securing cloud computing

A dissertation submitted in partial fulfilment of the requirements for the University of Greenwich Masters Degree in Computer forensic and system security

SECURING CLOUD COMPUTING

Name: Aiman Athambawa Student ID: XXXXXXXXX Programme of Study: MSc Computer forensic and system Security

Date Proposal Submitted: 06/06/2010 Project Hand In Date: 30/04/2011 Supervisor: Dr. Xiangdong Xue

STUDENT PLAGIARISM DECLARATION I hereby declare that the work submitted for assessment is original and my own work, except where acknowledged in the submission. Signed: Aiman Athambawa Date: 30/04/2011

1

Abstract Cloud computing is the latest buzz words in computing. There is significant excitement about Cloud computing and this has been building up over the past few years. Cloud computing offers several great benefits which include cost savings and easy access to state of the art resources, however when considering deploying critical applications and sensitive information to a public cloud environment, security concerns are a big challenge. Recent study has shown that security, privacy and legal issues are the main obstacles to the adoption of cloud services. This thesis looks at how a cloud service user can constantly place a check on the cloud service provider with respect to data security and in cases where there has been a breach of security agreement, how these breach can be traced using forensic tools by the provider. We implement a virtual environment to showcase our proposed solution and configure security and test out deployment using a forensic tool (Forensic Tool Kit)

2

Acknowledgement I consider it an honour to present this dissertation as a student of MSc in Computer forensic and system security of the School of Computing and mathematical Science, University of Greenwich. I convey my deepest thanks to the school for giving me this wonderful opportunity. I express my special thanks to: 

Dr. Xiangdong Xue, who has been my supervisor for this project. He was guiding me to complete it in a correct way. He was always there to help me out from the beginning to end.



Dr. Mona Ghassimian, the senior lecturer, who involve more on cloud based system when i was reading second semester and encourage me to focus on different virtualization techniques. She was arranged guest lecturers who work in cloud based companies.



Dr. Dimitrios Frangiskatos, the senior lecturer, who taught me many aspects of System security and computer forensic techniques. He serves me as the programme leader of my course.



My father, Mr. Shahul Hameed Athambawa, Encourage me to study further from my Bachelor’s degree to Master’s Degree. He makes me up with wishes when i succeed and giving hope when i fail on something.



My mother, Mrs. Ummul Varitha, She is like my father. She always makes me a star.



My Friend, Mr. Ummar Sheriff, He is helping and supporting me a lot on my studies like a mentor.



My Brothers and sisters, they always keeping me busy with my studies and helping out my personnel day to day stuff.



My other friends, who have encouraged me when I lacked confidence.



Above all to GOD, who works through me as he does through all of us!

3

Table of Contents 1

2

Introduction ........................................................................................................................ 7 1.1

Introduction ................................................................................................................. 7

1.2

Motivation ................................................................................................................... 8

1.3

Research Objectives .................................................................................................... 8

1.4

Report Organisation .................................................................................................... 9

Background ....................................................................................................................... 11 2.1

Introduction ............................................................................................................... 11

2.2

The Emergence of Cloud Computing........................................................................ 11

2.3

What is a Cloud? ....................................................................................................... 13

2.4

Basic Concepts .......................................................................................................... 13

2.5

Deployment Models .................................................................................................. 15

2.5.1

Private Clouds .................................................................................................... 15

2.5.2

Community Cloud .............................................................................................. 15

2.5.3

Public Cloud....................................................................................................... 16

2.5.4

Hybrid Cloud ..................................................................................................... 16

2.6

2.6.1

Infrastructure as a Service (IAAS) ..................................................................... 18

2.6.2

Platform as a Service (PaaS) .............................................................................. 18

2.6.3

Software as a Service (SaaS) ............................................................................. 19

2.7 3

Cloud Services Delivery Model ................................................................................ 18

Benefits...................................................................................................................... 21

Literature Review ............................................................................................................. 23 3.1

Cloud Computing Marketplace ................................................................................. 25

3.1.1

Amazon Web Services (AWS) .......................................................................... 25

3.1.2

Microsoft Azure Services Platform ................................................................... 26

3.1.3

Google ................................................................................................................ 26

3.1.4

Salesforce.com/ Force.com ................................................................................ 27 4

4

5

6

Design Analysis ................................................................................................................ 28 4.1

Introduction ............................................................................................................... 28

4.2

Cloud Computing Risks ............................................................................................ 28

4.3

Top Threats to Cloud Computing.............................................................................. 29

4.4

Forensic Analysis of Cloud Services ........................................................................ 30

4.5

Digital Forensic Challenges within the Cloud Ecosystem ........................................ 31

4.6

Proposed Solution/ Design ........................................................................................ 32

4.7

Software Components ............................................................................................... 33

Implementation ............................................................................................. 34 5.1

Introduction ............................................................................................................... 34

5.2

Solution Design ......................................................................................................... 34

5.3

Setup & Configuration .............................................................................................. 35

Conclusion .................................................................................................... 43 6.1

Future Work .............................................................................................................. 44

5

Table of Figures Figure 2.1: Cloud Computing Market Landscape.................................................................... 17 Figure 2.2: Architecture for relevant technologies .................................................................. 22 Figure 4.1: Proposed Solution Architecture............................................................................. 32 Figure 5.1: Design overview .................................................................................................... 34 Figure 5.2: VMware server configuration overview................................................................ 36 Figure 5.3: Booting up Astaro virtual machine ....................................................................... 38 Figure 5.4: Astaro web interface .............................................................................................. 38 Figure 5.5: Astaro security configuration overview ................................................................ 39 Figure 5.6:Astaro Network Security Statistics......................................................................... 40 Figure 5.7: Astaro Network Security Statistics 2..................................................................... 40 Figure 5.8: Astaro Logging system .......................................................................................... 41 Figure 5.9: FTK running forensic analysis on the server logs ................................................. 42

6

CHAPTER 1 1 1.1

Introduction Introduction

As we blaze on in this jet age where speed and time are key concern to everyone especially in the IT industry, technological advancement has come to help us make work and living easy by affording tangible products and also services that helps us undertake various task in more organised and easy way. These products and services help us keep pace with major logical and technical challenges we face daily; and as a result makes work easier, faster, cheaper, and better. Amongst these services is cloud computing. The idea of cloud computing is more of a combination of many technologies rather than a single technology. Its element mirrors the earlier computing eras, but differs in that it incorporates advances in virtualization, storage, connectivity, and processing power to synthesize modern technical ecosystem for cloud computing. Many organizations including private sector, public sector, and the governmental organization are moving their data to the cloud via cloud service providers amongst which are: Microsoft, VMware, Google, Amazon etc due to the huge benefits it offers ranging from flexibility, scalability, centralized data management, cheap in terms of cost, no down time or infinitesimal down time, and most importantly the architecture stresses on the benefits of shared services over isolated products; thus increasing the adoption of cloud computing services. This project focuses on the private cloud infrastructure deployment, and how the service renders security of data because moving data to the cloud, to a large extent exposes users of this cloud service to privacy attack by hackers. However, one of the branches of this project focuses on ways in which these data stored in the cloud is kept secured. Cloud computing as a matter of fact has come to make productivity quite easier by offering users of these services the ability to stay connected and at the same time maintain essential security and control required. This gives everyone a better platform and endless ways to work and collaborate from anywhere, anytime, and on variety of devices.

