SDN enabled role based shared secret scheme for virtual machine security in cloud environment

Cloud computing has given a new direction towards the usage of resources based on the demand without depending on the location. Even though there are many advantages with cloud computing there are challenges and security being one among them. Especially at Infrastructure as a Service (IaaS) level, w...

Full description

Saved in:
Bibliographic Details
Published in:Cyber Security and Applications 2024, Vol.2, p.100043, Article 100043
Main Authors: Anitha, H M, Jayarekha, P, Sivaraman, Audithan, Mehta, Ashima, V, Nalina
Format: Article
Language:English
Subjects:
Cloud computing
Role based access control
Secret sharing
Software defined network
Trust evaluation module
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Cloud computing has given a new direction towards the usage of resources based on the demand without depending on the location. Even though there are many advantages with cloud computing there are challenges and security being one among them. Especially at Infrastructure as a Service (IaaS) level, where the actual resources are shared, security has given more importance. Robust access control mechanisms are to be applied to safeguard the cloud environment. In this paper, Software Defined Network (SDN) enabled role-based access control along with trust-based model is proposed. This model considers the roles of the users and provides the finely grained access to the virtual machines in the cloud. Secret shares are shared fairly among the users based on two parameters namely trust and roles assigned to the participants. Secret has to be reconstructed to access the Virtual Machine (VM) and to reconstruct, the secret shares are taken from different trusted users at different levels. Cloud service provider will be unaware of the secret shares which are distributed among the participant users. SDN Controller is responsible for taking care of share generation, distribution of shares among the user participants and reconstruction of secret. In order to avoid malicious user participants, trust evaluator periodically checks the trust value. The security analysis prove that scheme is more secure and efficient in comparison with other approaches.
ISSN:2772-9184
2772-9184
DOI:10.1016/j.csa.2024.100043