{"title":"SDSuPK:通过代理Kerberos实现安全的数据共享,提高Openstack Swift的安全性","authors":"Sima Attar Khorasani, R. Azmi, V. Sabeti","doi":"10.1109/ICCKE.2017.8167933","DOIUrl":null,"url":null,"abstract":"Cloud computing is rather new, and there're, of course, concerns like data-protection. This technology is developing as a standard for data-sharing on remote storages. Cloud has been able to convince users and companies' owners to transfer their data to Cloud so they can use Cloud resources and reduce their costs. Due to importance of data for its owners, there's always concern about security. When the amount of data sent to Cloud increases, giving permission to users and taking it back becomes a challenging topic. Also, as the number of users increases, a large workload lies on Cloud server due to authentication, which is a serious challenge of Cloud. In this paper, we focus on a trusted third-party mechanism, namely Kerberos, to address the mentioned issues. These mechanisms based on tickets are an effective way to ensure user authentication and authorization and force the least interaction and workload to the Cloud server. We designed a mechanism based on Kerberos that completely fits into Openstack Object Storage(Swift) to authenticate and authorize users who desire to access the shared objects. We implement our mechanism and overall system, and evaluate its security and performance. Our results show that our mechanism is practical and efficient.","PeriodicalId":151934,"journal":{"name":"2017 7th International Conference on Computer and Knowledge Engineering (ICCKE)","volume":"264 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"SDSuPK: Secured data sharing using proxy Kerberos to improve Openstack Swift security\",\"authors\":\"Sima Attar Khorasani, R. Azmi, V. Sabeti\",\"doi\":\"10.1109/ICCKE.2017.8167933\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing is rather new, and there're, of course, concerns like data-protection. This technology is developing as a standard for data-sharing on remote storages. Cloud has been able to convince users and companies' owners to transfer their data to Cloud so they can use Cloud resources and reduce their costs. Due to importance of data for its owners, there's always concern about security. When the amount of data sent to Cloud increases, giving permission to users and taking it back becomes a challenging topic. Also, as the number of users increases, a large workload lies on Cloud server due to authentication, which is a serious challenge of Cloud. In this paper, we focus on a trusted third-party mechanism, namely Kerberos, to address the mentioned issues. These mechanisms based on tickets are an effective way to ensure user authentication and authorization and force the least interaction and workload to the Cloud server. We designed a mechanism based on Kerberos that completely fits into Openstack Object Storage(Swift) to authenticate and authorize users who desire to access the shared objects. We implement our mechanism and overall system, and evaluate its security and performance. Our results show that our mechanism is practical and efficient.\",\"PeriodicalId\":151934,\"journal\":{\"name\":\"2017 7th International Conference on Computer and Knowledge Engineering (ICCKE)\",\"volume\":\"264 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 7th International Conference on Computer and Knowledge Engineering (ICCKE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCKE.2017.8167933\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 7th International Conference on Computer and Knowledge Engineering (ICCKE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCKE.2017.8167933","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
SDSuPK: Secured data sharing using proxy Kerberos to improve Openstack Swift security
Cloud computing is rather new, and there're, of course, concerns like data-protection. This technology is developing as a standard for data-sharing on remote storages. Cloud has been able to convince users and companies' owners to transfer their data to Cloud so they can use Cloud resources and reduce their costs. Due to importance of data for its owners, there's always concern about security. When the amount of data sent to Cloud increases, giving permission to users and taking it back becomes a challenging topic. Also, as the number of users increases, a large workload lies on Cloud server due to authentication, which is a serious challenge of Cloud. In this paper, we focus on a trusted third-party mechanism, namely Kerberos, to address the mentioned issues. These mechanisms based on tickets are an effective way to ensure user authentication and authorization and force the least interaction and workload to the Cloud server. We designed a mechanism based on Kerberos that completely fits into Openstack Object Storage(Swift) to authenticate and authorize users who desire to access the shared objects. We implement our mechanism and overall system, and evaluate its security and performance. Our results show that our mechanism is practical and efficient.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
