ENGPAPER.COM - IEEE PAPER

CSE ECE EEE IEEE PROJECT

Secure Cloud Computing with a Virtualized Network Infrastructure

---

Despite the rapid development in the field of cloud computing, security is still one of the major hurdles to cloud computing adoption. Most cloud services (e.g. Amazon EC2) are offered at low cost without much protection to users. At the other end of the spectrum, highly secured cloud services (e.g. Google “government cloud”) are offered at much higher cost by using isolated hardware, facility, and administrators with security clearance. In this paper, we explore the “middle ground”, where users can still share physical hardware resource, but user networks are isolated and accesses are controlled in the way similar to that in enterprise networks. We believe this covers the need for most enterprise and individual users. We propose an architecture that takes advantage of network virtualization and centralized controller. This architecture overcomes scalability limitations of prior solutions based on VLANs, and enables users to customize security policy settings the same way they control their on-site network.

Despite the rapid development in the field of cloud computing, security is still one of the major obstacles to cloud computing adoption. To ease the concerns of IT managers, it is critical to ensure data privacy and integrity in the cloud at a level that is at least comparable to that in current enterprise networks. However, the current cloud computing services fall in short on isolating computing resources and networks between customers. This is not surprising because the success of cloud computing depends on economy of large scales. It is essential for cloud service providers to take advantage of resource sharing and multiplexing among customers. Virtual machines of different customers may reside on the same physical machine, and their data packets may share the same LAN. Such lack of isolation brings security risks to users. For example, has shown that it is possible for a hacker to conduct attacks towards another Amazon EC2 user who shares hardware resources with the hacker in the cloud. On the other end of the spectrum, google has proposed “government cloud”, which creates entirely separate hardware, software, and administrators (with appropriate background checks) for special customers. While such cloud service can be very secure, it is also very expensive — almost like building a separate data center for each customer. In this paper, we explore the “middle ground”, where users can still share physical hardware resource, but user networks are isolated and accesses are controlled in the way similar to that in enterprise networks. We believe this covers the need for most enterprise and individual users. More specifically, we propose a new data center architecture with following properties:
• Isolation. The architecture provides effective isolation between different customer networks. This includes supporting their private IP address spaces,
which may potentially be overlapping, and isolating their traffic. Resource allocation should be
managed so that customers cannot impact each
other’s resource usage in an uncontrolled manner.
• Transparency. The underlying data center infrastructure and hardware should be transparent to
the customers. Each customer should have a logical view of its own network, independent of the
actual implementation. This simplifies the administration for the customer and improves security.
• Location independence. The virtual machines (VM)
and networks of customers should be “location independent”, i.e., can be physically allocated anywhere in the data center. This can greatly improve
resource utilization and simplify provisioning.
• Easy policy control. Each customer may have its
own policy and security requirements. The architecture should allow customers to configure their
individual policy settings on the fly, and enforce
such settings in the network.
• Scalability. The number of customers that can
be supported should be restricted only by the resources available in the data center, not by design
artifacts.
• Low cost. The solution must mostly rely on off-
the-shelf devices, so that new investment for cloud
service providers can be reduced.

Free download research paper

CSE PROJECTS

FREE IEEE PAPER AND PROJECTS

FREE IEEE PAPER

IEEE PAPER
IEEE PROJECT
2022 IEEE PAPER
TOP TECHNOLOGIES 2022
2021 IEEE PAPER
2020 technology trends
2019-TOP-TECHNOLOGIES
2020 PAPERS 2019 2018

IEEE PROJECTS 2022

IEEE-PROJECTS-ON-CSE-2022
IEEE-PROJECTS-FOR-EEE-2022
IEEE-PROJECTS-FOR-ECE-2022
IEEE PROJECTS VLSI 2022
IEEE PROJECTS FOR MCA 2022

SEMINAR REPORTS

CSE SEMINAR PAPERS
ECE SEMINAR PAPERS
EEE SEMINAR PAPERS

FREE IEEE PROJECTS IEEE PAPERS

IEEE PROJECTS ECE
IEEE PROJECTS CSE
IEEE PROJECTS EEE
IEEE PROJECTS SOFTWARE
EMBEDDED
ELECTRONICS
VLSI
WIRELESS
ELECTRICAL
MACHINE LEARNING




free -computer science-cloud computing-13
free research papers-computer science-32

Secure Cloud Computing with a Virtualized Network Infrastructure IEEE PAPER