7

1.2

Motivation

Owing to the fact that cloud services could either be a public cloud service or a private cloud service; whichever the case maybe, we adopt this service base on the many benefits it promises but not really putting into consideration the fact that as we adopt cloud services, confidential data is outsourced in a sense, this therefore raises the question of data protection, as data protection policies varies in different countries. Many cloud service providing organisations may not even have proper controls in place in terms of security, hence we only hope that our data is kept secured based on trust and also when in transit as we call for them. This piece of work looks at how a cloud service user can constantly place a check on the cloud service provider with respect to data security through auditing, and in cases where there has been a breach of security agreement, how these breach can be traced using forensic tools by the provider.

Similarly, there has been a slow adoption of cloud service as a result of issues arising base on security of data in the cloud; hence this piece of work in a sense has come to present the concept of cloud computing not just as migration, but as transformation. It’s just like saying the aim of marriage is not just to change your surname but more so for companionship.

It is important to draw to mind the fact that we are still in the early stage of cloud adoption owing to the fact that transferring one’s organisation’s sensitive data to a third-party cloudbased vendor raises serious security concerns we can’t really overlook; amongst which is untraceable data breaches. Unto this end, we shall deploy the cloud infrastructure in a virtualized environment for the sake of this project. 1.3

Research Objectives

The basic aim of this project is to unfold technical ways that will inevitably ensure adequate security of cloud service user’s data by implementing auditing against the SLA the cloud service providers offer during the inception of the contract, amongst others; and also using some forensic tools to trace data security breach at the cloud service provider’s end when such incident(s) present themselves. Due to the fact that Cloud computing is a service, the infrastructure upon which this piece of work shall be demonstrated will be a virtual environment for the sake of cost and also saves space. The project went through the following stages:

8



Create cloud environment and providing security on it. The platform for the scenario will be virtual PCs for creating small server- client architecture or alternatively, cloud server and use the web browser as the client.



Monitoring security threats channelled to the cloud architecture



Performing audit on cloud environment from client site.



Using forensic tool(s) to perform forensics on cloud environment from client site.

This project is concerned on how to provide a secure cloud service by unveiling some technical ways to keep the cloud service and architecture safe from being compromised and the data that resides in the cloud service providers domain safe as well from hackers. In addition, to be able to trace breaches with forensic tool in cases where data is being compromised. 1.4

Report Organisation

This report is organized as follows: Chapter 1 – The general introduction to Cloud and the overview of the project work. Chapter 2 – This chapter presented a general overview of the concept of cloud computing, providing insight into the emergence of cloud computing, the basic characteristics that are required for cloud services, the different deployment models and service models of cloud computing and then concludes with the benefits of adopting cloud services. Chapter 3 – Literature review of the existing services and technology, background study of the subject matter and the functionality of Cloud Computing. The literature review affords insight into what the project entails and its relevance with respect to previous works on the project. A review of previous literatures on the topic is treated here with emphasis on the problems encountered, how to solve them and the best option among alternatives. This chapter also covers the cloud computing marketplace, presenting the early developers of cloud services such as Amazon, Google etc. Chapter 4 –This chapter first looks at the security challenges in adopting cloud services and proceeds to present the proposed architecture that provides for securing cloud services and carry out forensic analysis on the cloud. In simple term(s), a design overview is afforded here, detailing the initial design of the system

9

Chapter 5 – Implementation and testing of design, functionality and interoperability of functional parts. This chapter affords details regarding the implementation of the system. The final architecture design is unveiled in detail, with justification for certain decisions. The details of system testing are found here, including the methodology that was used in the testing. The results obtained from the above testing will also be discussed and finally Chapter 6 – Conclusion, recommendation and limitations of the project. This chapter sums up all aims set out in the introduction, it indicates if the overall aims of the project have been met, and if the system was as it was expected. Considerations for future research are also included in this chapter.

10

CHAPTER 2 2 2.1

Background Introduction

With the excitement about Cloud computing that has been building up over the past few years and the general hype surrounding the idea. One cannot help but be curious about what this is. However, to any curious persons understanding, there is a general consensus to agree to disagree on what cloud computing is. If one goes on to ask ten different professionals, you tend to end up with ten different answers. You are left wondering what all the hype is about this new fad. In 2008, Oracle CEO Larry Ellison had to comment on this hype but indicating that the term was overused and poorly applied. He said to a group of Oracle analysts that “The computer industry is the only industry that is more fashion-driven than women’s fashion,” [1] I believe that this general excitement around cloud computing is due to the obvious emergence of a new model of computing in the IT world which is a very big deal. 2.2

The Emergence of Cloud Computing

Cloud computing evolved via a number of phases such as grid and utility computing, application service provision and software as a service. However, the concept of cloud computing is rooted in the sixties. [2] In 1961, a professor at MIT called John McCarthy presented the concept of computing as a utility which is similar to that of electricity. Then in 1969, J. C. R Licklider who later went ahead to develop the basis for the ARPANET, presented the idea of an “Intergalactic computer network” at ARPA and Bolt, Beranek and Newman (BBN). He stated that, “If such a network as I envisage nebulously could be brought into operation, we could have at least four large computers, perhaps six or eight small computers, and a great assortment of disc files and magnetic tape units—not to mention remote consoles and teletype stations—all churning away.” The combination of the utility computing concept by McCarthy and a large scale network by Licklider provided the foundation for the future development of cloud computing. [3]

11

The arrival of Salesforce.com in 1999, heralded one of the first milestones for cloud computing. Salesforce.com brought to reality the concept of enterprise applications being delivered via a simple website. This then led software firms to deliver applications over the internet. Then in 2002, Amazon web services was developed and provided a suite of a variety of cloud-based service which ranged from computation to storage. In 2006, they then launched the Elastic compute cloud (EC2) which was a commercial web service that allows for renting of computers on a pay by the hour basis. According to Jeremy Allaire, CEO of Brightcove, "Amazon EC2/S3 was the first widely accessible cloud computing infrastructure service". In 2009, a major mile stone in cloud computing was reached when Google and other began to offer browser-based enterprise application, for example Google Apps. One key contributor to the evolution of cloud computing has been the maturing of virtualization technology. Another being high speed bandwidth. [2] According to Irving Wladawsky-Berger of IBM over the hype around cloud computing in his blog titled Cloud- the Emergence of a New Model of Computing, he said “In my opinion, the key piece of the puzzle that has brought it all together and is giving us unmistakable signals that a new computing model is indeed emerging, is the explosive rise of intelligent mobile devices, such as BlackBerrys, iPhones, Web-capable cell phones of all kinds, e-book devices and netbooks. Beyond them, is the even larger number of sensors and other digital technologies that are being embedded into myriads of things in the physical world, like cars, appliances, medical equipment, cameras, roadways, pipelines, pharmaceuticals or livestock. These are bringing together the world’s digital and physical infrastructures and giving rise to all kinds of new, smart applications.” [4]

12

2.3

What is a Cloud?

