Return to search

Self-adaptive authorisation in cloud-based systems

Submitted by Automa??o e Estat?stica (sst@bczm.ufrn.br) on 2017-02-02T11:51:15Z
No. of bitstreams: 1
ThomasFilipeDaSilvaDiniz_DISSERT.pdf: 1274346 bytes, checksum: 92a77c7516fba88a183765b28a4ae268 (MD5) / Approved for entry into archive by Arlan Eloi Leite Silva (eloihistoriador@yahoo.com.br) on 2017-02-03T21:26:05Z (GMT) No. of bitstreams: 1
ThomasFilipeDaSilvaDiniz_DISSERT.pdf: 1274346 bytes, checksum: 92a77c7516fba88a183765b28a4ae268 (MD5) / Made available in DSpace on 2017-02-03T21:26:05Z (GMT). No. of bitstreams: 1
ThomasFilipeDaSilvaDiniz_DISSERT.pdf: 1274346 bytes, checksum: 92a77c7516fba88a183765b28a4ae268 (MD5)
Previous issue date: 2016-05-02 / Apesar dos grandes avan?os realizados visando a prote??o de plataformas de nuvem contra
ataques maliciosos, pouco tem sido feito em rela??o a prote??o destas plataformas contra
amea?as internas. Este trabalho prop?e lidar com este desafio atrav?s da introdu??o de
auto-adapta??o como um mecanismo para lidar com amea?as internas em plataformas de
nuvem, e isso ser? demonstrado no contexto de mecanismos de autoriza??o da plataforma
OpenStack. OpenStack ? uma plataforma de nuvem popular que se baseia principalmente
no Keystone, o componente de gest?o de identidade, para controlar o acesso a seus recursos.
A utiliza??o de auto-adapta??o para o manuseio de amea?as internas foi motivada
pelo fato de que a auto-adapta??o tem se mostrado bastante eficaz para lidar com incerteza
em uma ampla gama de aplica??es. Ataques internos maliciosos se tornaram uma
das principais causas de preocupa??o, pois mesmo mal intencionados, os usu?rios podem
ter acesso aos recursos e por exemplo, roubar uma grande quantidade de informa??es. A
principal contribui??o deste trabalho ? a defini??o de uma solu??o arquitetural que incorpora
autoadapta??o nos mecanismos de autoriza??o do OpenStack, a fim de lidar com
amea?as internas. Para isso, foram identificados e analisados diversos cen?rios de amea?as
internas no contexto desta plataforma, e desenvolvido um prot?tipo para experimentar e
avaliar o impacto destes cen?rios nos sistemas de autoriza??o em plataformas em nuvem. / Although major advances have been made in protection of cloud platforms against malicious
attacks, little has been done regarding the protection of these platforms against
insider threats. This paper looks into this challenge by introducing self-adaptation as a
mechanism to handle insider threats in cloud platforms, and this will be demonstrated in
the context of OpenStack authorisation. OpenStack is a popular cloud platform that relies
on Keystone, its identity management component, for controlling access to its resources.
The use of self-adaptation for handling insider threats has been motivated by the fact
that self-adaptation has been shown to be quite effective in dealing with uncertainty in
a wide range of applications. Malicious insider attacks have become a major cause for
concern since legitimate, though malicious, users might have access, in case of theft, to
a large amount of information. The key contribution of this work is the definition of an
architectural solution that incorporates self-adaptation into OpenStack in order to deal
with insider threats. For that, we have identified and analysed several insider threats scenarios
in the context of the OpenStack cloud platform, and have developed a prototype
that was used for experimenting and evaluating the impact of these scenarios upon the
self-adaptive authorisation system for the cloud platforms.

Identiferoai:union.ndltd.org:IBICT/oai:repositorio.ufrn.br:123456789/21863
Date02 May 2016
CreatorsDiniz, Thomas Filipe da Silva
Contributors03038841420, http://lattes.cnpq.br/4635320220484649, Batista, Thais Vasconcelos, 56765614400, http://lattes.cnpq.br/5521922960404236, Ferraz, Carlos Andr? Guimar?es, 46034587468, http://lattes.cnpq.br/7716805104151473, Silva, Carlos Eduardo da, Cacho, Nelio Alessandro Azevedo
PublisherPROGRAMA DE P?S-GRADUA??O EM SISTEMAS E COMPUTA??O, UFRN, Brasil
Source SetsIBICT Brazilian ETDs
LanguagePortuguese
Detected LanguageEnglish
Typeinfo:eu-repo/semantics/publishedVersion, info:eu-repo/semantics/masterThesis
Sourcereponame:Repositório Institucional da UFRN, instname:Universidade Federal do Rio Grande do Norte, instacron:UFRN
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0019 seconds