ارائه رویکردی جدید مبتنی بر نگاشت آشوب برای پیاده سازی فازهای امنیتی برروی شبکه ی ابر
محورهای موضوعی : مهندسی برق و کامپیوتر
آزیتا رضایی
1
,
علی برومندنیا
2
*
,
سیدجواد میرعابدینی
3
1 - گروه کامپیوتر، دانشگاه آزاد اسلامی واحد تهران جنوب، ایران
2 - گروه کامپیوتر، دانشگاه آزاد اسلامی واحد تهران جنوب، ایران
3 - گروه کامپیوتر، دانشگاه آزاد اسلامی واحد تهران مرکز، ایران
کلید واژه: الگوریتم امنیتی چندلایه (MLS), رمزنگاری, قطعهبندی دادهها, مدیریت کارگزار امنیتی.,
چکیده مقاله :
شرکتها و سازمانهای بزرگ در دنیای امروز، تمایل بسیاری به استفاده از سرویسهای ETI جهت ذخیرهسازی و انتقال دادههای خود دارند. افزایش نرخ استفاده از سرویسهای تحت شبکه، افزایش مخاطرات و حملات به دادهها در زمان ارسال و دریافت و ایجاد محیطی امن برای انجام خدمات در بستر شبکه ابر، چالشی بزرگ را در حوزه سیاست امنیتی مطرح میکند. بخش مدیریت امنیت بروکر در شبکه ابر، تأثیر زیادی در مدیریت و متعادلسازی متغیرهای امنیت، کارایی و دسترسپذیری دارد. این مقاله سعی دارد با ارائه چهار فاز امنیتی بر روی داده در زمان ارسال و دریافت بین مشتری و CSP، ضمن پیشگیری از خرابی داده در زمان سرقت، میزان بازدهی متغیرهای کارایی، متغیر دسترسپذیری و شاخص رضایتمندی مشتریان را بررسی نماید. نتایج ارزیابی بر روی سه مدل آزمایشی نشان میدهند میزان جرائم تخصیصی سیستم به میزان 41/61% کاهش و شاخص رضایت مشتریان تا 67/60% افزایش مییابد.
Today, various clients use the cloud to transfer Thing by Internet (ETI). Many companies and organizations are persuaded to use the cloud utilities in secure environment. Beside of this technology is becoming popular, the risks and attacks on data are increasing. Ultimately, a security broker management in cloud services tries to balance security, performance, and availability features availabilities. This paper tries to increase the customer satisfaction index by creating 4 phases of security on the data process during transporting between the customer and the Cloud Service Provider (CSP), while increasing efficiency and availability. Tables and graphs show that the amount of the system allocated penalty is reduced by 61.41% and the customer satisfaction index has increased by 60.67%.
[1] P. Zavarasky, R. S. Bali, and F. Jaafar, "Lightweight authentication for MQTT to improve the security of iot communication," in Proc. of the 3rd Int. Conf. on Cryptography, Security and Privacy, ICCSP'19, pp. 6-12, Kuala Lumpur Malaysia, 9-21 Jan. 2019.
[2] M. V. Pawar and J. Anuradha, "Network security and types of attacks in network," Procedia Computer Science, vol. 48, pp. 503-506, 2015.
[3] H. Singh, Z. Amin, and N. Sethi, "Review on fault tolerance techniques in cloud computing," International J. of Computer Applications, vol. 116, no. 18, pp. 11-17, 2015.
[4] S. Venugopala, J. Broberg, I. Brandic, R. Buyya, and C. S. Yeoa, "Cloud computing and emerging it platforms: vision, hype, and reality for delivering computing as the 5th utility," Future Generation Computer Systems, vol. 25, no. 6, pp. 599-616, Jun. 2008.
[5] H. Ghazanfaripour and A. Broumandnia, "Designing a digital image encryption scheme using chaotic maps with prime modular," Optics and Laser Technology, vol. 131, Article ID: 106339, 2020.
[6] A. Coen-Porisini, A. Rizzardi, and S. Sicari, "Analysis on functionalities and security features of internet of things related protocols," Wireless Networks, vol. 28, no. 7, pp. 2857-2887, 2022.
[7] C. Liao, et al., "MODECP: a multi-objective based approach for solving distributed controller placement problem in software defined network," Sensors, vol. 22, no. 15, Article ID: 22155475, 2022.
[8] L. T. Yang, G. Huang, J. Feng, and L. Xu, "Parallel GNFS algorithm integrated with parallel block Wiedemann algorithm for RSA security in cloud computing," Information Sciences, vol. 387, pp. 254-265, May 2017.
[9] A. Broumandnia, "Image encryption algorithm based on the finite fields in chaotic maps," J. of Information Security and Applications, vol. 54, Article ID: 102553, Oct. 2020.
[10] E. B. Sanjuan, I. A. Cardiel, J. A. Cerrada, and C. Cerrada, "Message queuing telemetry transport (MQTT) security: a cryptographic smart card approach," IEEE Access, vol. 8, pp. 115051-115062, 2020.