With all the hype around cloud computing and the general consensus on the lack of unifying definition of a cloud, I will attempt to draw from the knowledge of several experts in this field in order to provide a general overview of what a cloud is. Peter Mell and Tim Grance of the National Institute of Standards and Technology (NIST) Information Technology Laboratory, presented a paper titled “Effectively and Securely Using the Cloud Computing Paradigm,”[3] In an October, 2009 . They defined cloud computing as: “…a model for enabling convenient, on-demand network access to a shared pool of configurable and reliable computing resources (e.g., networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal consumer management effort or service provider interaction.” [3] Marks & Lozano in Executive’s guide to cloud computing defined it as “… a type of computing that provides simple, on-demand access to pools of highly elastic computing resources. These resources are provided as a service over a network (often the Internet), and are now possible due to a series of innovations across computing technologies, operations, and business models. Cloud enables the consumers of the technology to think of computing as effectively limitless, of minimal cost, and reliable, as well as not be concerned about how it is constructed, how it works, who operates it, or where it is located.” [5] 2.4

Basic Concepts

There are various definitions of Cloud Computing in the industry, with the different sources opting for definitions that suit their agenda. However, at the core, the concept of Cloud Computing is based on these five essential characteristics according to National Institute of Standards and Technology (NIST) Information Technology Laboratory.

Scalable (Aggregate): Scalability refers to the property of a system or service whereby an increase in resources leads to a proportion increase in performance. Scalability can be implemented vertically and horizontally in centralised and distributed systems. Vertical scaling involves increasing the size and capacity of resources while horizontal scaling involves adding a particular resource. Replicating a database across several servers to improve performance is an example of horizontal scaling in cloud computing. [3]

13

Elasticity: This refers to the capability of cloud services to expand and reduce in order to handle fluctuations in demand for resources. This is an essential feature required in IT systems as the traditional infrastructure are setup to scale up or down in order to deal with changes in demand. Hence the typical solution is to over-allocate resources leading underutilization of the total resources. Therefore elasticity is vital capability required in cloud services in order to allow for scaling up or down automatically without extra effort. [5] On-Demand Self-Service: This is a characteristic of cloud computing whereby a user can setup and use a cloud service with human interaction with the cloud service provider and can gain access to the computation power and storage they require. This eliminates the use hassle experienced in the traditional IT model where any need for increased capacity requires going through the usual bureaucracy such as budgeting, acquiring the equipment, deploying, training etc. However, with self-service, acquiring this infrastructure is as simple as ordering a gift online. [5] Ubiquitous Access (Services and More): Ubiquitous access is another trait the cloud inherited from its web ancestry. Ubiquitous access refers to the concept whereby all of an entity’s capabilities are open and accessible from anywhere using any supported device or service (application). Cloud computing is an enabling force in service ubiquity both within and without the enterprise. [5]

Complete Virtualization: The lack of mature tools and skilled personnel saw the early era of widespread adoption of IT resource virtualization end up complicating IT operations which lead to the ‘VM sprawl’ [5]. The missing component in this era was the lack of a seeming transparency of the infrastructure components – to act as one from the view of software developers and operational groups. That is to say, irrespective of the degree of scaling of a particular cloud, the simplicity of working with it does not change i.e. it stays easy to operate and easy to develop applications for as if it was a single server. This is what complete virtualization is. [24]

14

Other Common (though Nonessential) Characteristics The previous characteristics are essential to any cloud deployment project; however the following characteristics are optional though quite important.

2.5



Measured Service (By the Drink)



Multiple Tenants:



Multiple Applications



Scalable (Individual Applications)



Reliable [5]

Deployment Models

2.5.1 Private Clouds Private clouds or sometimes known as Internal clouds refers to IT resources and services which are owned/leased, operated, and presumably restricted to a particular organization. [5] NIST describes a private cloud “as a cloud infrastructure operated solely for an organization, managed by the organization or a third party and existing either on premise or off-premise. The private cloud is typically hosted within the boundaries of the owner organization”. [3] One might perceive the concept of private cloud to be an oxymoron, in the sense that clouds are meant to be shared but it can be seen that certain situations arise where an organisation may choose to build and manage their own cloud. [5] As a result the organisations have to buy, build and maintain these clouds and do not benefit from the cost savings and less hands-on approach offered by public clouds. On the other hand, the private cloud is dedicated to a single organisation hence the security management and day-to-day operation of hosts are handled by the organisation and established security standards, policies and regulatory compliance can be enforced. [6]

2.5.2 Community Cloud A community cloud refers to a deployment model that conceptually lies between a private cloud and a public cloud. It refers to a cloud deployment that is built and managed by several organisations. [3]

15

2.5.3 Public Cloud A public cloud is a cloud computing deployment scheme that is hosted, operated and managed by a third party cloud services vendor and is open for use by the general public. The general public refers to either individual users or corporations. [3] With public clouds, day to day operations and management is handled by the third party cloud services vendor, which leaves the customer with little to no control over the physical and logical security of the cloud. [6] Public clouds are an economically viable option for organisations as it provides immediate cost savings. This is due to the fact that cloud implementations remove the burden of maintaining IT infrastructure from the organisation and provides access to state of art resources without the crippling capital investment cost. [3] The type of clouds available were mostly public clouds such as Amazon, Google and Salesforce and they tend to focus on providing services on particular layers. For example, Amazon focuses on providing Infrastructure based services, while Google and Salesforce focus on application based services. [5] 2.5.4 Hybrid Cloud A Hybrid cloud as the name implies, is a combination of any/all of the other types of clouds i.e. internal or external. It is defined by NIST as “a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load-balancing between clouds). [25] Hybrid cloud differs from other cloud deployments due its use of cloudburst. Cloudburst refers to an application running predominantly in a private cloud but can also run in the public cloud and can be used to adapt to capacity expansion when needed. A typical example of a hybrid cloud deployment is found when an organisation runs its non-critical applications on the public cloud and its sensitive applications on the private cloud. [3] This deployment approach provides an organization with the flexibility to utilize the best tools when required, while adapting to deal with the increasing complexity. [5], [3]

