cloud computing security policy framework for mitigating denial of service attack

Cloud Controller SecurityPolicy Framework for

Mitigating Denial of Service Attack

Authors :Manjunath S

N.S. Anup BharadwajVenkatesh Prabhu KMuneshwara M.S

Department of CSEBMS Institute of Technology

Buzz of “Cloud Computing”

Computational Approach

Why Cloud Computing…!

Three main Features of Cloud Computing

Elastic Economies of Scale Pay as You Go

Security Issues in Cloud Computing

Flooding

Sending huge amount of non-sense

requests to server

Crawling

Impersonate an authorized user

DoS Attack…

Step Towards The SolutionSecurity Management Framework

Objectives of Proposed System

To provide high-level security mechanisms Detecting malicious access in Cloud Storage Systems Implementing Security Management

Framework

Proposed System

Cloud controller Clients Virtual machine Cloud Infrastructure Malicious process

Requirements

Software requirements OS : Windows XP/Vista Java, Sql, Servelets

Hardware requirements Intel Pentium III Processor LAN / Internet Connection to Server machine TCP / IP networking between clients and

server

For The Time Being…

Development Methods

Process Flow Diagram

Hardware Design

Software Design

Portability Integrity Extensibility

System ImplementationImplementation requirements. Selection of the platform (Operating

System). Selection of the programming

language for development of the application.

Coding guideline to be followed.

Applications

Cloud Storage for Video Surveillance

Applications

Storing Medical Records in The Cloud

High level security mechanisms for cloud storage services.

Detecting the malicious access in cloud storage systems.

Experimentation is economical.

Scaling is quick. Provides security against

DOS attacks.

The cloud resources are too expensive.

The installation process takes more time.

If the virtual machine goes down, entire system will shutdown.

Security for data access management is achieved

by mitigating denial of service attack incorporating

Security policies on cloud.

We address this security problem in the proposed

System by using cloud controller in a virtual machine

where the data access management is controlled

by blocking illegal data access on cloud.

Detection of various types of Attacks The limitations of our Security

Management framework, with respect to the accuracy of the detection

Develop the Trust Management component of the security management framework

Study the impact management framework has on the Policy Enforcement decisions