Trusted cloud computing framework in critical industrial application
Cloud computing facilitates instant online unlimited access to data and computing resources, ubiquitously and pervasively through its various service delivery and deployment models. Despite the significant advantages of cloud computing, still there are concerns regarding Security, Privacy and Trust...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2015
|
Subjects: | |
Online Access: | http://eprints.utm.my/id/eprint/45321/5/MervatAdibBamiahPAIS2015.pdf http://eprints.utm.my/id/eprint/45321/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Teknologi Malaysia |
Language: | English |
Summary: | Cloud computing facilitates instant online unlimited access to data and computing resources, ubiquitously and pervasively through its various service delivery and deployment models. Despite the significant advantages of cloud computing, still there are concerns regarding Security, Privacy and Trust (SPT) that resulted from consumers’ loss of control over their confidential data since they outsource it to cloud with no knowledge of storage location or who is accessing and maintaining it. This raises the risks of insider and outsider threats besides the data breach and misuse. A Trusted Cloud Computing Framework (TCCF) is designed to overcome these SPT concerns. TCCF proposes the use of Trusted Computing Group (TCG) technologies including, Trusted Platform Module (TPM), Virtual Trusted Platform Module (VTPM), Self-Encrypting Drives (SEDs), Trusted Network Connect (TNC) and Trusted Software Stack (TSS) to initiate a trusted cloud computing platform. In addition, a Multi-Factor Authentication Single Sign on Role Base Access Control (MFA-SSO-RBAC) prototype was developed using a strict security controls. Furthermore, an additional context for cloud Service Level Agreement (SLA) was proposed to support the framework and to ensure the trustworthiness of the cloud computing services to be adopted in critical information industries specifically healthcare sector. TCCF was evaluated by developing a prototype, comprehensive comparison with previous work, compliance with standards and a survey from cloud computing, healthcare and IT security experts. Feedbacks of experts were satisfactory and they agreed with 94% on the overall security techniques used to secure the TCCF three layers. The evaluation proves that TCCF assists in optimizing the trust on cloud computing to be adopted in healthcare sector for best practices. |
---|