Using formal methods towards improving cloud IaaS environments

Search for this publication on Google Scholar
Al-Haj, S. (2016). Using formal methods towards improving cloud IaaS environments. Unc Charlotte Electronic Theses And Dissertations.
Download PDF

Analytics

101 views ◎
74 downloads ⇓


Details
Author

Al-Haj, Saeed

Title

Using formal methods towards improving cloud IaaS environments

Physical Description

1 online resource (118 pages) : PDF

Date

2016

Degree Granting Institution

University of North Carolina at Charlotte

Abstract

Cloud computing has become a prominent technology with the potential for tremendously positive effects on the future of computer networks and services. However, as the resources are shared in cloud environments, cloud security is a major concern. As such, for cloud computing to reach its full potential, better security solutions are required (particularly solutions to security issues that are unique and fundamental to the cloud environment). In this dissertation, we present a formal method-based approach to making clouds environments more secure and manageable. The scope of our work addresses one of the three major types of cloud environments, Infrastructure as a Service (IaaS) cloud environments, and is grounded in a common set of formal methods (i.e., binary decision diagrams, constraint satisfaction problems, and computational tree logic). First, we present a formal method-based, semi-automated framework for access control list (ACL) generation to improve IaaS security manageability. Second, we present a formal method-based cloud resource allocation framework that factors in customer security requirements, specifically reachability and ACLs, at the time of virtual machine provisioning. Third, we present a formal method-based framework for virtual machine migration planning, in which a safe migration order is determined to ensure the preservation of security requirement during migration. Fourth, we present a formal method-based framework for virtual machine post migration reconfiguration and verification. Fifth, we provide a formal method-based framework that detects and resolves policy misconfigurations in Software Defined Networks (SDNs), an important, emerging approach to managing cloud computing infrastructures. These frameworks use a common formal method-based approach and were evaluated in simulated environments for their effect on IaaS security. The results demonstrate the efficiency and usability of these frameworks to improve IaaS security and suggest promising further areas of research.

Genre

doctoral dissertations

Subjects--Topics

Computer science

Degree

Ph.D.

Keywords

Cloud Computing
Cloud Security
Configuration Management
Software Defined Networks

Subject Area

Computer Science

Advisor(s)

Tolone, William

Committee Members

Raja, Anita
Wang, Weichao
Conrad, James

Degree Note

Thesis (Ph.D.)--University of North Carolina at Charlotte, 2016.

Rights Statement

This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). For additional information, see http://rightsstatements.org/page/InC/1.0/.

Rights Holder Information

Copyright is held by the author unless otherwise indicated.

Identifier

AlHaj_uncc_0694D_11251