SDN enabled role based shared secret scheme for virtual machine security in cloud environment

Cyber Security and Applications Pub Date : 2024-01-01 DOI:10.1016/j.csa.2024.100043

H M Anitha , P Jayarekha , Audithan Sivaraman , Ashima Mehta , Nalina V

{"title":"SDN enabled role based shared secret scheme for virtual machine security in cloud environment","authors":"H M Anitha , P Jayarekha , Audithan Sivaraman , Ashima Mehta , Nalina V","doi":"10.1016/j.csa.2024.100043","DOIUrl":null,"url":null,"abstract":"<div><p>Cloud computing has given a new direction towards the usage of resources based on the demand without depending on the location. Even though there are many advantages with cloud computing there are challenges and security being one among them. Especially at Infrastructure as a Service (IaaS) level, where the actual resources are shared, security has given more importance. Robust access control mechanisms are to be applied to safeguard the cloud environment. In this paper, Software Defined Network (SDN) enabled role-based access control along with trust-based model is proposed. This model considers the roles of the users and provides the finely grained access to the virtual machines in the cloud. Secret shares are shared fairly among the users based on two parameters namely trust and roles assigned to the participants. Secret has to be reconstructed to access the Virtual Machine (VM) and to reconstruct, the secret shares are taken from different trusted users at different levels. Cloud service provider will be unaware of the secret shares which are distributed among the participant users. SDN Controller is responsible for taking care of share generation, distribution of shares among the user participants and reconstruction of secret. In order to avoid malicious user participants, trust evaluator periodically checks the trust value. The security analysis prove that scheme is more secure and efficient in comparison with other approaches.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"2 ","pages":"Article 100043"},"PeriodicalIF":0.0000,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000092/pdfft?md5=7b7cf74d1eba410032523105cad9819b&pid=1-s2.0-S2772918424000092-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cyber Security and Applications","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2772918424000092","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Cloud computing has given a new direction towards the usage of resources based on the demand without depending on the location. Even though there are many advantages with cloud computing there are challenges and security being one among them. Especially at Infrastructure as a Service (IaaS) level, where the actual resources are shared, security has given more importance. Robust access control mechanisms are to be applied to safeguard the cloud environment. In this paper, Software Defined Network (SDN) enabled role-based access control along with trust-based model is proposed. This model considers the roles of the users and provides the finely grained access to the virtual machines in the cloud. Secret shares are shared fairly among the users based on two parameters namely trust and roles assigned to the participants. Secret has to be reconstructed to access the Virtual Machine (VM) and to reconstruct, the secret shares are taken from different trusted users at different levels. Cloud service provider will be unaware of the secret shares which are distributed among the participant users. SDN Controller is responsible for taking care of share generation, distribution of shares among the user participants and reconstruction of secret. In order to avoid malicious user participants, trust evaluator periodically checks the trust value. The security analysis prove that scheme is more secure and efficient in comparison with other approaches.

查看原文本刊更多论文

云环境中基于角色的虚拟机安全共享密钥方案（SDN Enabled Role Based Shared Secret Scheme for Virtual Machine Security in Cloud Environment

云计算为根据需求使用资源提供了一个新的方向，而无需依赖地点。尽管云计算有很多优势，但也存在一些挑战，安全问题就是其中之一。特别是在基础设施即服务（IaaS）层面，由于实际资源是共享的，因此安全问题变得更加重要。必须采用强大的访问控制机制来保护云环境。本文提出了软件定义网络（SDN）支持的基于角色的访问控制和基于信任的模型。该模型考虑了用户的角色，提供了对云中虚拟机的细粒度访问。根据两个参数，即信任度和分配给参与者的角色，在用户之间公平共享秘密份额。要访问虚拟机（VM），必须重建秘密，而要重建秘密，则需要从不同级别的受信任用户处获取秘密共享。云服务提供商不知道参与者用户之间分配的秘密共享。SDN 控制器负责生成共享、在用户参与者之间分配共享和重建秘密。为了避免恶意用户参与，信任评估器会定期检查信任值。安全分析表明，与其他方法相比，该方案更安全、更高效。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Cyber Security and Applications

CiteScore

5.20

自引率

0.00%

发文量