Xinwen Zhang
Joshua Schiffman
ABSTRACT
Cloud computing provides elastic computing infrastructure and resources which enable resource-on-demand and pay-as-you-go utility computing models. We believe that new applications can leverage these models to achieve new features that are not available for legacy applications. In our project we aim to build elastic applications which augment resource-constrained platforms, such as mobile phones, with elastic computing resources from clouds. An elastic application consists of one or more weblets, each of which can be launched on a device or cloud, and can be migrated between them according to dynamic changes of the computing environment or user preferences on the device. This paper overviews the general concept of this new application model, analyzes its unique security requirements, and presents our design considerations to build secure elastic applications. As first steps we propose a solution for authentication and secure session management between weblets running device side and those on the cloud. We then propose secure migration and how to authorize cloud weblets to access sensitive user data such as via external web services. We believe some principles in our solution can be applied in other cloud computing scenarios such as application integration between private and public clouds in an enterprise environment.
- Amazon EC2, http://aws.amazon.com/ec2/.Google Scholar
- Mcafee mobile security report 2009, http://www.mcafee.com/us/local_content/reports/mobile_security_report_2009.pdf.Google Scholar
- Oauth, http://oauth.net.Google Scholar
- Tcg mobile reference architecture specification, https://www.trustedcomputinggroup.org/specs/mobilephone/tcgmobile-reference-architecture-1.0.pdf.Google Scholar
- TCG Specification Architecture Overview. https://www.trustedcomputinggroup.org.Google Scholar
- M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia. Above the clouds: A berkeley view of cloud computing. Technical Report UCB/EECS-2009-28, 2009.Google Scholar
- R. K. Balan, M. Satyanarayanan, S. Park, and T. Okoshi. Tactics-based remote execution for mobile computing. In Proc. of MobiSys, 2003. Google ScholarDigital Library
- B.-G. Chun and P. Maniatis. Augmented smartphone applications through clone cloud execution. In USENIX HotOS XII, 2009. Google ScholarDigital Library
- L. S. Clair, J. Schiffman, T. Jaeger, and P. McDaniel. Establishing and sustaining system integrity via root of trust installation. In Proc. of ACSAC, 2007.Google ScholarCross Ref
- S. Goyal and J. Carter. A lightweight secure cyber foraging infrastructure for resource-constrained devices. In Proc. of the IEEE Workshop on Mobile Computing Systems and Applications. Google ScholarDigital Library
- G. C. Hunt, M. L. Scott, G. C. Hunt, and M. L. Scott. The coign automatic distributed partitioning system. In Proc. of OSDI, 1999. Google ScholarDigital Library
- M. Hypponen. State of cell phone malware in 2007, http://www.usenix.org/events/sec07/tech/hypponen.pdf.Google Scholar
- J. McCune, S. Berger, R. Caceres, T. Jaeger, and R. Sailer. Shamon: A system for distributed mandatory access control. In Proc. of ACSAC, 2006. Google ScholarDigital Library
- A. Messer, I. Greenberg, P. Bernadat, D. Milojicic, D. Chen, T. Giuli, and X. Gu. Towards a distributed platform for resource-constrained devices. Technical Report HPL-2002-26, HP Laboratories, 2002.Google ScholarCross Ref
- C. Pautasso, O. Zimmermann, and F. Leymann. Restful web services vs. big web services: Making the right architectural decision. In Proc. of WWW, 2008. Google ScholarDigital Library
- R. Sailer, T. Jaeger, X. Zhang, and L. van Doorn. Attestation-based policy enforcement for remote access. In Proc. of ACM CCS, 2004. Google ScholarDigital Library
- N. Santos, K. P. Gummadi, and R. Rodrigues. Towards trusted cloud computing. In USENIX HotCloud, 2009. Google ScholarDigital Library
- E. Shi, A. Perrig, and L. V. Doorn. Bind: a fine-grained attestation service for secure distributed systems. In Proc. of IEEE Symposium on Security and Privacy, 2005. Google ScholarDigital Library
Index Terms
- Securing elastic applications on mobile devices for cloud computing
Recommendations
Towards an Elastic Application Model for Augmenting the Computing Capabilities of Mobile Devices with Cloud Computing
We propose a new elastic application model that enables seamless and transparent use of cloud resources to augment the capability of resource-constrained mobile devices. The salient features of this model include the partition of a single application ...
Towards secure mobile cloud computing: A survey
Mobile cloud computing is gaining popularity among mobile users. The ABI Research predicts that the number of mobile cloud computing subscribers is expected to grow from 42.8 million (1.1% of total mobile users) in 2008 to 998 million (19% of total ...
Open Challenges in Security of Cloud Computing
BDAW '16: Proceedings of the International Conference on Big Data and Advanced Wireless TechnologiesCloud Computing has been on the rise with the advent of Internet of Things and the whole Big Data revolution. There a numerous Cloud Computing Service Providers to choose from. However, the major concern of Cloud Computing is the Security and Privacy ...
Comments