16

Figure ‎2.1: Cloud Computing Market Landscape

17

2.6 Cloud Services Delivery Model The cloud services delivery model commonly referred to as SPI is made up of three major layers–the cloud infrastructure (commonly known as Infrastructure as a Service, or IaaS), cloud application platform (commonly known as Platform as a Service, or PaaS), and cloud application (commonly known as Software as a Service, or SaaS) layers. The following section presents an overview of the different layers. [6] 2.6.1 Infrastructure as a Service (IAAS) The National Institute of Standards and Technology (NIST) defines IaaS as: “The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g., host firewalls).” The benefits of adopting IaaS are just like that of SaaS and PaaS, in that they provide smaller organizations access to enormous computing power without the capital expenditure and risk involved with it. [26]

The adoption of the IaaS model is mostly done in conjunction with both the PaaS and SaaS models and together, they offer a very good level of scalability that can swiftly respond to change in any dimension of a business practice in a way that conventional IT infrastructure cannot. There exist a broad variety of IaaS service providers ranging from data centre centric cloud infrastructure service providers (such as Sun, Oracle, IBM etc), data storage centric service providers (such as Dropbox and Amazon Simple Storage Service) and full-fledged IaaS service provicedrs such as Amazon Web Services and Rackspace. [5], [3] 2.6.2 Platform as a Service (PaaS) The National Institute of Standards and Technology (NIST) describes PaaS as follows: “The capability provided to the consumer is to deploy onto the cloud infrastructure consumercreated or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations.” [27]

18

In other words, the PaaS model can be said to be a kind of SaaS model but where the service provided is a software development and deployment environment. In most cases, this provided service includes a software development kit which interfaces with the service provider’s deployment environment, pre-configured domain names, dynamic and scalable application hosting environment, etc. Hence, the PaaS proposition offers software application developers a more reliable and scalable service with a lower total cost of ownership (TCO) with attendant lower cost of entry. Examples of PaaS service providers include the Google App Engine and Windows Azure. [30]

There are a variety of PaaS service offerings ranging from a full suite consisting of application development tools with provision for testing and deployment. However, the service can also be smaller and more targeted to a specific area for instance – content management. Moreover, the key element that qualifies a platform to be a PaaS includes the presence of: 1. A Monitoring system for applications resource management. 2. An integration mechanism for the customer’s application software with other cloudbased services e.g. databases, firewalls, etc. 3. A multi-tenancy system which can accommodate a good number of customers (software developers) simultaneously. 4. A scheme to allow for collaboration between the stakeholders (service providers, developers, and users) via the cloud. 5. A basic provision of security, reliability and privacy for all applications 6. A browser based interface for developers to access their accounts and software deployments. [5] [3] 2.6.3 Software as a Service (SaaS) The National Institute of Standards and Technology (NIST) (an agency of the U.S. Department of Commerce) defines the cloud’s Software as a Service (SaaS) model as “The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web-based e-mail). The consumer does not manage or control the underlying cloud infrastructure, including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.” [7] Moreover, [8] describes the SaaS 19

delivery model as “well-defined applications offering users online resources and storage. This differentiates SaaS from traditional websites or web applications which do not interface with user information (e.g., documents) or do so in a limited manner.”[9] From these definitions, the SaaS cloud delivery model can simply be said to be a solution whereby a service provider delivers software services to consumers on demand via a licensing model. Usually, the service provider caters for the hosting of the service while the consumer accesses the service using an authorized predefined interface – usually a web browser. The SaaS model is a big departure from conventional methods of acquiring software which often involved purchasing, shipping and then installation when the product arrives at the customer’s destination. In the SaaS model, the customer is billed for access to the service in a ‘pay-as-you-go’ model or through a subscription model unlike the inflexible payment model for conventional delivery. [28]

Furthermore, with the SaaS model the consumer no longer has to deal with compatibility issues with hardware, software or operating systems. Also, getting updates is now instantaneous with little or no need for client premise support or maintenance. Other benefits of the SaaS model include minimal installation requirements and software rollout simplification. To the service provider, the SaaS model provides increased control of the use of its products (in terms of licensing) and also patch and upgrade management control. A good example of SaaS is the Google App suite which provides customers with word processing and email services. [5], [3]

20

2.7 Benefits The rapid adoption of cloud computing is as a result of the benefits it offers. Some of these benefits include: Reduction/ Maximization of IT Cost The adoption of cloud computing can provide an organization with means for reducing IT infrastructure costs and offering ways to maximize the available IT capacity through a variety of schemes. For instance, cloud computing can avail an organisation with ‘pay-as-you-go’ capacity such that they only pay for what they need and when they need it. This also eliminates unnecessary capital expenditure with the associated cost of maintaining an extensive IT infrastructure. Cloud computing affords organisation a reduced cost of operation since operations can easily be centralized when virtualized thereby requiring less IT resources in terms of software, hardware and peopleware. [29] More Efficient IT Asset Utilization Cloud computing provides leverage for storage and infrastructure virtualization which can significantly improve server and storage utilization to the tune of 50-65% [5]. Such asset utilization reduces the associated fixed overhead cost, maintenance cost and the total number of staff required to manage the assets. Furthermore, cloud computing can allow an organization easily decouple its IT infrastructure and assets in such a way that makes outsourcing seamless so that IT staff can focus on more strategic aspects of the organization which leads to a better return on people assets. Business Agility To a large extent, the adoption of cloud computing in a business can shed some weight of the business to leave room for flexibility in the business model. When cloud models such as infrastructure as a service (IaaS), platforms as a service (PaaS) or software as a service (SaaS) are adopted by a business, the business is given the freedom to easily react to market changes without its infrastructure holding it back. In addition, the business can easily experiment with infrastructure or service architectures without costing it so much money or time. [5]

21

Figure ‎2.2: Architecture for relevant technologies

22

CHAPTER 3 3

Literature Review

The focus of this chapter is to explore existing literature of previous works on the subject matter with regards to this thesis. It examines previously related technology schemes and methods involved in keeping data secured, thereby stating areas of variation as opposed to that of the project. In a world where loss of confidential or sensitive data could expose one to the risk of fraud or copyright breaches and also the reputation of an organisation could be directly affected. Judith Hurwitz et al[13], presents a better storage in terms of capacity and security to an extent, compare to the old scheme of storing data using magnetic tapes (e.g. as in floppy drives), Hard disk, and mainframe. The piece of material gives an in depth knowledge of the concept of cloud computing, and also explores the benefits of cloud services such as scalability via dynamic i.e. "on-demand" purveying of resources on a fine-grained, establishment where customers serve themselves near real-time, without the users having to mastermind for peak loads; Performance, maintenance, scalability amongst others. It looks at cloud computing beyond just being a service sitting in some remote data centre; but as a set of approaches that can help organisations quickly do some mathematically additions and subtractions of resources in almost real time. It also channelled it’s write-up on the business impact, the economics of the cloud, and how to develop cloud services strategy. Zaharia et al. [10] presented LATE, a kind of scheduling algorithm which is used to handle heterogeneity in a data center environment. This algorithm LATE attempt to schedule tasks according to the longest approximate time to completion. The approximation relies on the heterogeneity of the nodes and the gradual improvement of the task. The work presented in [10] could potentially be extended to schedule tasks in an edge based cloud where it involves latency and node bandwidth in the required approximate time for completing calculations. In a nutshell, projects demanding cloud computing concepts, such as the ones that drive the MapReduce programming model, directly to edge networks is sparse and this sphere of research is still modern and so in a stage of early development.

