Principles of protection against unauthorized access to resources of the cloud computing system.
Abstract
The article reveals the principles of protection against unauthorized access to the resources of the cloud computing system. It is emphasized that productivity is an important factor for considering the cloud computing system. Public clouds are accessed over the Internet and face bandwidth restrictions provided by their respective ISPs. It is emphasized that scaling to higher Internet bandwidth can significantly increase the total cost of owning cloud solutions. The architecture of the access control module for protection against unauthorized access to cloud computing system resources is considered, as well as the conceptual scheme of implementation of authentication and authorization processes using the access control module is proposed. , and can be applied to all information systems. The main architectural solutions of the architecture of the access control module are identified, its advantages and disadvantages from the point of view of information security are revealed, the basic models of cloud computing service are defined, the reference architecture of cloud computing from the point of view of data protection and security model is described. It is emphasized that the access control architecture has three main parts that work together to handle access requests: an access control module that receives / rejects / redirects access requests, a virtual distributed network that deploys and controls resources and services, and a centralized global system resource management, which handles the movement of requests to other clouds for remote use of services / resources. It is emphasized that the global resource management system acts as a barrier between different cloud services at the same level or different layers, and the use of one centralized global resource management system in the proposed architecture is based on avoiding the use of service level agreement for each service level.
References
Sultan N. Making use of cloud computing for healthcare provision: Opportunities and challenges. International Journal of Information Management. 2014. – V. 34. – P. 177–184.
Cacciatore K., Czarkowski P., Dake S., Garbutt J., Hemphill B., Jainschigg J., Moruga A., Otto A., Peters C., Whitaker B.E. Exploring Opportunities: Containers and OpenStack. OpenStack White Paper. 2015. – 19 p. URL: https://www.openstack.org/assets/pdf-downloads/Containers-and-OpenStack.pdf
Kar J., Mishra M. R. Mitigating Threats and Security Metrics in Cloud Computing // Journal of Information Processing Systems. 2016. Vol. 12, Issue 2. P. 226– 233. doi: http://doi.org/10.3745/jips.03.0049
Reshetova E., Karhunen J., Nyman T., Asokan N. Security of OS-level virtualization technologies. arXiv.org: Cornell University Library. URL: http://arxiv.org/pdf/1407.4245v1.pdf
White J.S., Pilbeam A.W. A survey of virtualization technologies with performance testing. arXiv.org: Cornell University Library. URL: http://arxiv.org/pdf/1010.3233.pdf
Monov L., Karev M. How to Counter Hybrid Threats? // Information & Security: An International Journal. 2018. Vol. 39, Issue 2. P. 113–126. doi: http://doi.org/10.11610/isij.3909
Xavier M.G., Neves M.V., Rossi F.D., Ferreto T.C., Lange T., De Rose C.A.F. Performance Evaluation of Container-Based Virtualization for High Performance Computing Environments. In: 21st Euro. Int. Conf. on Parallel, Distrib. & Network- based Processing. IEEE, 2013. – P. 233–240.
Morabito R. Power Consumption of Virtualization Technologies: an Empirical Investigation. arXiv.org: Cornell University Library. URL: http://arxiv.org/pdf/1511.01232v1.pdf
Patel A., Taghavi M., Bakhtiyari K., Junior J.C. An intrusion detection and prevention system in cloud computing: A systematic review. Journal of Network and Computer Applications. 2013. V. 36. – P. 25–41.
Основи інформаційної безпеки : навч. пос. / Дудикевич В. Б., Хорошко В. О., Яремчук Ю. Є. – Вінниця : ВНТУ, 2018. – 316 с.
Моделі та методи контролю доступу: що вам підходить?, 2020. – Режим доступу. – https://worldvision.com.ua/ua/modeli-i-metody-kontrolya-dostupa-chto-vam-podkhodit/.
Abstract views: 212 PDF Downloads: 198
