cs158b_project 1 mobile cloud computing & security

CS158B_Project 1

Mobile Cloud Computing & Security

Group5

Khanh DaoYihua Wu

Aathvan Thaybaran

Outline1. Cloud Computing and Analogy2. Mobile Cloud Computing Definition3. Why do we care?4. Security concerned5. Project3 implementation

What is Cloud Computing?• The delivery of computing as a service rather

than a product, whereby shared resources, software and information are provided to computers and other devices as a utility over a network . (Wikipedia)

http://en.wikipedia.org/wiki/Cloud_computing

http://upload.wikimedia.org/wikipedia/commons/b/b5/Cloud_computing.svg

Analogy - Electricity Grid• Based on a delivery concept

▫ Utility company deliver Power to consumers▫ Cloud deliver Computing Resources to clients

• Costs are based on usage▫ Consumer turns on a light switch▫ Clients connect to the Cloud

• Consumer/Client no need to understand any knowledge about the hardware, technicals

• Shared model that utilizes resources more efficiently overall

http://siliconangle.com/blog/2010/02/04/cloud-computing-and-that-utility-analogy%E2%80%A6/

Analogy - Electricity Grid

http://siliconangle.com/blog/2010/02/04/cloud-computing-and-that-utility-analogy%E2%80%A6/

Why Cloud Computing?1. Better utilization of Computing Resources

2. Cost efficient: Clients no need to purchase the hardware equipment and software

3. All cost is based on usage

4. No compatibility concerned between SW & HW

5. No maintenance required


Layers

SaaS (Software as a service)

PaaS (Platform as a service)

IaaS (Infrastructure as service)


• Client: computers, phones, services, browser…

• SaaS: deliver software as a service over the Internet, eliminating the need to install and run the application on the customer's own computers and simplifying maintenance and support.

• PaaS: facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers

• IaaS: deliever platform infrastructure such as platform virtualization environment

• Server: delivery of cloud services, including multi-core processors, cloud-specific operating systems and combined offering

http://pyramid.gogrid.com/glossary/

http://pyramid.gogrid.com/glossary/

http://collaborate.nist.gov/twikicloudcomputing/pub/CloudComputing/ReferenceArchitectureTaxonomy/NIST_CC_Reference_Architecture_v1_March_30_2011.pdf

Deployment model•Public Cloud

•Community Cloud

•Private Cloud

•Hybrid Cloud

Cloud computing Example:• Infrastructure-as-a-Service (IaaS) Amazon Web Services provides virtual servers with unique IP

addresses and blocks of storage on demand;

• Platform-as-a-Service (PaaS) Google apps – A set of software and development tools hosted on

the provider’s servers.

• Software-as-a-Service (SaaS) Web based email – in which the provider allows the customer only to use its applications.

http://www.opengardensblog.futuretext.com/archives/2010/03/mobile_cloud_co_2.html

http://mobileoffice.about.com/od/workingontheroad/f/cloudcomputing.htm

Wireless Cloud Computing

• So-called the “Mobile Cloud”

• It is a derivative of Cloud Computing that refers to an infrastructure where both the data storage and the data processing happen outside on a cloud computing platform rather than on the mobile devices themselves.

http://www.ibm.com/developerworks/cloud/library/cl-mobilecloudcomputing

http://www.ibm.com/developerworks/cloud/library/cl-mobilecloudcomputing/

Technology:• Wi-Fi:

Produce network coverage. A wireless access point device is required to provide wire free network coverage in the designated area. Device built on 802.11b and 802.11g, transmits data at 2.4 GHz whereas devices with 802.11a standards transmit at 5 GHz.

• WiMax: Represents the next generation of wireless networking can transmit

data up to a distance of 48 km (maximum networking speed of 70 Mbps). Better facilities than Wi-Fi: greater bandwidth and high information security by utilizing enhanced encryption schemes.

Provide service in both Line Of Sight (LOS) and Non-Line of Sight (NLOS) locations, but range may vary accordingly.

Supports a number of communication protocols, and can act as the backbone network for an ISP (Internet service provider) as well as telecom service provider.

Technology (cont.)• Devices:

Laptops, tablet PCs, notebook PCs, personal digital assistant (PDAs), and palmtops including other hand held devices. A radio-signaling device is required to install inside these devices in order to receive and transmit electronic data.