23

Eric A. Marks et al, looks at the best place to begin with cloud computing by considering some of the developments that are not only enabling the practical adoption of cloud computing, but in turn will be themselves driven by that same adoption. The author(s) admit to the fact that over the next 5 to 10 to 15 years, some changes are more or less inevitable such as: ‘The decline and fall of the near-monopoly of the relational database—it will no longer dominate and simply be assumed; rather it will be relegated to relatively modest to mid-sized and legacy use cases’[12];’The nature of archiving, disaster recovery, and geographic distribution will fundamentally change—archiving and disaster recovery will be accomplished by multiple, optionally live, geographically dispersed copies of the same data; this will be true for the most crucial, mission- critical, high-volume data’[12]; and thirdly, ‘Computing and storage infrastructures will merge—first for the highest volume applications, then eventually for most applications’[12]. An explanation for the cause of this phenomenon according to the write up lies in the fact that the developments are epidemic to cloud computing. Daniel [14] critically looked at securing cloud service in terms of e-mail and the growing opportunities cloud services provides. Though he considered security but was just considered only in the light of e-mail services by looking at the fact that about 80 to 95% of the mails sent within a day are spam, not just that they are spam but also that they can carry security threat to business and so has suggested that internal anti-spam and firewall solutions on laptops, PCs and also mail servers are good approach to combating this threat, but can be even better by constantly managing and upgrading internal defenses or alternatively is to adopt a cloud-based email security application, because of its ability to filter and blocks unwanted content in the cloud to prevent it from getting to its destination. Owing to the above facts, other project work(s) as regards cloud computing looks at how to secure cloud services, and from the user’s side we adopt this service base on trust; but this project takes it a step further by looking at how to ensure that from the user’s side we don’t just adopt this services base on just trust hoping that our data is kept secured in the cloud and that this data is not being compromised in terms of security, but also ensuring that we can audit, and also carry out forensic investigations in places that matter and when it is required especially in cases where there is a breach of security measure(s) in the cloud. [28]

24

3.1 Cloud Computing Marketplace Having discussed what Cloud Computing is, we are now going to look at the different vendors who offer cloud computing services and what they have to offer. 3.1.1 Amazon Web Services (AWS) Amazon was one of the first companies to offer cloud computing services to the public and they have the most extensive cloud service. Amazon has invested heavily in data centres which were initially only used for its own businesses and decided to resell these computing resources to the public. Hence allowing the public to take advantage of Amazon.com’s computing infrastructure. [15] Amazon offers different cloud services including the following: 

Elastic Compute Cloud (EC2): A web service that offers scalable deployment of applications by providing an interface through which a user can create virtual machines and extra CPU cycles to load any software required an in turn the customer pays by the hour for active servers. [27]



Simple Storage Service (S3): This a web services interface that allows you to store and retrieve items up to 5GB in size in Amazon’s virtual storage service.



Simple Queue Service (SQS): This is a distributed queue messaging service which allows different machines to communicate over the internet using this messagepassing API. [1]



SimpleDB: This is a web service for indexing and running queries on structured data in real time. This service works in close conjunction with Amazon Simple Storage Service (Amazon S3) and Amazon Elastic Compute Cloud (Amazon EC2), collectively providing the ability to store, process, and query data sets in the cloud making web-scale computing easier and more cost effective.



Cloud Front: This is a content delivery network that delivers content using a global network of edge locations. [6]

25

3.1.2 Microsoft Azure Services Platform The Windows Azure Platform is Microsoft’s Cloud offering, this is a public cloud implementation managed on Microsoft’s data centres around the world. Windows Azure is an operating system that provides an overlay for IT infrastructure and runs the applications and services which are used by end users for development, management and hosting purposes. The end user makes use of the provided libraries to develop the desired Azure based applications while making use of tools such as Visual studio. [15] Azure Services Platform includes the following tools: 

Microsoft .Net Services: This provides service-based implementations of .NET Framework concepts such as workflow, access control service bus etc.



Microsoft SQL Services: This provides a set of services which extends database services and reporting into the cloud. [29]



Live Services: This is used to share, store, and synchronize documents, photos, and files across PCs, phones, PC applications, and web sites. It provides developers the ability to connect their applications’ and share them with Windows live users.



Microsoft SharePoint Services and Microsoft Dynamics CRM Services: This provides a set of services used for business content, collaboration, and solution development in the cloud. [6]

3.1.3 Google Google App Engine is Google’s cloud services offering that enables developers to build their web apps on Google’s infrastructure. The currently supported programming languages are Python and Java. Google App Engine allows for easy deploying of web applications by providing computing resources dynamically when required. Google App Engine allows one to take advantage of Bigtable and other components of Google’s scalable infrastructure thereby making it easier to adapt to changes. Google’s Services allow for several uses cases, such as: 

Messaging: Google’s Apps can be leveraged by organisations for internal emails and calendar services.



Securing Existing Email Systems: Google Apps can be used by organisations for securing their existing mal systems in filtering out spam and viruses.



Collaboration: Google Apps can be used for office productivity and collaboration etc. [6] 26

3.1.4 Salesforce.com/ Force.com Salesforce.com is a cloud service provider offering CRM products or hosted sales force automation applications for a number of years. Pricing is done on a per user / per month basis, depending on the different Salesforce.com modules needed. Salesforce.com is a SaaS model deployed in a public cloud also providing a PaaS offering with the force.com platform. [15] Salesforce.com has a number of use cases, which include the following: 

CRM On-demand: Salesforce.com CRM applications can be used to centralize, manage and efficiently share client information as well as develop applications that can extend functionality of the CRM infrastructure.



Application Development: The force.com platform can be used to develop custom applications. [6]

27

CHAPTER 4 4

Design Analysis

4.1 Introduction As we have seen from the previous chapter, Cloud computing offers several great benefits which include cost savings and easy access to state of the art resources, however when considering deploying critical applications and sensitive information to a public cloud environment, security concerns are a big challenge. As a result, the cloud service provider now has to address this security concerns by developing security controls that are of the same level or greater than what the organization would have in their own private establishment. In this chapter we discuss these security concerns and propose a solution that enables the cloud service user to ensure that this service level is adhered to by the service provider.

