Using Open Stack for an Open Cloud Exchange(OCX)

Desnoyers, Peter; Hennessey, Jason; Holden, B. P.; Krieger, Orran; Rudolph, Larry; Young, Angela

doi:10.1109/ic2e.2015.40

Cited by 4 publications

(7 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We then construct a new, stronger one-time token mechanism that is a more stringent variant of the mechanism proposed in [25], and we prove that this mechanism suffices for realizing an ideal cloud that provides some meaningful security properties even when some of the services are fully corrupted. In a nutshell, our mechanism has Keystone generate a token that is authenticated via a cryptographic authentication tag, using Keystone's own master secret key.…”

Section: Security Weaknesses Formalizedmentioning

confidence: 98%

See 1 more Smart Citation

On the Universally Composable Security of OpenStack

Hogan

Maleki

Rahaeimehr

et al. 2019

2019 IEEE Cybersecurity Development (SecDev)

View full text Add to dashboard Cite

We initiate an effort to demonstrate how we can provide a rigorous, perceptible and holistic security analysis of a very large scale system. We choose OpenStack to exemplify our approach. OpenStack is the prevalent open-source, non-proprietary package for managing cloud services and data centers. It is highly complex and consists of multiple inter-related components which are developed by separate, loosely coordinated groups. All of these properties make the security analysis of OpenStack both a crucial mission and a challenging one. We base our modeling and security analysis in the universally composable (UC) security framework, which has been so far used mainly for analyzing security of cryptographic protocols. Indeed, demonstrating how the UC framework can be used to argue about security-sensitive systems which are mostly non-cryptographic, in nature, is one of the main contributions of this work.Our analysis has the following key features:1. It is user-centric: It stresses the security guarantees given to users of the system, in terms of privacy, correctness, and timeliness of the services.Although our analysis covers only a number of core components of OpenStack, it formulates some basic and important security trade offs in the design. It also naturally paves the way to a more comprehensive analysis of OpenStack. In addition, as a by-product result of our modeling, we introduce a novel tokening mechanism, RAFT, which is backward compatible with Fernet Token currently used in OpenStack. By applying the UC framework, we prove that RAFT's one-time use tokens can realize a more secure OpenStack cloud than bearer tokens do.

show abstract

Section: Security Weaknesses Formalizedmentioning

confidence: 98%

“…Indeed, previous works (e.g. [25]) have already pointed out this weakness and proposed limiting the scope of these bearer tokens by setting expiration times and other scoping mechanisms. 1 It should be stressed that, upon each new use of the token, each new service verifies the token again with Keystone.…”

Section: Security Weaknesses Formalizedmentioning

confidence: 99%

On the Universally Composable Security of OpenStack

Hogan

Maleki

Rahaeimehr

et al. 2019

2019 IEEE Cybersecurity Development (SecDev)

View full text Add to dashboard Cite

show abstract

“…These applications need to be composed and made to interoperate to support citizens' needs for online services. Similarly, the Massachusetts Open Cloud [4] is a marketplace (Open Cloud Exchange (OCX)) to encourage small business development. Solutions are open and one may build on the services of another.…”

Section: Introductionmentioning

confidence: 99%

Camflow: Managed Data-Sharing for Cloud Services

Pasquier

Singh

Eyers

et al. 2017

IEEE Trans. Cloud Comput.

View full text Add to dashboard Cite

Abstract-A model of cloud services is emerging whereby a few trusted providers manage the underlying hardware and communications whereas many companies build on this infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS applications. From the start, strong isolation between cloud tenants was seen to be of paramount importance, provided first by virtual machines (VM) and later by containers, which share the operating system (OS) kernel. Increasingly it is the case that applications also require facilities to effect isolation and protection of data managed by those applications. They also require flexible data sharing with other applications, often across the traditional cloud-isolation boundaries; for example, when government, consisting of different departments, provides services to its citizens through a common platform. These concerns relate to the management of data. Traditional access control is application and principal/role specific, applied at policy enforcement points, after which there is no subsequent control over where data flows; a crucial issue once data has left its owner's control by cloud-hosted applications and within cloud-services. Information Flow Control (IFC), in addition, offers system-wide, end-toend, flow control based on the properties of the data. We discuss the potential of cloud-deployed IFC for enforcing owners' data flow policy with regard to protection and sharing, as well as safeguarding against malicious or buggy software. In addition, the audit log associated with IFC provides transparency and offers system-wide visibility over data flows. This helps those responsible to meet their data management obligations, providing evidence of compliance, and aids in the identification of policy errors and misconfigurations. We present our IFC model and describe and evaluate our IFC architecture and implementation (CamFlow). This comprises an OS level implementation of IFC with support for application management, together with an IFC-enabled middleware.

show abstract

“…The triangleended purple line indicates the hourly profit that this vendor can make by renting all of these extra 5000 instances over the spot market. The spot market prices used for the c4.xlarge instances in this figure are obtained from Amazon for July [13][14][15][16][17][18][19][20]2015.…”

Section: An Economical Incentive Analysismentioning

confidence: 99%

“…• enable a marketplace model for data centers [11,17], providing the interface between hardware providers and users of this hardware, who are in turn free to adopt whichever provisioning tool or software deployment mechanism that best fits their needs,…”

Section: Introductionmentioning

confidence: 99%

Hil

Hennessey

Tikale

Türk

et al. 2016

Proceedings of the Seventh ACM Symposium on Cloud Computing

View full text Add to dashboard Cite

We propose a new Exokernel-like layer to allow mutually untrusting physically deployed services to efficiently share the resources of a data center. We believe that such a layer offers not only efficiency gains, but may also enable new economic models, new applications, and new security-sensitive uses. A prototype (currently in active use) demonstrates that the proposed layer is viable, and can support a variety of existing provisioning tools and use cases.

show abstract

Using Open Stack for an Open Cloud Exchange(OCX)

Cited by 4 publications

References 12 publications

On the Universally Composable Security of OpenStack

On the Universally Composable Security of OpenStack

Camflow: Managed Data-Sharing for Cloud Services

Hil

Contact Info

Product

Resources

About