Universal Composability Analysis of OpenStack Security
This comprehensive analysis delves into the security issues surrounding OpenStack, exploring the vulnerabilities, deployment model challenges, and proposed solutions through Universal Composability. The study aims to enhance security guarantees for users and developers while defining formal security-related functionality for cryptographers.
Uploaded on | 0 Views
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Universal Composability Analysis of OpenStack Reza Rahaeimehr , Hoda Maleki A joint work with: Ran Canetti , Marten van Dijk , Jason Hennessey , Kyle Hogan , Mayank Varia , and Haibin Zhang
Outlines Introduction Cloud Computing OpenStack Universal Composability(UC) Why UC? Security Analysis Approach Conclusion 2
Cloud Computing Cloud Platform 3
Cloud Security Issues Cloud Platform Huge software Many bugs Cloud serves several different applications Isolation Shared underling hardware Bugs Cloud serves many people Attackers, Hackers Privacy, Confidentiality 4
OpenStack Security Issues Cloud issues Widely Used Attractive for attackers Deployment model Infrastructure as a Service (IaaS) Community based development Model Difficulty of security analysis Lack of clear security model Not well defined APIs Lots of plug ins 5
Solution? Universal Composability 6
Universal Composability General-purpose model for security analysis of protocols Perfect for modular systems Common understanding and common language Introduced by Ran Canetti in 2000 7
Universal Composability-Overview Secure protocols remain secure Security proof based on emulation A protocol emulates another one, if no environment (observer) can distinguish the executions P1 P2 8
Universally Composable Security Analysis of OpenStack Goals Better understanding of OpenStack s security guarantees (for OpenStack Users/Customers) Assist in identifying highest-impact security improvements (for OpenStack Developers) Formal definition of OpenStack security-related functionality (for Cryptographers) Study the security interfaces between components which has not been studied well Steps Define Functionality of Ideal Cloud Define Functionality of Ideal Components Show that Components realize the Ideal Cloud Functionality Propose OpenStack Modifications to realize the Functionalities Propose Component Implementations that realize the Functionalities 9
Ideal World Ideal OpenStack Accurate No time Ideal Functionalities: Create Node Delete Node Upload Image Delete Image Create Volume 10
Security Analysis Simulator 13
Next Steps Hybrid World 2 Hybrid World 1 Hybrid World n Ideal World Real World 14
Security Analysis Simulator 15
Conclusion OpenStack security must be analyzed UC Better understanding of cloud security model Bolds security bottlenecks and concerns Needs Time and Expertise 16
Picture References http://sthelenslscb.org.uk http://www.dell.com https://www.openstack.org 17
Contact Info Reza Rahaeimehr, reza.rahaeimehr@uconn.edu Mayank Varia, varia@bu.edu 18
Thanks! 19