4.2 Cloud Computing Risks According to Gartner in the article “Seven Cloud computing risks”, there are specific issues that should be raised with cloud services vendors regarding the security of the service being provided. The risks to cloud computing are as follows: User access: Access control is a big concern when referring to cloud computing services due to insider attacks. The user of the cloud service has no control over the physical and logical access controls at the end of the service provider as well as the hiring policies. Hence the user is at risk of compromise from the same individuals who provide the service [26] Regulatory compliance: The responsibility of ensuring security and integrity of their data is still placed on the cloud user even though it is held by the service provider. Hence customers have to ensure these providers are able to meet the regulatory requirements or run the risk of being prosecuted. Data location: When using cloud services, a customer is at risk of their data being stored in a different country. And different countries have different requirements and controls which are to be placed on data access. For instance the EEA has the Data protection act while other countries may not even have any controls. The cloud user is then at risk of not having the same compliance level needed by law. [25]

28

Data segregation: When using a cloud service, the user runs the risk of having their data stored in a shared environment along with data from other customers. Encryption may or may not be provided and during transit and at rest is data encrypted. Although encryption is effective, availability is compromised. [30] Recovery: Disaster recovery is a key factor when using cloud services. Users may not know where their data is located, but where ever that is, it is physically located somewhere which is subject to threats such as fire, floods, natural disasters etc. Hence not knowing what could happen to your data is a big concern for customers. Investigative support: In event of a security breach, accessing logs and data is usually difficult as multiple customers are usually co-located and the customer’s information may be spread across different servers and data centres, thus, making it difficult to carry out an investigation. Long-term viability: The viability of a cloud service provider is a risk a customer has to face as they could go out of business and the customer would be left stranded. [16], [17]

4.3 Top Threats to Cloud Computing According to cloud security alliance, the following are the top threats to cloud computing Threat 1: Abuse and Nefarious Use of Cloud Computing: Service providers do not have control over who signs up for their services; hence criminals can take advantage of the extensive resources to conduct nefarious activities such as hosting botnets, Trojans etc. [30] Threat 2: Insecure Interfaces and API Use of the software interface and APIs provided by service providers can expose a customer to security issues that may compromise the confidentiality, integrity and availability of their information.

Threat 3: Malicious Insiders The providers may not have a strict hiring policy or structure access control thereby exposing the customers to possible malicious insider which may have access to their sensitive data.

29

Threat 4: Shared Technology Issues Cloud providers make use of virtualization technology to make their services scalable, therefore exposing the customer to flaws from the hypervisor and insufficient isolation.

Threat 5: Data Loss or Leakage Due to the issues of data centre reliability, access controls, auditing etc., the threat of data compromise is a serious concern [24]

Threat 6: Account or Service Hijacking If attackers are able to gain access to clients security credentials, they are able to compromise the integrity of data and redirect clients from the legitimate site to an illegitimate one.

Threat 7: Unknown Risk Profile Relinquishing control of managing their infrastructure to a cloud provider exposes an organisation the possible lapse of security controls. [18]

4.4 Forensic Analysis of Cloud Services Prosecution of computer crime perpetrators is possible with provision of computer forensic evidence. Computer forensics refers to the use of scientific methods on computing resources in order to validate the occurrence or not of a suspected event. The process of gathering forensic evidence involves analysing storage devices such as hard drives or CDs. Forensic analysis involves the following steps: 1. Verifying that an incident has indeed taken place 2. Gathering evidence and ensuring

that the chain of custody of the evidence is

maintained using tools developed specifically to maintain evidence integrity 3. Investigating and analysing the evidence 4. Reporting results Computer forensics has to be carried out in a manner that ensures that it maintains the standards of evidence which can be admissible in a court of law. [19]

30

4.5 Digital Forensic Challenges within the Cloud Ecosystem Although advocates for cloud computing tout its scalability and cost effectiveness as the advantages for which to adopt cloud services, however, due to the scope and diversity, forensic scientists view this as a forensic challenge. The challenges to carrying out forensic analysis within the cloud environment are as follows: 1. Establishing the computational and storage resources that fall within the scope of the investigation 2. Separation of customer's data sources during evidence collection 3. Adapting forensic analysis methods to the cloud 4. Improving live analysis techniques 5. Improving log generation & analysis techniques 6. Establishing a complete understanding of processes, their dependencies and distribution across different systems within the cloud ecosystem. [20]

31

4.6 Proposed Solution/ Design In order to achieve the aims of this project, we propose a solution provides for security of the cloud service user’s data by implementing Intrusion prevention and detection using Astaro Security gateway virtual and also using Forensic tool kit to trace data security breach at the cloud service provider’s end when such incident(s) present themselves.

Figure ‎4.1: Proposed Solution Architecture This solution is to be implemented on VMware server 2.0 running three (3) virtual machines. Two of the virtual machines are running Windows XP operating systems and have been set up to run in a Client-Server manner. The third virtual machine is the Astaro security gateway virtual appliance which is set up to ensure security of the cloud deployment. The forensic tool kit was installed on the client –side to analyse digital evidence from the server.

32

4.7 Software Components VMware Server 2.0 VMware server is a free virtualization offering that allows for quick deployment of several virtual machines on a physical server. VMware Server supports the following hardware and software: 

Any standard x86‐compatible or x86‐64‐compatible personal computer



Windows, Linux, Solaris, and other guest operating systems (both 32-bit and 64-bit)



Two‐way Virtual SMP



Intel Virtualization Technology (Intel VT)



AMD‐Virtualization (AMT‐V) [21]

Astaro Security Gateway Astaro Security Gateway is a virtual appliance designed to run in VMware environments. It was the first unified threat management product designed as VMware ready. It provides for easy deployment of an all-encompassing security solution. ANS includes a configurable firewall, Intrusion detection and prevention system, web security etc. [22]

Forensic Tool Kit Forensic Toolkit (FTK) is a computer forensics software that delivers excellent computer forensic analysis, decryption and password cracking. It is a court-validated digital investigations platform built for speed, analytics and enterprise-class scalability. [23]

33

CHAPTER 5 5

5.1

Implementation

Introduction

In this chapter we present the steps used in achieving the aims of this project. This includes setting up the virtual environment, configuring the security components and deploying Forensics Tool Kit to enable Forensic analysis of the Cloud deployment. 5.2

Solution Design

The idea of this solution is to provide a secure cloud infrastructure which allows for Forensic analysis of the server from the client side. This project is setup in a client –server fashion which is representative of the cloud infrastructure. We then deploy the different components of the design which are the VMware Server 2.0, the two (2) Windows XP Virtual machines, Astaro Security Gateway 8 and Forensic Tool Kit. The design of the solution is described in Figure 5.1.

