Persistent Link:
http://hdl.handle.net/10150/347137
Title:
Resilient Cloud Computing and Services
Author:
Fargo, Farah Emad
Issue Date:
2015
Publisher:
The University of Arizona.
Rights:
Copyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author.
Embargo:
Release after 7-July-2015
Abstract:
Cloud Computing is emerging as a new paradigm that aims at delivering computing as a utility. For the cloud computing paradigm to be fully adopted and effectively used it is critical that the security mechanisms are robust and resilient to malicious faults and attacks. Securing cloud is a challenging research problem because it suffers from current cybersecurity problems in computer networks and data centers and additional complexity introduced by virtualizations, multi-tenant occupancy, remote storage, and cloud management. It is widely accepted that we cannot build software and computing systems that are free from vulnerabilities and that cannot be penetrated or attacked. Furthermore, it is widely accepted that cyber resilient techniques are the most promising solutions to mitigate cyberattacks and change the game to advantage defender over attacker. Moving Target Defense (MTD) has been proposed as a mechanism to make it extremely challenging for an attacker to exploit existing vulnerabilities by varying different aspects of the execution environment. By continuously changing the environment (e.g. Programming language, Operating System, etc.) we can reduce the attack surface and consequently, the attackers will have very limited time to figure out current execution environment and vulnerabilities to be exploited. In this dissertation, we present a methodology to develop an Autonomic Resilient Cloud Management (ARCM) based on MTD and autonomic computing. The proposed research will utilize the following capabilities: Software Behavior Obfuscation (SBO), replication, diversity, and Autonomic Management (AM). SBO employs spatiotemporal behavior hiding or encryption and MTD to make software components change their implementation versions and resources randomly to avoid exploitations and penetrations. Diversity and random execution is achieved by using AM that will randomly "hot" shuffling multiple functionally-equivalent, behaviorally-different software versions at runtime (e.g., the software task can have multiple versions implemented in a different language and/or run on a different platform). The execution environment encryption will make it extremely difficult for an attack to disrupt normal operations of cloud. In this work, we evaluated the performance overhead and effectiveness of the proposed ARCM approach to secure and protect a wide range of cloud applications such as MapReduce and scientific and engineering applications.
Type:
text; Electronic Dissertation
Keywords:
cloud computing; redundancy; resilient cloud services; software behavior obfuscation; software diversity; Electrical & Computer Engineering; autonomic computing
Degree Name:
Ph.D.
Degree Level:
doctoral
Degree Program:
Graduate College; Electrical & Computer Engineering
Degree Grantor:
University of Arizona
Advisor:
Hariri, Salim

Full metadata record

DC FieldValue Language
dc.language.isoen_USen
dc.titleResilient Cloud Computing and Servicesen_US
dc.creatorFargo, Farah Emaden_US
dc.contributor.authorFargo, Farah Emaden_US
dc.date.issued2015-
dc.publisherThe University of Arizona.en_US
dc.rightsCopyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author.en_US
dc.description.releaseRelease after 7-July-2015en_US
dc.description.abstractCloud Computing is emerging as a new paradigm that aims at delivering computing as a utility. For the cloud computing paradigm to be fully adopted and effectively used it is critical that the security mechanisms are robust and resilient to malicious faults and attacks. Securing cloud is a challenging research problem because it suffers from current cybersecurity problems in computer networks and data centers and additional complexity introduced by virtualizations, multi-tenant occupancy, remote storage, and cloud management. It is widely accepted that we cannot build software and computing systems that are free from vulnerabilities and that cannot be penetrated or attacked. Furthermore, it is widely accepted that cyber resilient techniques are the most promising solutions to mitigate cyberattacks and change the game to advantage defender over attacker. Moving Target Defense (MTD) has been proposed as a mechanism to make it extremely challenging for an attacker to exploit existing vulnerabilities by varying different aspects of the execution environment. By continuously changing the environment (e.g. Programming language, Operating System, etc.) we can reduce the attack surface and consequently, the attackers will have very limited time to figure out current execution environment and vulnerabilities to be exploited. In this dissertation, we present a methodology to develop an Autonomic Resilient Cloud Management (ARCM) based on MTD and autonomic computing. The proposed research will utilize the following capabilities: Software Behavior Obfuscation (SBO), replication, diversity, and Autonomic Management (AM). SBO employs spatiotemporal behavior hiding or encryption and MTD to make software components change their implementation versions and resources randomly to avoid exploitations and penetrations. Diversity and random execution is achieved by using AM that will randomly "hot" shuffling multiple functionally-equivalent, behaviorally-different software versions at runtime (e.g., the software task can have multiple versions implemented in a different language and/or run on a different platform). The execution environment encryption will make it extremely difficult for an attack to disrupt normal operations of cloud. In this work, we evaluated the performance overhead and effectiveness of the proposed ARCM approach to secure and protect a wide range of cloud applications such as MapReduce and scientific and engineering applications.en_US
dc.typetexten
dc.typeElectronic Dissertationen
dc.subjectcloud computingen_US
dc.subjectredundancyen_US
dc.subjectresilient cloud servicesen_US
dc.subjectsoftware behavior obfuscationen_US
dc.subjectsoftware diversityen_US
dc.subjectElectrical & Computer Engineeringen_US
dc.subjectautonomic computingen_US
thesis.degree.namePh.D.en_US
thesis.degree.leveldoctoralen_US
thesis.degree.disciplineGraduate Collegeen_US
thesis.degree.disciplineElectrical & Computer Engineeringen_US
thesis.degree.grantorUniversity of Arizonaen_US
dc.contributor.advisorHariri, Salimen_US
dc.contributor.committeememberAkoglu, Alien_US
dc.contributor.committeememberWang, Janeten_US
dc.contributor.committeememberHariri, Salimen_US
All Items in UA Campus Repository are protected by copyright, with all rights reserved, unless otherwise indicated.