Diploma Thesis DIP-3242

BibliographyWaizenegger, Tim: Data security in multi-tenant environments in the cloud.
University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Diploma Thesis No. 3242 (2012).
94 pages, english.
CR-SchemaC.2.4 (Distributed Systems)
C.5.5 (Servers)
D.2.11 (Software Engineering Software Architectures)
H.3.4 (Information Storage and Retrieval Systems and Software)
K.6.5 (Security and Protection)

While cloud computing is widely used in consumer applications, business and enterprise customers remain hesitant. The most commonly cited issues preventing the adoption of cloud computing are reliability, security and privacy. \cite{sengu1}

Enterprise Software as a Service solutions offered in the cloud consist of many distinct components that are integrated into a solution which is consumed by the customer. Single components are connected and form a complex solution by communicating and complementing their services. This communication is often not properly secured because components were developed for non-cloud scenarios where inter process and component communication security requirements are less stringent. Preventing unauthorized access by users, processes or components is a basic requirement for any solution. Especially in a cloud context the integration of not or lesser trusted components might be required but a trustable solution is still expected.

As a first line of defense, access to systems and services is secured by authentication mechanisms. This requires a system to validate user credentials as well as provide proof of its identity to the user. The individual components comprising a cloud service need to authenticate each other as well in order to prevent unauthorized access by compromised components or systems. Securing this communication by authentication requires the individual components to have access to certain keys. While authentication is used to secure services against unauthorized access, encryption can often be employed to secure data for transport or storage. In both cases similar problems are faced. When using keys for encryption and authentication the security of the system relies on securely managing the keys.

This thesis will investigate technology options for authentication, encryption and key management in a cloud based Software as a Service solution exemplified by the IBM SmartCloud Archive.

Full text and
other links
PDF (1100443 Bytes)
Department(s)University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems
Superviser(s)Ritter Thomas
Entry dateJuly 31, 2012
   Publ. Computer Science