VM FTK

VM Applications

Windows XP (Client)

Applications

VM Applications

Applications

Windows XP (Server)

Applications

Astaro

VMware Server Windows 7 Hardware Figure ‎5.1: Design overview

34

5.3 Setup & Configuration

DEPLOYING VMWARE SERVER 2.0 1. The first step taken was to log in to the Microsoft Windows 7 host as the Administrator. Then from the Start menu, the directory containing the downloaded installer file was selected. Then permission to run the installer was granted through the User Account Control dialog box. 2. When the installation wizard opens and finished computing space requirements, the license agreement was accepted and destination folder specified. 3. On the Server configuration page, the FQDN, Server HTTP Port, and Server HTTPS Port were specified and on that same page “Allow virtual machines to start and stop automatically with the system” was selected. 4. On the Configure shortcuts page, the shortcuts we wanted were specified and on the ready to install page, install was clicked to begin installation. 5. The final wizard prompts were followed to complete the installation and the computer rebooted. LOGGING IN TO VMWARE SERVER USING VI WEB ACCESS In order to manage our deployment, we setup the VMware server to allow access via the VI Web Access management interface. To do this we did the following: 1. Launched the Web browser and entered the URL of the VMware Server installation in the format of http://:8222 or https://:8333 2. The VI Web Access login page appears and then the user name and password used to log in to the host was entered to Log In. 3. After the user name and password are authorized, the main application page appears.

35

Figure ‎5.2: VMware server configuration overview

DEPLOYING THE VIRTUAL MACHINES To deploy the virtual machines on VMware Server, the virtual machine had to be first created using the virtual machine wizard and the operating system was then installed. TO CREATE A NEW VIRTUAL MACHINE 1. After logging on to the VI Web Access management interface, on the commands section of the host workspace, create virtual machine was clicked. 2. On the Name and Location page, the name of the virtual machine was entered and a datastore from the list of existing datastores was selected. 3. On the Guest Operating System page, the type of operating system that is to be installed on the new virtual machine and the version was selected. 4. Under the Product Compatibility heading, hardware version 7 (the default) was selected as this allows the virtual machine to use new VMware server 2. 5. On the Memory and Processors page, the default memory setting was kept and the number of processors for the virtual machine was selected. 6. On the Hard Disk page, to configure the virtual disk create a New Virtual Disk was selected to add a new blank hard disk to the virtual machine. 36

7. On the Network Adapter page a network adapter was added. „ 8. On the Ready to complete page, finish was clicked to create the virtual machine. DEPLOYING THE TWO WINDOWS XP VIRTUAL MACHINES ON VMWARE SERVER 2 1. After logging into the VI web access interface, the virtual machine that was created was selected. 2. In the Hardware section of the Summary tab, the CD/DVD drive’s icon was edited to Connect at power on. 3. The ISO Image was selected from the existing datastore. 4. The SCSI or IDE device node in the Virtual Device Node section was also selected. 5. The changes were saved and the virtual machine powered 6. To complete the guest operating system installation using VMware Remote Console the Console tab was clicked. 7. The instructions specific to Windows XP O.S. was followed to complete installation.

DEPLOYING ASTARO ON VMWARE SERVER 2.0 1. After unzipping the downloaded package in the VMachines directory, the Infrastructure Client was opened to log in to the management interface of the VMware Server 2.0. 2. Under the datastore section where the virtual ASG is located and the VMX file of the ASG was selected and added to the Inventory from the context menu 3. The VMware Add to Inventory Wizard then opened and a name for the ASG entered. 4. Then the VMware server was specified to run the virtual machine and the Add to Inventory Wizard was completed. 5. The necessary IP address configurations were then carried out 6. The URL of https://192.168.0.1:4444 was entered into the web browser and the SSL certificate was accepted 7. As this was the first time ASG’s web frontend (called WebAdmin) was started, a strong password and valid e-mail address for the administrator account was entered. 8. The Perform Basic System Setup button was clicked to continue logging in and the admin Username and password specified was entered. 9. After logging in, the Dashboard of WebAdmin appeared, providing us with all system status information of the Astaro Security Gateway unit.

37

Network configuration information WinXP-VM1 - 192.168.10.1 WinXP-VM2 - 192.168.10.2 Astaro - 192.168.0.1:4444

Figure ‎5.3: Booting up Astaro virtual machine

Figure ‎5.4: Astaro web interface

38

CONFIGURING ASTARO FOR SECURITY

Figure ‎5.5: Astaro security configuration overview

WEB SECURITY HTTP/S The tab of the HTTP/S was used to configure Astaro Security Gateway Software as an HTTP/S caching proxy. The HTTP/S of Astaro Security Gateway provides simple caching services, web filtering etc. It also prevents viruses and spyware infections using its virus scanning engines.

FIREWALL The Packet Filter was used to define and manage packet filter rules of the firewall.

39

Figure ‎5.6:Astaro Network Security Statistics

INTRUSION PREVENTION On the Intrusion Prevention tab, the IPS rules of the firewall were defined. The Intrusion Prevention system (IPS) is a signature-based IPS that analyses the complete traffic and then automatically blocks attacks before they can reach the network to compromise it.

Figure ‎5.7: Astaro Network Security Statistics 2 40

LOGGING Logging was enabled in Astaro through the logging tab. The machine was enabled to log all interactions on the system including FTP Data connections, Admin notifications, Intrusion prevention system alerts etc.

Figure ‎5.8: Astaro Logging system

ENABLING AUDITING ON WINDOWS XP: To allow for forensic analysis local auditing/logging has to be enabled in windows XP and was done as follows: 1. After Logging on as administrator and opening the control panel, the local security policy was expanded to display the individual policy settings. 2. The type of auditing required was then enabled

41

DEPLOYING FTK In order to install and run FTK, the following steps were taken: INSTALL CODEMETER The installation wizard was launched to Install CodeMeter Software and the directions were followed and all defaults were accepted to complete the installation INSTALL FTK Following the installation of CodeMeter Software, FTK was then installed by clicking on Autorun. 1. The Access Data License Agreement was read and accepted before selecting the location for the FTK components. The screen prompts were followed to successfully install the application. RUN FTK: FTK was run next, to add the schema to the database.

Figure ‎5.9: FTK running forensic analysis on the server logs

42

CHAPTER 6 6

Conclusion

In this thesis, we were able to conduct an in-depth research into cloud computing and this report presents the results of this research. We found out that cloud computing is a rapidly developing area in the IT services industry. Despite the excitement around cloud computing, most specialists have a different definition of the term. We were also able to present a report on the emergence of cloud computing by looking into the history and stages of development of cloud computing. This report also presents the different cloud deployment models and service models.