[11] Z. Shen and Q. Tong, "The security of cloud computing system enabled by trusted computing technology," in Proc. 2nd Int. Conf. on Signal Processing Systems, vol. 2, pp. 11-15, Dalian, China, 5-7 Jul. 2010.
[12] M. V. Kumar, G. Manogaran, and C. Thota, "Metaclouddatastorage architecture for big data security in cloud computing," Procedia Computer Science, vol. 87, pp. 128-133, 2016.
[13] Q. Zheng, "Improving MapReduce fault tolerance in the cloud," in Proc. IEEE Int. Symp. on Parallel Distributed Processing, Workshops and PhD Forum, IPDPSW'10, 6 pp., Atlanta, GA, USA, 19-23 Apr. 2010.
[14] S. K. Sharma, P. Gautam, and M. D. Ansari, "Enhanced security for electronic health care information using obfuscation and RSA algorithm in cloud computing," International J. of Information Security and Privacy, vol. 13, no. 1, pp. 59-69, Jan./Mar. 2019.
[15] M. Ratha, "Resource provision and QoS support with added security for client side applications in cloud computing," International J. of Information Technology, vol. 11, pp. 357–364, 2019.
[16] S. Khatri, Y. Sharma, and H. Gupta, "A security model for the enhancement of data privacy in cloud computing," in Proc. Amity Int. Conf. on Artificial Intelligence, AICAI'19, pp. 898-902, Dubai, United Arab Emirates, 4-6 Feb. 2019.
[17] I. Banerjee and N. Nesa, "Combining merkle hash tree and chaotic cryptography for secure data fusion in IoT," Trans. on Computational Science, vol. 35, pp. 85-105, 2020.
[18] M. F. Aboalmaaly, A. J. Hintaw, S. Manickam, and S. Karuppayah, "MQTT vulnerabilities, attack vectors and solutions in the internet of things (IoT)," IETE J. of Research, vol. 69, no. 6, pp. 3368-3397, 2023.
[19] G. Raines, Cloud Computing and SOA, Technical Report, the MITRE Corporation, 2009.
[20] M. Santambrogio, R. Jhawar, and V. Piur, "A comprehensive conceptual system-level approach to fault tolerance in cloud computing," in Proc. IEEE Int. Systems Conf., SysCon'12, 5 pp., Vancouver, Canada, 19-22 Mar. 2012.
[21] K. Sood, "A combined approach to ensure data security in cloud computing," J. of Network and Computer Applications, vol. 35, no. 6, pp. 1831-1838, Nov. 2012.
[22] P. Wiedera, "Fault-tolerant service level agreement lifecycle management in clouds using actor system," Future Generation Computer Systems, Elsevier B.V, vol. 54, pp. 247-259, Jan. 2016.
[23] H. Liang, D. Huang, L. X. Cai, X. Shen, and D. Peng, "Resource allocation for security services in mobile cloud computing," in Proc. IEEE Conf. on Computer Communications Workshops, INFOCOM WKSHPS'11, pp. 191-195, Shanghai, China, 10-15 Apr. 2011.
[24] Y. Protskaya, L. Veltri, F. Zanichelli, M. Amoretti, and R. Pecori, "A scalable and secure publish/subscribebased framework for industrial IoT," IEEE Trans. on Industrial Informatics, vol. 17, no. 6, pp. 3815-3825, Jun. 2021.
[25] L. Huang, S. Cai, X. Xiong, and M. Xiao, "On symmetric color image encryption system with permutation-diffusion simultaneous operation," Optics and Lasers in Engineering, vol. 115, pp. 7-20, Apr. 2019.
[26] P. Li, et al., "A novel color image encryption scheme using DNA permutation based on the Lorenz system," Multimedia Tools and Applications, vol. 77, no. 5, pp. 6243-6265, Mar. 2018.
[27] Y. Q. Zhang, X. Y. Wang, J. Liu, and Z. L. Chi, "An image encryption scheme based on the MLNCML system using DNA sequences," Optics and Lasers in Engineering, vol. 82, pp. 95-103, Jul. 2016.
[28] N. Chauhan, H. Banka, and R. Agrawal, "Delay-aware application offloading in fog environment using multi-class Brownian model," Wireless Networks, vol. 27, no. 7, pp. 4479-4495, 2021.
[29] C. A. F. De Rose, R. Buyya, R. N. Calheiros, and M. A. S. Netto, "EMUSIM: an integrated emulation and simulation environment for modeling, evaluation, and validation of performance of cloud computing applications," Software: Practice and Exprience, vol. 43, no. 2, pp. 595-612, 2013.
[30] A. Beloglazov, C. A. F. De Rose, R. Buyya, R. N. Calheiros, and R. Ranjan, "Cloudsim: a toolkit for modeling and simulation of cloud computing environments and evaluation of resource provisioning algorithms," Software-Practice and Experience, vol. 41, no. 1, pp. 23-50, Jan. 2010.
[31] T. Halabi and M. Bellaiche, "A broker-based framework for standardization and management of cloud security-SLAs," Computers and Security, vol. 75, pp. 59-71, Jun. 2018.