for web services.

The cloud computing model

Paper Name: Secure Cloud Computing using
emphasizes the ability to scale compute resources
VML technique
Author Name: M.GANESH on demand. The advantages for users are numerous
Branch: MCA as total cost can be close to zero when resources are

Semester: VI semester not in use. The cloud user can pay costs directly
proportional to need rather than allocating resources
Department: MCA
according to average or peak load which was the
College: RMK Engineering College affiliated with
Anna university chennai. practice before the advent of cloud computing.

Unique ID: N111042 Then you may be wondering why this cloud
computing has not yet started its regime. There are
Email id: ganemano@gmail.com
two main problems – High latency and security
threats.
Abstract-
High latency becomes a major problem in
Cloud Computing, considered to be the next
industrial revolution in the field of computers, faces areas of limited connectivity. This problem can be
problems regarding security and latency. The
solved in a few years time, as 4G is all set to release
solution for latency is known and that rests in
time’s hands to create a transmission medium WiMAX and Cisco is in process of inventing a new
which reduces latency time. But still security
kind of Ethernet cable with ultra-low latency
problems have not found satisfactory solutions. In
the near future, almost everyone will be storing exclusively meant for cloud computing. Whereas
confidential data in the cloud automatically leading
the other one named “security threat” is getting
to cloud penetration by the hackers. In this paper, I
discuss about the basic idea about cloud patched up regularly. But still the users are afraid if
computing, the problems faced in implementation,
they would lose their confidential data to ruthless
ways to avoid data sniffing and a new approach to
prevent data stealing by the cloud service providers hackers and dishonest cloud managers. A recent
themselves by a concept called Virtual Machine
study surveyed more than 500 chief executives and
Lock (VML).
IT managers in 17 countries, and found that despite
the potential benefits of cloud computing,
Introduction: executives “trust existing internal systems over
cloud-based systems due to fear about security
Companies can significantly benefit from
threats and loss of control of data and systems”.
cloud computing because of the cut in capital
One of the most serious concerns is the possibility
expenditure and the incredible scalability provided
of confidentiality violations. Either maliciously or
by the cloud. The resources provided by the cloud
accidentally, cloud provider’s employees can
can be considered infinite. Computing as a utility
tamper with or leak a company’s data. Such actions
has reached the mainstream. Vendors now rent all
can severely damage the reputation or finances of a
or portions of physical machines for hourly periods
company.
 In order to prevent confidentiality violations,
The cloud service providers may resort to
encryption as a solution. But encryption works only
for storing data in the secondary storage cloud. But
when it comes to computation, the unencrypted data
should reside in the memory for computation to be
successful.

The Current Scenario in Cloud Computing:

The field of cloud computing is still in its
infancy as far as implementation and usage are
concerned, partly because it is a bit insecure and is
so high resource dependent that researches in
academic institutions have not had many
is a way of using the already known technology
opportunities to analyze and experiment with it. At
“Virtualisation”.
the moment, a general understanding of cloud
computing refers to the following concepts: grid
“The Change”:
computing, utility computing, software as a service,
So what change can we expect from cloud
storage in the cloud and virtualization. In short, we
computing. To explain this in better lets get a bit
don’t own the necessary hard disk, RAM, or
retrospective. What change did the Internet bring
processor power we need instead we use it from a
into our life? Cloud computing is believed to create
provider paying him on a on-demand basis similar
such an impact on our lifestyle, business models,
to the way we pay the EB bills.
the way we interact, etc. Imagine a world without
CD’s, floppies, pen drives and even hard drives??
What is Cloud Computing?
That’s going to be the change that cloud computing
A cloud is nothing but a group of loosely
is going to bring.
coupled computers put together. Cloud Computing
is defined in different ways by different people, as
in the case with Web 2.0. The perspective of the
people differ. But in general we can go with the
Reason for the next paradigm – Cloud
definition : “Cloud computing is a style of
Computing:
computing in which dynamically scalable and often
Till now our business model needed only
virtualized resources are provided as a service over
data centers for storing data in secondary storage
the Internet”. Cloud is not a technology by itself, it
devices. But nowadays a lot of industries are in
need of powerful processors with a suitable primary
memory to support it. Even the demand for storage
is increasing phenomenally.
For eg.:
 Google processes 20 PB a day (2008)
 “all words ever spoken by human beings” ~
5 EB
 NOAA has ~1 PB climate data (2007)
 CERN’s LHC will generate 15 PB a year
(2008)
But there was once a time when Bill Gates
said,”640K is ought to be enough for anybody”!!
This clearly shows the steep increase in demand for
resources. In a cloud computing model, storage can
be done seamlessly.
Nowadays the need for HPC(High
Performance Computing) is becoming a basic
necessity for every industry. For instance, the New
York Times is using Amazon's cloud service to
generate PDF documents of several-decade old
articles. The estimated time for doing the task on
the Times' servers was 14 years, whereas the cloud
provided the answer in one day for a couple
hundred dollars. This is in line with Gordon’s
Moore’s Law – “The performance of the processor
doubles every 18 months”. So in future it is
predicted that processors will be given equal
importance as given for storage.
The above data from ARISTA center proves
the aforesaid point that HPC will be considered
equal to (or even more important than) Enterprise
data storage. By 2018, only 30% of X86 servers
will serve for Enterprise. Moreover it has been
observed that only 10% of the server’s resources are
used. The concept of virtualization improved the
utilization of storage section and now cloud
computing arrives for drastically increasing server
utilization. So to say in a nutshell, you can do things
which you never thought you could. And build an
IT infrastructure more robustly, more efficiently,
more globally, more completely, more quickly, for a
given budget. And this has become the reason for
making the shift to the “cloud” indispensable.
The Cloud Stack:
Before using the cloud we must know the basic
Services/Clients (Web)
Software (SaaS)
Platform (PaaS)
Infrastructure/Storage (IaaS)
resources provided by the cloud providers. The
virtualized resources offered by the cloud(a cluster
of systems) are classified into three types:
 1. Infrastructure as a service
2. Platform as a service
3. Software as a service
Above all these layers runs the “Web”. Lets have a
small intro in these layers.
1. Infrastructure as a service (IaaS):
Providing the necessary hardware like the
primary and secondary storage, processor etc.
Initially it was called Hardware as a Service (by
Nicholas Carr, the American technology critic).
Explanation of the virtualized stack:
Usually we used to have a single OS on a
machine. But using virtualization technology we
can boot many OS’s and virtually divide our single
machine in to many machines called “Virtual
Machines” or VMs. This concept is the heart of
cloud computing. To say in short, the Hard disk,
Ram etc. are shared by many users at the same time
by using a group of loosely coupled systems called
in general as a cloud. So each user is under an
illusion of using his own machine.