• Mobile computing devices can use any of these networks to access the internet or connect to a LAN (nearby region network) or WAN (wide region network) server. They use networking software program for adjusting device settings to suit specific network requirements.

http://www.brisbanecomputerrepairs.com/brisbane-computer-repairs/mobile-computers/mobile-computing-and-its-advantages/

Characteristics• Distributed infrastructure that supported a wealth of application

• Extends cloud computing by providing enhanced service availability

• Exploiting information about a user’s location, context and network intelligence, thereby considerably improving user experience

• Leveraging the mobile device storage, sensing and processing resources for optimizing cloud-based application also adds to better user experience

http://www.datacenterknowledge.com/archives/2011/05/09/the-mobile-cloud-what-it-is-why-it-matters


Mobile Cloud Example1:• The Amazon “Silk” on the Amazon Fire Tablet

Amazon’s Fire tablet uses cloud computing to speed up browsing. This is called Amazon Silk. Amazon Silk deploys a split-architecture.

•How does Silk work?

▫ Each time a user loads a web page, Silk makes a dynamic decision about which of these subsystems will run locally and which will execute remotely.

▫ Predictive caching is used to speed up browsing on the user end

▫ Amazon leverages the fact that it owns one of the largest cloud computing resources in the planet to ease the load on the mobile device's resources.

Mobile Cloud Example2:• Google’s mobile cloud computing

Like Amazon, Google too heavily uses its mobile cloud computing to speed up as well as offer new and enhanced services to its users, especially for mobiles running the android OS

• Google Goggles▫ Google Goggles visual search engine figures out the

content of photos taken by cell phones.

• Google Maps/Navigation▫ GPS and turn-by-turn instructions piped to the cell phone.

• Google Voice Search/Speech Recognition▫ By using its mobile cloud computing, Google is able to

utilize the power of its server’s computing power to solve problems and process applications which cannot be done on the mobile device.

Mobile Cloud Example3:

• Apple's iCloudUpdates/Changes on a single device (e.g. iPad) are sync to the iCloud in real-time, iCloud then automatically pushes the updated documents onto all connected iOS devices(e.g. iPhone, iPod)

http://www.apple.com/icloud/

• Documents▫ No need to move documents from one device to another manually▫ Updated from one device is sync across all other devices in real-time

• Contents (e.g. Music, Movie, App)▫ Purchase content from a single device, the content will be

downloaded automatically to all other devices at no additional cost

• Everything is done automatically and wirelessly



Using the Mobile Cloud• Cloud-based mobile apps are perfectly capable of being packaged in

a way that allows them to be sold alongside traditional mobile apps in mobile application store

• Scale far beyond the capabilities of any smartphone. Instead of being limited to the data storage and processing power contained in a mobile device, cloud apps have all the power of a server-based computing infrastructure accessible through an app's mobile interface.

• Not only allows owners of “non-smartphones” the ability to access the same mobile applications used on more advanced platforms, it also allows the apps themselves to become more powerful and capable of more

5 Reasons to care….

1. Mobile cloud computing is big in size

• At the end of 2009, mobile phones were four billion. By 2013, that number is projected to grow to 6 billion.

• Increasing number of mobile application such as Ebook readers, photo frames, printers, photo and video cameras, personal navigators…

2. Mobile cloud computing is a need – form

factor and other needs.

• Mobile devices that access the Internet are performing mobile cloud computing: handsets need to borrow storage and computing power from the cloud.

• Therefore, they rely on the cloud to get real time information

• Ex: wireless car navigator get information on traffic conditions and plan the routes accordingly

Accessing data in the cloud from mobile devices is becoming a basic need.

3. Mobile cloud needs interoperability

• Users' data must be preserved at all costs. Ex: Problem with lost data when sync your music playlist

with another phone

• It is more important than ever that people have the full ability to access and preserve their data, which means the open mobile cloud.

4. Mobile cloud largely depends on locked-down devices

• Network operators don't want users to be too free, so most of them prevent users to run applications that are not digitally signed.

Ex: iPhone clients only can sync contact in official Apple SDK

5. Mobile cloud is an opportunity for free

software providers

• Resting on the cloud and network services, free and open source software should rely on licenses that prevent abuse.

Ex: Free Software Foundation has contributed a very good tool to bring freedom to the cloud: Affero GPL v3 (AGPLv3)

http://www.ifosslr.org/ifosslr/article/view/24/47


Limitations:• Insufficient bandwidth:

▫ Slower than direct cable connections, usually available within range of commercial cell phone towers. Higher speed wireless LANs are inexpensive but have very limited range.