The challenges of ensuring security by cloud adopters is the main focus of this thesis and we presented a prototype solution which attempts to solve this issue for cloud adopters. This thesis was concerned with how to provide a secure cloud service by presenting a clientserver virtual deployment which is representative of the cloud infrastructure and the cloud adopters. We then went on to deploy a virtual security gateway which provides intrusion detection and prevention, firewall and web security. In addition, to be able to trace breaches we adapted the Forensic tool kit to carry out forensic analysis on the cloud. In the process of carrying out this project, we faced a lot of challenges, ranging from the software to be used to achieve the aims of the project to acquiring the technical know-how in order to successfully carry it out.

43

6.1

Future Work

This project is not without its limitations due to the available resources. However, this project is step towards solving the challenges cloud adopters have in ensuring compliance with the security policies they require in their computing services. This project can be further extended by deploying this proposed solution on a public cloud such as Amazon EC2. This would allow for real world testing and evaluation based on real data. This project can be focused to explore forensic analysis in cloud environment, by implementing a solution that carry out multi-location forensic analysis. Further work can be done on auditing the cloud computing infrastructure. This would require developing a means of auditing the cloud infrastructure without intervention from the cloud provider. Thus by-passing the providers and still being able to ensure compliance with required standards.

44

References [1] Velte, A. T., Velte, T. J., & Elsen Peter, R. C. (2010). Cloud computing a practical approach. New York, McGraw-Hill. http://site.ebrary.com/id/10343391 [2] Arif Mohamed; A History of Cloud Computing Available at: http://www.computerweekly.com/Articles/2009/06/10/235429/A-history-of-cloudcomputing.htm [Accessed 30 April 2011] [3] Krutz, R. L., & Vines, R. D. (2010). Cloud security: a comprehensive guide to secure cloud computing. Indianapolis, IN, Wiley [4] Cloud the emergence of a new model of computing; Available at: http://blog.irvingwb.com/blog/2009/04/cloud-the-emergence-of-a-new-model-ofcomputing.html [Accessed 30 April 2011] [5] Marks, E. A., & Lozano, B. (2010). Executive's guide to cloud computing. Hoboken, N.J., Wiley [6] Mather, T., Kumaraswamy, S., & Latif, S. (2009).Cloud security and privacy. Beijing, O'Reilly. [7] Cloud Computing; Available at: http://csrc.nist.gov/groups/SNS/cloud-computing/ [Accessed 30 April 2011] [8] Open Cloud Manifesto; Available at: http://opencloudmanifesto.org/opencloudmanifesto1.htm [Accessed 30 April 2011] [9] Cloud computing use cases white paper; Available at: http://opencloudmanifesto.org/Cloud_Computing_Use_Cases_Whitepaper-2_0.pdf [Accessed 30 April 2011] [10] M. Zaharia, A. Konwinski, A. J. R. K.,and Stoica, I. Improving mapreduce performance in heterogeneous environments. In 8th USENIX Symposium on Operating Systems Design and Implementation (Dec 2008). [11] Rajkumar Buyya, R. R., and Calheiros, R. N. Modeling and simulation of scalable cloud computing environments and the cloudsim toolkit: Challenges and opportunities. In Proceedings of the 7th High Performance Computing and Simulation Conference (Jun 2009). Ropella GEP, Hunt CA. Cloud computing and validation of expandable in silico livers. BMC systems biology. 2010;4:168. [12] What's the Forecast for Cloud Computing in Healthcare; Available at: http://www.ncbi.nlm.nih.gov/pubmed/21466336. [Accessed 30 April 2011] [13] Judith Hurwitz, Robin Bloor,Marcia Kaufman, and Dr. Fern Halper. Cloud Computing for Dummies. (2010). [14] Daniel Power. Enemy at the gates: Email security and the growing opportunity from the cloud. Available at: http://www.infosec.co.uk/ExhibitorLibrary/1108/Cloud_without_limit_20.pdf. [Accessed 30 April 2011] [15] Cloud Computing without the hype; an executive guide; Available at: http://www.lustratusresearch.com/store/catalog/productinfo.aspx?id=214&cid=0&AspxAuto DetectCookieSupport=1 [Accessed 30 April 2011] [16] 10 Security Concerns Cloud Computing Gartner: Seven cloud-computing security risks Available at: http://www.infoworld.com/d/security-central/gartner-seven-cloud-computing-security-risks853?page=0,1 [Accessed 30 April 2011]

45

[17] CSA: Cloud Security Alliance; Top threats to cloud computing V1.0; Available at: https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf [Accessed 30 April 2011] [18] Incidence Response; Available at: http://www.intrinium.com/ITSecuritySolutions/IncidentResponseForensicAnalysis.aspx [Accessed 30 April 2011] [19] Digital Forensic Challenges within Cloud Computing; Available at: http://jonshende.sys-con.com/node/1606237/mobile [Accessed 30 April 2011] [20] VMware Servers Users Guide; Available at: http://www.vmware.com/products/beta/vmware_server/vmserver2.pdf [Accessed 30 April 2011] [21] Astaro home page; Available at: http://www.astaro.com/ [Accessed 30 April 2011] [22] Douglas Schweitzer; Incident Response; Available at: http://rmriinc.com/Documents/Engineers%20Cyber%20Crime%20Incident%20Response%20 Manual.pdf [Accessed 30 April 2011] [23] CSA: Cloud Security Alliance; Security Guidance for Critical Areas of Focus in Cloud Computing V2.1; Available at: https://cloudsecurityalliance.org/csaguide.pdf [Accessed 30 April 2011] [24] Rittinghouse, J. W., & Ransome, J. F. (2010). Cloud computing: implementation, management, and security. Boca Raton, CRC Press. Data protection and data sec issues on cloud computing [25] Rangan, (2008). K. The Cloud Wars: $100+ billion at stake. Tech. rep., Merrill Lynch, [26] May 2008.Smallwood, R. F. (2011). Evaluating & deploying cloud computing for electronic records management: technology, security & implementation issues : a management primer. [New Orleans, La.], E-Records Institute at IMERGE Consulting [27] Qamar, S., Lal, N., Singh, M., (2010). Internet Ware Cloud Computing: Challenges. (IJCSIS) International Journal of Computer Science and Information Security, Vol. 7, No. 3, March 2010. [28] Rosenthal, A., Mork, P., Li, M., Stanford, J., Koester, D., Reynolds, P., (2009). Cloud computing: A new business paradigm for biomedical information sharing. Journal of Biomedical Informatics. Journal homepage: www.elsevier.com/locate/yjbin. [29] Kourpas E (2006) Grid Computing: Past, Present and Future – An Innovation Perspective. IBM white paper. [30] Youseff, L., Butrico, M. and Da Silva, D. (2008). Toward a Unified Ontology of Cloud Computing. In Grid Computing Environments Workshop (GCE '08), Austin, Texas, USA, November 2008, 1-10.

46