Some key points which make Cloud Computing

2. Platform as a service (PaaS):
attractive:
Delivering computing platform and solution
 Reduced Cost
stack as a service. An example for a computing
platform is JRE. A solution stack is nothing but a
 Scalability
group of platform services like LAMP
(Linux,Apache,MySQL,Perl/PHP) used to run
App App App  Highly Automated
dynamic websites. PaaS is also called cloudware.

3.OS
Software as a OS
Service (SaaS):OS  Flexibility

Providing softwares like MS-Office, Video

Hypervisor  More Mobility
Converters online on a pey-per-use basis. This can
be provided in two ways:
Hardware  Self Healing Resilience

 Host the application on a web server.

Virtualized Stack
 Download the application to the consumer
device and disabling it automatically after
the contract period is over.

The basic difference between a traditional stack and

a virtualized stack is shown below.

App App App

 Hardware
Things required for a Cloud Computing

Traditional Stack
architecture:
A basic cloud computing model should
provide a) Horizontal scalability and b) Vertical
scalability. Horizontal scalability means the ability
to manage a large number of users (also called user
scalability). Vertical scalability refers to the ability
of the application to run undeterred and perform
consistently even as load increases. Appropriate
load balancing and autonomic procedures are
implemented for this purpose.
because a lot of data is involved in it (like shutting
The attractive feature here is that, we need
down a bank is extremely rare).
not deploy any special hardware for this. The
The second issue is regarding the
servers which are currently available are enough for
communication channels that are laid between the
the implementation and we can see a lot of cloud
consumer and the vendor. Currently, most of the
service vendors already like Amazon, Salesforce,
houses get connected to the cloud using dialups.
GoGrid, SunCloud etc.
This connection will be fairly enough for small
apps. When we get into the hectic industrial sector,
every nanosecond of computation counts. They are
spending lots of money for the processing and
Issues in Cloud Computing:
storage and if the latency makes a delay, it becomes
Though the characteristics of Cloud
unbearable. The solution for this lies in the hands of
computing seem to be awe inspiring, yet it faces
the OFC developers. Currently we user the
many problems as the famous cliché goes, “Two
Ethernet, which transmits data at 10 Gbps. Cisco
sides of the coin”. Some notable things are
introduced the DCE (Data Center Ethernet) with a
 The customers are completely dependent on
similar capability. But in future we can expect
the service providers.
Ethernet with 100Gbps capacity.
 Latency
The third issue is the problem I am going to
 Security
address in this paper. Security is the main reason
General Solutions:
that has hindered the progress of Cloud Computing.
The first issue is something on which the
In cloud computing, we trust all our data to the
user has no control. We can compare it to a bank
vendors, keeping in mind the bright idea of
which is taking care of all our money. The service
mobility. But we should be aware that such data can
providers won’t close their industry so easily
be tampered by the vendors, as the system
administrators have full-fledged control over the cloud computing should be how secure data will be
servers. An insecure vendor may lead to disrupting in-the-cloud.
services, loss of privacy, or even damage the data
stored. Solutions:
The user’s information can be stolen from The three main disciplines expected from
1. Secondary Storage the cloud providers are :
2. Primary Storage 1. Confidentiality
Stealing information from the hard disk or any other 2. Integrity
secondary storage is a common thing that we 3. Availability
experience everyday. We get malware, spywares, Confidentiality:
viruses etc. which try to get into our boot-sector and The users’ data should be secure from other users.
slowly transfer information. But we already have Here the word data represents both the secondary
enough anti-virus applications and anti-spywares to storage and the primary memory data. A
fight them. But there is a tougher problem in cloud satisfactory solution has been found for this. But
computing, that’s the primary memory security. still protecting the primary memory data is not
possible. In this paper, I propose an idea to solve
The Cloud is Visible : this problem.
Cloud computing has all the hallmarks of Integrity:
becoming a prevalent and valuable innovation that The user’s data should not be damaged or modified
IT professionals should use to their advantage. by others without the user’s knowledge. The cloud
However, the dangers of hosting and accessing should provide strong security to avoid such
services and applications through the internet also problems. Strong encryption algorithms and
need to be recognized. When 'in-the-cloud' an biometric systems could solve this problem.
organization can lose track of resources: who Availability:
controls them and who is currently using which The users should be able to access their files
resources. anywhere, anytime. For this, the users files should
Placing large amounts of sensitive data in be copied redundantly and stored on multiple
the globally accessible “cloud” leaves organizations servers, so that even if one server is down, the other
open to large distributed threats. Concentrating a servers can make up.
single company's data in a single location is risky
and multiple companies using the cloud can create a Memory management : Virtual Machine Lock
potentially dangerous scenario. As data breach after (VML):
data breach are reported in the media, one of the In this paper I mainly concentrate on
key considerations for companies when considering securing the primary memory. Because other issues
regarding securing the secondary storage has many
satisfactory solutions already (like encryption). But
such algorithms in the primary memory would
delay the access time and fails to realize the real
benefit of cloud computing.
Cloud computing is nothing but a cluster of
Virtual Machines (VM) running on a single
hardware platform. A virtual machine is very
similar to an application in a normal PC. It has its
own memory. Each user uses a VM. We don’t have
much information about the way these VMs are
implemented in the cloud. But with information we
have from the Open source cloud service
“Eucalyptus”, we can say that, the whole idea of
security wholly depends on the platform called
“Hypervisor”. This hypervisor can run directly on
the hardware or on another OS platform. Eucalyptus
uses “Xen” Hypervisor. The Xen hypervisor
automatically provides VM-VM confidentiality. ie.
The hypervisor acts like a firewall between the host
OS and the other VM’s and also between VM’s. So
its not possible for another user to peek into another
person’s VM. As the host OS is also firewalled,
even the system administrator cannot access the
VMs directly. But there is one more chance for the
sysadmins of the cloud to access the user’s VM’s.
The easiest way to get the cloud data would be to
bribe or trick the system administrator of the cloud
to attack the memory. The idea of Virtual Machine
Lock(VML) would bring the doom’s day for that
too.
Usually a VM in nothing but a node in the
huge primary memory available in the cloud.
Whenever the user demands for a VM, a node is
allotted by the host OS depending on the amount of
memory the user demands. If the node is within the
cloud perimeter, then the hypervisor’s firewall will
hide the VM’s data from the sysadmin of the cloud
server. But if the sysadmin writes a code and creates
a jump statement at the starting address of the node,
so that as soon as a VM is allocated there, it is
diverted to a computer on which the VM has
complete control, then the sysadmin can do
anything with that VM because its like accessing his
own RAM. So the danger is when the sysadmin
moves the VM out of the cloud. For this purpose I
have devised a method called the VML (Virtual
Machine Lock), with which we can prevent the
sysadmin from moving the node out of the cloud.
The VML is a 3rd party software, which runs
either independently or bundled along with the
hypervisor. It maintains a database of the users’
loginIDs, starting addresses of each node and a key
stored there. For using this lock, we will need to
make a small change in the hardware platform. The
memory unit should be divided equally into
chunks/nodes. Then the starting addresses of the
nodes should contain a key (only known to the
VML provider).
Working:
Now when the user demands for a VM
through a loginID and password, the host OS allots
a particular node. Immediately, the starting address
of the node, the key, the user’s loginID are passed
to the VML software which records those in its
database. Then the user starts using his VM. The
VML software will periodically check whether that
particular node is occupied by that particular
loginID. Now the sysadmin can never move the
node out of the cloud (and that’s why I call it a
“Virtual Machine Lock”). Even if the node has to be
migrated for load balancing, the OS should
communicate the address of the new node to the
VML. The VML authenticates the new node and
then allows the host OS to shift the node. So in this
way the user’s VM is secure from the sysadmin.

Conclusion:
Thus we understand that though cloud
computing has all the hallmarks of becoming the
next paradigm shift in the field of computing, still it
faces some security issues. This paper provides a
better solution for securing the primary memory
using the VML. The future prospects of cloud
computing are very bright and I hope we all enjoy
its innumerable advantages in the near future.

References:
[1] Distributed systems – Andrew
S.Tannenbaum, Marten Van Steen.
[2] Conference on Cloud Computing from
Cloudslam09
[3] Dr.Dobb’s Journal.
[4] Grid Computing by Ahmar Abbas.
[5] Foundations of Parallel Processing by Ratan
K.Ghosh, Rajat Moona, Phalguni Gupta
[6] TechCareers from Digit magazine.
[7] Eucalyptus.com – Free Cloud service.
[8] searchcloudcomputing.techtarget.com