Scalable Distributed Service Integrity
Attestation for Software-as-a-Service Clouds
Abstract—Software-as-a-service (SaaS) cloud
systems enable application service providers to deliver their applications via
massive cloud computing infrastructures. However, due to their sharing nature,
SaaS clouds are vulnerable to malicious attacks. In this paper, we present
IntTest, a scalable and effective service integrity attestation framework for
SaaS clouds. IntTest provides a novel integrated
attestation
graph analysis scheme that can provide stronger attacker pinpointing power than
previous schemes. Moreover, IntTest can automatically enhance result quality by
replacing bad results produced by malicious attackers with good results
produced by benign service providers. We have implemented a prototype of the
IntTest system and tested it on a production cloud computing infrastructure
using IBM System
S stream processing applications. Our experimental results show that IntTest
can achieve higher attacker pinpointing accuracy than existing approaches.
IntTest does not require any special hardware or secure kernel support and
imposes little performance impact to the application, which makes it practical
for large-scale cloud systems.
Existing system:
cloud
computing infrastructures are often shared by ASPs from different security
domains, which make them vulnerable to malicious attacks .
Forexample,
attackers can pretend to be legitimate service providers to provide fake
service components, and the service components provided by benign service
providers may include security holes that can be exploited by attackers.
Our work focuses on service integrity attacks that
cause the user to receive untruthful data processing results.
Disadvantages:
those techniques
often require special trusted hardware or secure kernel support, which makes
them difficult to be deployed on large-scale cloud computing infrastructures
Proposed system:
we
present IntTest, a new integrated service integrity attestation framework for
multitenant cloud systems.
IntTest
provides a practical service integrity attestation scheme that does not assume
trusted entities on third-party service provisioning sites or require
application modifications.
IntTest
builds upon our previous work RunTest [26] and AdapTest [27] but can provide
stronger malicious attacker pinpointing power than RunTest and AdapTest.
Specifically, both RunText and AdapTest
Advantages :
We present a novel
integrated service integrity attestation scheme that can achieve higher
pinpointing accuracy than previous techniques.
Result
autocorrection technique that can automatically correct the corrupted results produced
by malicious attackers.
Both analytical
study and experimental evaluation to quantify the accuracy and overhead of the
integrated service integrity attestation scheme.
SYSTEM SPECIFICATION
Hardware Requirements:
•
System :
Pentium IV 2.4 GHz.
•
Hard Disk : 40 GB.
•
Floppy Drive : 1.44 Mb.
•
Monitor : 14’ Colour Monitor.
•
Mouse : Optical Mouse.
•
Ram : 512 Mb.
Software Requirements:
•
Operating system : Windows7 32-bit Ultimate OS.
•
Coding Language : C#.Net
•
Data Base : SQL Server 2008.
Scalable Distributed Service Integrity
Attestation for Software-as-a-Service Clouds
ABSTRACT:
Software-as-a-service (SaaS) cloud systems enable application
service providers to deliver their applications via massive cloud computing
infrastructures. However, due to their sharing nature, SaaS clouds are
vulnerable to malicious attacks. In this paper, we present IntTest, a scalable
and effective service integrity attestation framework for SaaS clouds. IntTest
provides a novel integrated attestation graph analysis scheme that can provide
stronger attacker pinpointing power than previous schemes. Moreover, IntTest
can automatically enhance result quality by replacing bad results produced by
malicious attackers with good results produced by benign service providers. We
have implemented a prototype of the IntTest system and tested it on a
production cloud computing infrastructure using IBM System S stream processing
applications. Our experimental results show that IntTest can achieve higher
attacker pinpointing accuracy than existing approaches. IntTest does not
require any special hardware or secure kernel support and imposes little performance
impact to the application, which makes it practical for large-scale cloud
systems.
EXISTING SYSTEM:
Which enable application service providers (ASPs) to deliver
their applications via the massive cloud computing infrastructure. In
particular, our work focuses on data stream processing services that are
considered to be one class of killer applications for clouds with many
real-world applications in security surveillance, scientific computing, and
business intelligence. However, cloud computing infrastructures are often
shared by ASPs from different security domains, which make them vulnerable to
malicious attacks. For example, attackers can pretend to be legitimate service
providers to provide fake service components, and the service components provided
by benign service providers may include security holes that can be exploited by
attackers.
DISADVANTAGES OF EXISTING SYSTEM:
·
Those techniques often
require special trusted hardware or secure kernel support.
·
Which makes them
difficult to be deployed on large-scale cloud computing infrastructures.
PROPOSED SYSTEM:
In this paper, we present IntTest, a new integrated service
integrity attestation framework for multitenant cloud systems. IntTest provides
a practical service integrity attestation scheme that does not assume trusted
entities on third-party service provisioning sites or require application
modifications. IntTest builds upon our previous work RunTest and AdapTest but
can provide stronger malicious attacker pinpointing power than RunTest and
AdapTest. Specifically, both RunText and AdapTest as well as traditional
majority voting schemes need to assume that benign service providers take
majority in every service function. However, in large-scale multitenant cloud
systems, multiple malicious attackers may launch colluding attacks on certain
targeted service functions to invalidate the assumption. To address the
challenge, IntTest takes a holistic approach by systematically examining both
consistency and inconsistency relationships among different service providers
within the entire cloud system. IntTest examines both per-function consistency
graphs and the global.
ADVANTAGES OF PROPOSED SYSTEM:
·
A scalable and
efficient distributed service integrity attestation framework for large scale
cloud computing infrastructures.
·
A novel integrated
service integrity attestation scheme that can achieve higher pinpointing
accuracy than previous techniques.
·
A result auto
correction technique that can automatically correct the corrupted results
produced by malicious attackers.
·
Both analytical study
and experimental evaluation to quantify the accuracy and overhead of the
integrated service integrity attestation scheme.
SYSTEM ARCHITECTURE:
SYSTEM REQUIREMENTS:
HARDWARE REQUIREMENTS:
·
System :
Pentium IV 2.4 GHz.
·
Hard
Disk : 40 GB.
·
Floppy Drive : 44 Mb.
·
Monitor : 15 VGA
Colour.
·
Ram : 512 Mb.
SOFTWARE REQUIREMENTS:
·
Operating system :
Windows XP/7.
·
Coding Language : net,
C#.net
·
Tool : Visual Studio
2010
·
Database : SQL SERVER
2008
REFERENCE:
Juan Du, Daniel J. Dean, Yongmin Tan, Xiaohui
Gu, and Ting Yu “Scalable Distributed Service
Integrity Attestation for Software-as-a-Service Clouds” IEEE TRANSACTIONS ON
PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 25, NO. 3, MARCH 2014
No comments:
Post a Comment