Securing Elastic Applications on Mobile Devices

for Cloud Computing

Xinwen ZhangJoshua SchiffmanSimon GibbsAnugeetha KunjithapathamSangoh Jeong

Presenter :- M.S.F.NAQASH

Contents

• Introduction• Objective• Overview of Elastic Application• Key Terms• Challenges• ThreatModels • Related Works• Conclusion

Introduction

• Cloud Computing Utility computing where resources are

provided as a service over the internet.• Enterprise consumers – Real Benefiters• End Users - ??

Objective

Design elastic applications to augment the resource constrained platforms with elastic computing resources from the cloud.

Targeted for Consumer Electronic devices

Overview of Elastic Application

Key Terms

• Weblets - Partitions of an Elastic Application. - Functions Independently - Communicate with each other - Reasonable Amount of Data dependency - Migratable

Key Terms

• Device Elasticity Manager - Runs on the Device side. - Maintains the Configuration changes during Run Time. - Contains the Cost Module. - Contains Optimizer.

Key Terms

• Cloud Elasticity Service - Cloud Manager

– Oversee Resources. - Application Manager

– Install And Maintain Applications - Cloud Fabric Interface. - Node Manager.

Challenges

• New Application Model is needed.• Protocol for Run Time Communication• Cost Objective Functions • Framework has to be transparent• Security And Privacy

.

Elastic Framework Architecture

Threat Models• Threats to Mobile Devices. - Compromising DEM and Device• Threats to Cloud Platform And Application

Container.- Compromises CES

• Threats to Communication Channels.- Worm & Viruse Attacks

- MITM, Packet Injection, DDOS

• Framework has to be transparent• Security And Privacy

.

Security Objectives

• Trustworthy weblet containers.• Authentication And Secure Session Management• Authorization & Access Control• Logging And Auditing

.

Authentication And Secure Session Management

• Secure Installment of Elastic Applications- Binaries of Weblets.- UI Components.- Metadata encoded in to Manifest- SHA1 value of binaries

• Part of the weblets can be installed in CES..

Authentication Between Weblets

• Weblets residing in cloud and consumer device have to be authenticated prior to communication.

.

• Weblets residing in cloud and consumer device have to be authenticated prior to communication.

.

Secure Migration

Authorization of Weblets

• Deals with accessing the authorized web servers from the cloud.

• Two type of keys are obtained while logging in

- Application Session Key (ask)- Application Secret Key (ass)

• These keys are shared in 4 different ways.

Authorization of Weblets ….

• Shared User credential.• Shared Session Information• Use Session Information Only On device

weblet• oAuth-like

Related Works

• CloneCloud.• Trusted Cloud Computing Paltform• Cyber Foraging

Conclusion

• Proposes an elastic application framework with new application model and elasticity Infrastructure.

• Further analyses the impending threats to the framework and the alternatives to be considered.

• Another important aspect is about the authentication and secure communication between weblets.

Thank You