for controlling unauthorized access and many of the attacks. Intelligent Vault is a cyber security tool to protect and monitor the available data. In the way of 360-degree security in automation, surveillance, Storage Intrusion Threat Intelligence and Real-Time Response through its Intelligent Vault. It sync’s the data from the proxy systems. The data processing will be performed in R-client and R-server using Nervio-Guard package. Telemetry validation and Real time processing of Advance SecOps will be processed in Intelligent Vault.
... They proposed a 'Moon Cloud' platform composed of a set of recommendations for continuous cloud security verification. Additionally, authors in [32] opt for analysis security for OpenStack private cloud. They analyzed security of cloud nodes and hosted virtual machines using vulnerabilities scanners, and listed the opened ports and their limitations. ...
Cloud computing still one of the most hyped IT innovations. It envisages a world where components can be rapidly released, implemented, and scaled up and down providing an on-demand utility-like model of allocation and consumption. Moreover, Cloud Management Platform CMP is considered one of its typical components. It is a software product that deploys and manages a Cloud infrastructure. OpenStack, as the most widely adopted platform, has got more and more attention. It aims to be competitive compared to other platforms, like Amazon Web Services (AWS). Furthermore, the adoption of cloud solutions introduces security and privacy concerns. OpenStack is no exception, and security concerns are present in its lifecycle which makes its security analysis a crucial mission. Therefore, this paper firstly presents a state of the art of OpenStack components, sub-components, and their interaction. Then, it focuses principally on an analysis of the most common vulnerabilities affected by OpenStack. The analysis is based on ten years of security reports. Our work leads to have a good comprehension of the OpenStack project, identify its vulnerability trends, and characterize comprehensively its security issues.
... e cloud computing field took huge attention of the researchers in information technology by having different powerful parameters. e parameters cost reduction, ondemand self-service, rapid elasticity, resource pooling, broad network access, high service scalability, flexibility, and high capacity of storage to afford the big data [4]. Many problems in the business domain have been solved by cloud computing and provide an efficient platform for the business community. ...
In recent years, cloud computing has gained massive popularity in information technology and the industrial Internet of things. It provides facilities to the users over the wireless channel. Many surveys have been carried out in cloud security and privacy. The existing survey papers do not specify the classifications on the basis of cloud computing components. Therefore, they fail to provide the techniques with their specialities as well as the previously available literature review is outdated. This paper presents the security for cloud computing models with a new aspect. Unlike the previously existing surveys, the literature review of this paper includes the latest research papers in the field of cloud security. Also, different classifications are made for cloud computing security on the basis of different cloud components that are used to secure the cloud models. Furthermore, a total of eleven (11) classifications are considered, which includes cloud components to secure the cloud systems. These classifications help the researchers to find out the desired technique used in a specific component to secure the cloud model. Moreover, the shortcoming of each component enables the researchers to design an optimal algorithm. Finally, future directions are given to highlight future research challenges that give paths to researchers.
... e cloud computing field took huge attention of the researchers in information technology by having different powerful parameters. e parameters cost reduction, ondemand self-service, rapid elasticity, resource pooling, broad network access, high service scalability, flexibility, and high capacity of storage to afford the big data [4]. Many problems in the business domain have been solved by cloud computing and provide an efficient platform for the business community. ...
In recent years, cloud computing has gained massive popularity in information technology and the industrial Internet of things. It provides facilities to the users over the wireless channel. Many surveys have been carried out in cloud security and privacy. e existing survey papers do not specify the classifications on the basis of cloud computing components. Therefore, they fail to provide the techniques with their specialties as well as the previously available literature review is outdated. is paper presents the security for cloud computing models with a new aspect. Unlike the previously existing surveys, the literature review of this paper includes the latest research papers in the field of cloud security. Also, different classifications are made for cloud computing security on the basis of different cloud components that are used to secure the cloud models. Furthermore, a total of eleven (11) classifications are considered, which includes cloud components to secure the cloud systems. ese classifications help the researchers to find out the desired technique used in a specific component to secure the cloud model. Moreover, the shortcoming of each component enables the researchers to design an optimal algorithm. Finally, future directions are given to highlight future research challenges that give paths to researchers.
... e cloud computing field took huge attention of the researchers in information technology by having different powerful parameters. e parameters cost reduction, ondemand self-service, rapid elasticity, resource pooling, broad network access, high service scalability, flexibility, and high capacity of storage to afford the big data [4]. Many problems in the business domain have been solved by cloud computing and provide an efficient platform for the business community. ...
... In 2018, Gordin et al. [18] discussed the services of a public cloud. According to the authors the security is the major concern in terms of communication in cloud computing environment. ...
... However, it does not provide any security analysis, formal or otherwise. Other works [3,23,47,48,2,19] have provided informal security analysis of OpenStack (either one service or the whole platform) and some provided solutions to protect secrecy or integrity of the VMs against the cloud provider or other VMs running on the same compute node [46,61,62] or privacy and security of the cloud users to protect their data, code, and computation [10,12,50]. However non of the aforementioned works consider situations where a cloud service is compromised. ...
OpenStack is the prevalent open-source, non-proprietary package for managing cloud services and data centers. It is highly complex and consists of multiple inter-related components which are developed by separate, loosely coordinated groups. All of these properties make the security analysis of OpenStack both a crucial mission and a challenging one. In this dissertation, we demonstrate how we can provide a rigorous, perceptible and holistic security analysis of OpenStack. We base our modeling and security analysis in the universally composable (UC) security framework, which has been so far used mainly for analyzing the security of cryptographic protocols. Indeed, demonstrating how the UC framework can be used to argue about security-sensitive systems which are mostly non-cryptographic, in nature, is one of the main contributions of this work. Our analysis has the following key features: 1- It is user-centric: It stresses the security guarantees given to users of the system, in terms of privacy, correctness, and timeliness of the services. 2- It provides defense in depth: It considers the security of OpenStack even when some of the components are compromised. This departs from the traditional design approach of OpenStack, which assumes that all services are fully trusted. 3- It is modular: It formulates security properties for individual components and uses them to assert security properties of the overall system. We formulate ideal functionalities that correspond to several OpenStack modules and then prove the security of the overall OpenStack protocol given the ideal components. The modeling paves the way toward a comprehensive analysis of OpenStack: it is extensible to the addition of new components and modular to an intra-component analysis. It turns out that some salient issues come up even at this relatively high level of representation and analysis. Specifically, we demonstrate that the scoping of permissions given by users to proxy "tokens" causes the overall security to fail as soon as any one of the components fails. We propose an alternative, more finely scoped token mechanism and assert that the new mechanisms suffice for regaining overall security even when some of the components are faulty.
... In 2018, Gordin et al. [21] suggested the use for the companies to take the benefits of Google cloud, Amazon EC2 and Microsoft Azure. They have suggested that in case of public clouds in general providers assure the security. ...
