Volume 14 , Issue 1 , PP: 79-95, 2024 | Cite this article as | XML | Html | PDF | Full Length Article
Mohammed Saffran 1 * , Shailendra Mishra 2
Doi: https://doi.org/10.54216/JCIM.140106
The study delves into the security architecture of OpenStack, an open-source cloud platform that is increasingly prevalent in modern computing environments. Its primary goal is to rigorously assess and confirm hypotheses about OpenStack's security infrastructure while identifying vulnerabilities and potential threats using a comprehensive security evaluation framework. The study utilizes a multifaceted security assessment methodology to analyze both private and public cloud deployments of OpenStack. This methodology involves various techniques, including vulnerability scanning, penetration testing, and analysis of security policies and configurations. Benchmarking against industry standards and previous studies further strengthens the analytical framework, ensuring a thorough exploration of various dimensions of OpenStack security. The assessment revealed that OpenStack has a robust security posture, with vulnerabilities detected in only 2% of cases across both private and public cloud deployments. The study also found a resilience rate of 95% against common security challenges. The comprehensive analysis covered various dimensions of OpenStack security, providing valuable insights into the platform's security resilience and vulnerabilities, thereby significantly contributing to the body of knowledge in cloud security research. The research underscores the importance of implementing robust security protocols in OpenStack environments to ensure the reliability of cloud infrastructure. Regular security updates and adherence to best practices can strengthen the security posture of OpenStack deployments. The insights from this study can inform the development of guidelines and policies aimed at enhancing security practices in cloud computing environments. Overall, the study evaluates the security framework of OpenStack and emphasizes the significance of implementing robust security measures to ensure the dependability of cloud infrastructure, guiding the creation of recommendations and superior practices for strengthening security in cloud computing environments.
OpenStack security analysis , Cloud platform vulnerabilities , Comprehensive security assessment , Resilience against cyber threats , Robust security measures , Cloud deployment integrity.
[1] Amani, M., Ghorbanian, A., Ahmadi, S. A., Kakooei, M., Moghimi, A., Mirmazloumi, S. M., Moghaddam, S. H. A., Mahdavi, S., Ghahremanloo, M., & Parsian, S. (2020). Google earth engine cloud computing platform for remote sensing big data applications: A comprehensive review. IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing, 13, 5326-5350.
[2] Deci, E. L., Eghrari, H., Patrick, B. C., & Leone, D. R. (1994). Facilitating internalization: The self-determination theory perspective. Journal of Personality, 62(1), 119-142.
[3] Odun-Ayo, I., Falade, A., & Samuel, V. (2018). Cloud Computing and Open Source Software: Issues and Developments.
[4] Celeste, D. (2020). Securing the Cloud: An Analysis of Cloud Migration Challenges [Utica College].
[5] Benomar, Z., Longo, F., Merlino, G., & Puliafito, A. (2021). Cloud-based network virtualization in IoT with OpenStack. ACM Transactions on Internet Technology (TOIT), 22(1), 1-26.
[6] Chowdhury, S., Nandi, A., Ahmad, M., Jain, A., & Pawar, M. (2021). A Comprehensive Survey for Detection and Prevention of SQL Injection. 2021 7th International Conference on Advanced Computing and Communication Systems (ICACCS).
[7] Virupakshar, K. B., Asundi, M., Channal, K., Shettar, P., Patil, S., & Narayan, D. (2020). Distributed denial of service (DDoS) attacks detection system for OpenStack-based private cloud. Procedia Computer Science, 167, 2297-2307.
[8] Nithiasree, B., Prakash, R., & Shenbaga Sundar, R. (2021). A Survey on Cloud Security Threats and Solution for Secure Data in Data Stages. 2021 International Journal of Computer Techniques (IJCT), 8(2).
[9] Redhat. (2020). What is open source? https://www.redhat.com/en/topics/open-source/what-is-open-source
[10] OpenStack. (2022). OpenStack components and services. https://www.openstack.org/software/project-navigator/openstack-components#openstack-services
[11] cloudstack. (2021). Installation overview — Apache CloudStack Installation Documentation 4.6.0 documentation. http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.6/overview/
[12] Smith, K., & Johnson, R. (2016). Supporting autonomy in the classroom: Strategies for teachers. Educational Psychology Review, 28(1), 67-83.
[13] Pelle, I., Czentye, J., Dóka, J., Kern, A., Gerő, B. P., & Sonkoly, B. (2020). Operating latency sensitive applications on public serverless edge cloud platforms. IEEE Internet of Things Journal, 8(10), 7954-7972.
[14] Ko, I., Chambers, D., & Barrett, E. (2020). Adaptable feature-selecting and threshold-moving complete autoencoder for DDoS flood attack mitigation. Journal of Information Security and Applications, 55. https://doi.org/10.1016/j.jisa.2020.102647
[15] Kareem, F. Q., Ameen, S. Y., Salih, A. A., Ahmed, D. M., Kak, S. F., Yasin, H. M., Ibrahim, I. M., Ahmed, A. M., Rashid, Z. N., & Omar, N. (2021). SQL injection attacks prevention system technology. Asian Journal of Research in Computer Science, 13, 32.
[16] Bystrov, O., Pacevič, R., & Kačeniauskas, A. (2021). Performance of Communication- and Computation-Intensive SaaS on the OpenStack Cloud. Applied Sciences, 11(16). https://doi.org/10.3390/app11167379
[17] Smith, R. M., & Jones, P. A. (2018). Fostering relatedness in the classroom: A review of strategies for educators. Educational Psychology Review, 30(2), 477-493.
