دانلود رایگان مقاله انگلیسی رویکردی برای مدیریت امن محیط های مختلط ابری و لبه ای - الزویر 2019

abstract

The Cloud-of-Things (CoT) paradigm is a challenging approach to manage IoT applications exploiting Cloud resources and services. In order to avoid latency in Cloud–IoT communications, the management of time-sensitive services has to be moved to the edge of the CoT. To this aim, a secure Cloud-to-Edge environment for seamless management of IoT applications is necessary. The realization of a performing and secure Cloud-to-Edge middleware solution is a very strategic goal for future business CoT services. Thus, it needs to be deeply investigated, as highlighted by the Cloud Security Alliance (CSA). A valuable approach to develop an efficient Cloud-to-Edge system is based on an instant-message communication solution. In current Cloud environments, a Message Oriented Middleware (MOM) based on an Instant Message Protocol (IMP) provides good performance, but overlook security requirements. In this paper, we aim at overcoming such a gap following the CSA guidelines. In particular, we discuss the involved issues for improving such a kind of Cloud-to-Edge system in order to achieve data confidentiality, integrity, authenticity and non-repudiation. Moreover, we analyze a real case of study considering a MOM architectural model. Experimental results performed on a real testbed show how the introduced secure capabilities do not affect the overall performances of the whole middleware.

9. Conclusions

and remarks With the advent of the CoT paradigm, needs of managing VMs and containers in both Cloud and Edge layers in a secure and flexible fashion became very compelling. In this paper, we investigated several of the major concerns described by the Cloud Security Alliance (CSA) guidance, i.e., (1) Governance and Enterprise Risk Management; (2) Information Management and Data Security; (3) Data Center Operation; (4) Incident Response, Notification and Remediation; (5) Traditional Security, Business Continuity and Disaster Recovery; (6) Encryption and Key Management.

In order to study the process required to enable Cloud/Edge MOM to address the aforementioned concerns, we extended security features in CLEVER, that is one of the reference implementations of the MOM4Cloud architectural model. More specifically, we highlight the involved issues and discussed how to make its communication system secure.

Different modules of the CLEVER middleware communicate each other using XMPP. Even though XMPP presents several interesting capabilities in the context of Cloud computing, it does not support the security features required to address the concerns described in the CSA guidance. Thence, considering the CLEVER case of study, we specifically focused on how to make its XMPP communication system secure in order to meet the security requirements of Cloud/Edge environment for the management of CoT services deployed in virtualized environments.

The performance analysis on the developed security extensions shows the effectiveness of the proposed approach. The proposed work can be considered a landmark for software architects who want to make their Cloud/Edge systems compliant with the CSA guidance. For future works we plan to move toward the innovative Osmotic Computing paradigm [37] to manage IoT applications and services.