• Security standards:▫ When working mobile, one is dependent on public networks, requiring

careful use of VPN. Security is a major concern while concerning the mobile computing standards on the fleet. One can easily attack the VPN through a huge number of networks interconnected through the line.

• Power consumption: ▫ When a power outlet or portable generator is not available, mobile

computers must rely entirely on battery power. Combined with the compact size of many mobile devices, this often means unusually expensive batteries must be used to obtain the necessary battery life.

Limitations (cont.)• Transmission interferences:

▫ Weather, terrain, and the range from the nearest signal point can all interfere with signal reception. Reception in tunnels, some buildings, and rural areas is often poor.

• Potential health hazards: ▫ People who use mobile devices while driving are often distracted from

driving are thus assumed more likely to be involved in traffic accidents.Cell phones may interfere with sensitive medical devices. There are allegations that cell phone signals may cause health problems.

• Human interface with device:▫ Screens and keyboards tend to be small, which may make them hard to

use. Alternate input methods such as speech or handwriting recognition require training.

http://en.wikipedia.org/wiki/Mobile_computing

Identified Key Challenges

• Decreasing network latency to allow apps and code offload interactivity.

• Improving network bandwidth to speed up data transfer within the cloud and other devices.

• A scalable way of monitoring network conditions to maximize network and device costs that are parallel to the performance of cloud applications.

http://cloudtimes.org/overcoming-challenges-in-mobile-cloud-computing/

1. Improving latency setbacks• Keeping the applications as close to the users, since latency

is significantly affected by distance.

• Allow service providers to re-route internet traffic logically based on location and cache capabilities, therefore saving bandwidth effectively.

2. Improving Bandwidth

• More and more providers have offered 4G/LTE services, which has advantages of data storage capacity, low latency, plug and play features and supports both FDD and TDD using the same platform. LTE is also loaded on speed that is capable of download peak rates of 100 Mbps and upload of 50 Mbps.

• HTML5 data caching capabilities enable applications to work offline, bringing mobile Web applications closer with native applications, provided features deployed in mobile applications making them platform independent.

3. Scalable and dynamic network monitoring

• “Manage the multi-screen experience in the mobile world.” allow traffic re-routing, access swapping and handover.

• Ex: if the user starts a session on a tablet, and then moves to a smart phone or car, how do we make data check in and out automatically? The issue is stickiness, not just provisioning. Then you need to have a decent interconnection with consistency of management.

http://www.datacenterknowledge.com/archives/2011/05/09/the-mobile-cloud-what-it-is-why-it-matters/

Designing for Security in Mobile Computing

• Issues: malware, authentication, information integrity, and identification.

• Techniques: Firewalls, authentication servers, biometrics, cryptography, intrusion detection, virus protection, and VPNs.

http://mobileinfo.com/Security/index.htm

Most Important Issues Concerned• Privacy

“Location cloaking”: Make data submitted either spatially or temporally imprecise. Cost can reduce the quality of service delivered by the applications. Ex: Mobile client imprecise leads to irrelevant or perhaps miss relevant results.

• Data OwnershipIf a user purchases media using a given service and the media itself is stored remotely there is a risk of losing access to the purchased media. The service used could go out of business or could deny access to the user for some other reason.

• Data Access and SecurityMCC is particularly vulnerable due to multiple points at which access can be interrupted. Reception and high speed availability can vary greatly for mobile devices. In addition to this, particular services used may have downtime. Finally, there can be issues of data becoming locked in to a particular service.

http://www.cs.wustl.edu/~jain/cse574-10/ftp/cloud/index.html#sec52

Analogy - Electricity Grid

Wireless Cloud Computing Security

• Problem

• How can the organization know if an employee is using a safe device?

• What if the device falls into the wrong hands and an unauthorized person manages to hack the passwords stored on the device and access corporate information?

http://blogs.safenet-inc.com/2011/03/gearing-up-for-mobile-cloud-security/


• Objective

• To protect identities by maintaining the integrity of credentials stored on the device

• To protect cloud-based applications and data by preventing unauthorized access from mobile devices

http://blogs.safenet-inc.com/2011/03/gearing-up-for-mobile-cloud-security/


• Solution


• Cloud-access protection: Use strong authentication to ensure that only personnel with

authorization can access cloud-based services. Ex: By using one-time passwords, rather than locally stored

passwords on the handsets, it’s possible to maintain a higher security level in the mobile cloud.