[18] Wibowo, R. M., & Sulaksono, A. (2021). Web Vulnerability Through Cross Site Scripting (XSS) Detection with OWASP Security Shepherd. Indonesian Journal of Information Systems, 3(2), 149-159.
[19] Deci, E. L., Schwartz, A. J., Sheinman, L., & Ryan, R. M. (1981). An instrument to assess adults' orientations toward control versus autonomy with children: Reflections on intrinsic motivation and perceived competence. Journal of Educational Psychology, 73(5), 642-650.
[20] Turk, K., Pastrana, S., & Collier, B. (2020). A tight scrape: Methodological approaches to cybercrime research data collection in adversarial environments. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).
[21] Deci, E. L., Vallerand, R. J., Pelletier, L. G., & Ryan, R. M. (1991). Motivation and education: The self-determination perspective. Educational Psychologist, 26(3-4), 325-346.
[22] Mondal, S., & Choudhary, A. (2021). Combating DoS Attack on OpenStack Using Hypervisor Based Intrusion Detection System with the Help of Machine Learning. Proceedings of International Conference on Big Data, Machine Learning and their Applications.
[23] Sheldon, K. M., & Kasser, T. (1995). Coherence and congruence: Two aspects of personality integration. Journal of Personality and Social Psychology, 68(3), 531-543.
[24] Ross, K., Moh, M., Moh, T.-S., & Yao, J. (2018). Multi-source data analysis and evaluation of machine learning techniques for SQL injection detection. Proceedings of the ACMSE 2018 Conference.
[25] Alouffi, B., Hasnain, M., Alharbi, A., Alosaimi, W., Alyami, H., & Ayaz, M. (2021). A Systematic Literature Review on Cloud Computing Security: Threats and Mitigation Strategies. IEEE Access, 9, 57792-57807. https://doi.org/10.1109/access.2021.3073203
[26] Shobana, R. (2021). Bypassing Two Factor Authentication Based On Classification Using Aho-Corasick Matching Algorithm For NoSQL Databases. Turkish Journal of Computer and Mathematics Education (TURCOMAT), 12(10), 2947-2956.
[27] Uddin, M., Ali, M., & Hassan, M. K. (2020). Cybersecurity hazards and financial system vulnerability: a synthesis of literature. Risk Management, 22(4), 239-309.
[28] Caballer, M., Antonacci, M., Šustr, Z., Perniola, M., & Moltó, G. (2021). Deployment of elastic virtual hybrid clusters across cloud sites. Journal of Grid Computing, 19(1), 1-16.
[29] Deci, E. L., & Ryan, R. M. (2000). Self-determination theory and the facilitation of intrinsic motivation, social development, and well-being. American Psychologist, 55(1), 68-78.
[30] LAKUM, T., & REDDY, B. T. (2022). AN EFFICIENT FILE ACCESS CONTROL TECHNIQUE FOR SHARED CLOUD DATA SECURITY THROUGH KEY-SIGNATURES SEARCH SCHEME. Journal of Theoretical and Applied Information Technology, 100(1).
[31] Informatica. (2021). Hadoop Cluster Hardware Recommendations. Retrieved 24, March from https://docs.informatica.com/data-engineering/data-engineering-integration/h2l/1415-tuning-and-sizing-guidelines-for-data-engineering-integrati/tuning-and-sizing-guidelines-for-data-engineering-integration--1/sizing-recommendations/hadoop-cluster-hardware-recommendations.html
[32] Thombare, B. M., & Soni, D. R. (2022). Prevention of SQL Injection Attack by Using Black Box Testing. 23rd International Conference on Distributed Computing and Networking.
[33] Hyder, M. F., & Tooba, S. (2021). Performance Evaluation of RSA-based Secure Cloud Storage Protocol using OpenStack. Engineering, Technology & Applied Science Research, 11(4), 7321-7325.
[34] Tripathy, D., Gohil, R., & Halabi, T. (2020). Detecting SQL injection attacks in cloud SaaS using machine learning. 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing,(HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS).
[35] Zhao, J., & Liu, C. (2020). Design and Implementation of SQL Injection Vulnerability Scanning Tool. Journal of Physics: Conference Series.
[36] Tang, P., Qiu, W., Huang, Z., Lian, H., & Liu, G. (2020). Detection of SQL injection based on artificial neural network. Knowledge-Based Systems, 190, 105528.
[37] apache, m. (2021). Apache Mesos. https://mesos.apache.org/documentation/latest/building/
[38] Kiger, M. E., & Varpio, L. (2020). Thematic analysis of qualitative data: AMEE Guide No. 131. Medical teacher, 42(8), 846-854.
[39] Tomarchio, O., Calcaterra, D., Di Modica, G., & Mazzaglia, P. (2021). TORCH: a TOSCA-Based Orchestrator of Multi-Cloud Containerised Applications. Journal of Grid Computing, 19(1). https://doi.org/10.1007/s10723-021-09549-z
[40] Aditya, C., Akash, M., Akash, P., Amitkumar, M., Nagarathna, K., Suraj, D., Narayan, D., & Meena, S. (2020). Claims-Based VM Authorization on OpenStack Private Cloud using Blockchain. Procedia Computer Science, 171, 2205-2214.