Mobile Agent based Multi-layer Security Framework for Cloud Data Centers

Objectives: This paper proposes a new mobile agent based cloud security framework comprising four different security and authentication layers to establish the trust relationship between two entities before using cloud services. Methods/Analysis: The proposed framework is divided into four layers with each layer performing authentication, verification and integrity at different levels of communication between two entities. An algorithm is used to check and analyze the validity and functionality of each layer. Mobile agents are used as main components for performing different tasks assigned and requested by clients from cloud service providers. Findings: The framework uses authenticated mobile agents from both clients and cloud service provider to perform the tasks on behalf of users to establish trustworthy computing relationship. This makes the whole process transparent and clear according to users and cloud service providers’ perspective. The proposed framework effectively ensures privacy and security of client data and gives control to client over his data using the security agents. Conclusion/Application: The main contribution of this paper is undoubtedly the agreement of trustworthy relationship between two entities to agree on security service level agreements to dynamically configure and add mobile agents on virtual machines handled by task managers in their respective mobile agent platforms.

[1]  Eric Overby,et al.  Enterprise agility and the enabling role of information technology , 2006, Eur. J. Inf. Syst..

[2]  Alfred Basta,et al.  Computer Security and Penetration Testing , 2007 .

[3]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[4]  Paul England,et al.  Resource management for isolation enhanced cloud services , 2009, CCSW '09.

[5]  Yong Zhao,et al.  Cloud Computing and Grid Computing 360-Degree Compared , 2008, GCE 2008.

[6]  Lingdi Ping,et al.  Trust Model to Enhance Security and Interoperability of Cloud Environment , 2009, CloudCom.

[7]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[8]  N. Saravanan,et al.  A Survey on Secure Storage in Cloud Computing , 2013 .

[9]  Helen J. Wang,et al.  Enabling Security in Cloud Storage SLAs with CloudProof , 2011, USENIX ATC.

[10]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[11]  S. Brintha Rajakumari,et al.  An Efficient Cost Model for Data Storage with Horizontal Layout in the Cloud , 2014 .

[12]  Gary Anthes,et al.  Security in the cloud , 2010, Commun. ACM.

[13]  N. Jaisankar,et al.  Android Application for Ticket Booking and Ticket Checking in Suburban Railways , 2015 .

[14]  Paul T. Jaeger,et al.  Identifying the security risks associated with governmental use of cloud computing , 2010, Gov. Inf. Q..

[15]  Brian Hayes,et al.  What Is Cloud Computing? , 2019, Cloud Technologies.

[16]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[17]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[18]  Michael Hall,et al.  Security and Control in the Cloud , 2010, Inf. Secur. J. A Glob. Perspect..

[19]  N. Saravanan,et al.  Privacy Preserving Approaches in Cloud: a Survey , 2013 .

[20]  Siani Pearson,et al.  Privacy, Security and Trust Issues Arising from Cloud Computing , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[21]  Rajkumar Buyya,et al.  Article in Press Future Generation Computer Systems ( ) – Future Generation Computer Systems Cloud Computing and Emerging It Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility , 2022 .

[22]  Cong Wang,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[23]  Geng Yang,et al.  Secure Document Service for Cloud Computing , 2009, CloudCom.

[24]  Christopher Krügel,et al.  Service specific anomaly detection for network intrusion detection , 2002, SAC '02.