• Embedded device identity protection: Embed an personalized configuration profile on each employee

mobile device, thereby implementing a personal security token or credential on each mobile device. Hence, only employees with trusted devices that comply with corporate security policy can access corporate applications and data.Ex: Private cloud setting.

Secure Mobile Architecture: (SMA)• Developed by a team of Boeing, Lockheed-Martin, Motorola, IBM,

Hewlett-Packard, NetmotionWireless, and the University of St Thomas.

• Its central features were the use of ▫ Host Identity Protocol (HIP)▫ Cryptographic identities,▫ Secure directories, ▫ Location

SMA Components: • Host Identity Payload (HIP):

▫ provides a mechanism by which the identity of the equipment or its user is carried securely in every packet.

• Public Key Infrastructure (PKI): ▫ provides cryptographic identities for the HIP protocol.

• Secure Directory: ▫ retains information about the user, the owner, the machine, and

other policy relevant information.

• Location: ▫ the location of the user or computing device is an integral part of

the secure and mobile architecture.

http://en.wikipedia.org/wiki/Secure_Mobile_Architecture_(SMA)

Network Element• NMS Client

▫ Allow users to query/enter request to obtain information/alarm/event from the NMS Server

▫ Display NE MIB, RMON MIB and other information the users request • NMS Server

▫ Consist of a Communication Manager that communicates with the NMS Client, a RMON MIB, another Communication Manager communicates with the NE Simulator

▫ RMON is the major component of NMS Server and responsible for handling requests, alarms and events

• NE Simulator▫ Store MIB data, reply user requests, report alarm and events

RMON Mib

Purposes:

•Use Network Management Techniques to

▫ To define and ensure identity▫ Access authentications

RMON for implementations:Statistic Contains statistics

measured by the probe for each monitored interface on this device.

Packets dropped, packets sent, bytes sent (octets), broadcast packets, multicast packets, CRC errors, runts, giants, fragments, jabbers, collisions, and counters for packets ranging from 64 to 128, 128 to 256, 256 to 512, 512 to 1024, and 1024 to 1518 bytes.

Alarm Periodically takes statistical samples and compares them with set thresholds for events generation.

Includes the alarm table and requires the implementation of the event group. Alarm type, interval, starting threshold, stop threshold.

History Records periodic statistical samples from a network and stores for retrieval.

Sample period, number of samples, items sampled.

Events Controls the generation and notification of events from this device.

Event type, description, last time event sent

References:

• http://en.wikipedia.org/wiki/Cloud_computing• http://en.wikipedia.org/wiki/Cloud_computing_security• http://www.darkreading.com/security/application-security/223400093/index.html• http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/mxinf_ds.pdf• http://collaborate.nist.gov/twiki-cloud-computing/pub/CloudComputing/ReferenceArch

itectureTaxonomy/NIST_CC_Reference_Architecture_v1_March_30_2011.pdf• http://www.datacenterknowledge.com/archives/2011/05/09/the-mobile-cloud-what-it-is

-why-it-matters• http://en.wikipedia.org/wiki/Software_as_a_service• http://www.ifosslr.org/ifosslr/article/view/24/47• http://www.cs.wustl.edu/~jain/cse574-10/ftp/cloud/index.html#sec52• http://cloudtimes.org/overcoming-challenges-in-mobile-cloud-computing/


http://en.wikipedia.org/wiki/Cloud_computing_security

http://www.darkreading.com/security/application-security/223400093/index.html

http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/mxinf_ds.pdf

http://collaborate.nist.gov/twiki-cloud-computing/pub/CloudComputing/ReferenceArchitectureTaxonomy/NIST_CC_Reference_Architecture_v1_March_30_2011.pdf

http://collaborate.nist.gov/twiki-cloud-computing/pub/CloudComputing/ReferenceArchitectureTaxonomy/NIST_CC_Reference_Architecture_v1_March_30_2011.pdf



http://en.wikipedia.org/wiki/Software_as_a_service


http://www.cs.wustl.edu/~jain/cse574-10/ftp/cloud/index.html

http://cloudtimes.org/overcoming-challenges-in-mobile-cloud-computing/

cs158b_project 1 mobile cloud computing & security

Documents

computing resources

delivery of computing

outlinecloud computing

windows vista

title of presentation

product names

informational purposes

market conditions