Towards a Comprehensive Security Framework of Cloud Data Storage Based on Multi Agent System Architecture
ABSTRACT
The tremendous growth of the cloud computing environments requires new architecture for security services. Cloud computing is the utilization of many servers/data centers or cloud data storages (CDSs) housed in many different locations and interconnected by high speed networks. CDS, like any other emerging technology, is experiencing growing pains. It is immature, it is fragmented and it lacks standardization. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this paper a comprehensive security framework based on Multi-Agent System (MAS) architecture for CDS to facilitate confidentiality, correctness assurance, availability and integrity of users' data in the cloud is proposed. Our security framework consists of two main layers as agent layer and CDS layer. Our propose MAS architecture includes main five types of agents: Cloud Service Provider Agent (CSPA), Cloud Data Confidentiality Agent (CDConA), Cloud Data Correctness Agent (CDCorA), Cloud Data Availability Agent (CDAA) and Cloud Data Integrity Agent (CDIA). In order to verify our proposed security framework based on MAS architecture, pilot study is conducted using a questionnaire survey. Rasch Methodology is used to analyze the pilot data. Item reliability is found to be poor and a few respondents and items are identified as misfits with distorted measurements. As a result, some problematic questions are revised and some predictably easy questions are excluded from the questionnaire. A prototype of the system is implemented using Java. To simulate the agents, oracle database packages and triggers are used to implement agent functions and oracle jobs are utilized to create agents.
The tremendous growth of the cloud computing environments requires new architecture for security services. Cloud computing is the utilization of many servers/data centers or cloud data storages (CDSs) housed in many different locations and interconnected by high speed networks. CDS, like any other emerging technology, is experiencing growing pains. It is immature, it is fragmented and it lacks standardization. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this paper a comprehensive security framework based on Multi-Agent System (MAS) architecture for CDS to facilitate confidentiality, correctness assurance, availability and integrity of users' data in the cloud is proposed. Our security framework consists of two main layers as agent layer and CDS layer. Our propose MAS architecture includes main five types of agents: Cloud Service Provider Agent (CSPA), Cloud Data Confidentiality Agent (CDConA), Cloud Data Correctness Agent (CDCorA), Cloud Data Availability Agent (CDAA) and Cloud Data Integrity Agent (CDIA). In order to verify our proposed security framework based on MAS architecture, pilot study is conducted using a questionnaire survey. Rasch Methodology is used to analyze the pilot data. Item reliability is found to be poor and a few respondents and items are identified as misfits with distorted measurements. As a result, some problematic questions are revised and some predictably easy questions are excluded from the questionnaire. A prototype of the system is implemented using Java. To simulate the agents, oracle database packages and triggers are used to implement agent functions and oracle jobs are utilized to create agents.
KEYWORDS
Cloud Computing; Multi-Agent System; Cloud Data Storage; Security Framework; Cloud Service Provider
Cloud Computing; Multi-Agent System; Cloud Data Storage; Security Framework; Cloud Service Provider
Cite this paper
A. Mohamed Talib, R. Atan, R. Abdullah and M. Azrifah Azmi Murad, "Towards a Comprehensive Security Framework of Cloud Data Storage Based on Multi Agent System Architecture," Journal of Information Security, Vol. 3 No. 4, 2012, pp. 295-306. doi: 10.4236/jis.2012.34036.
A. Mohamed Talib, R. Atan, R. Abdullah and M. Azrifah Azmi Murad, "Towards a Comprehensive Security Framework of Cloud Data Storage Based on Multi Agent System Architecture," Journal of Information Security, Vol. 3 No. 4, 2012, pp. 295-306. doi: 10.4236/jis.2012.34036.
References
[1] M. Zhou, R. Zhang, W. Xie, W. Qian and A. Zhou, “Security and Privacy in Cloud Computing: A Survey,” Proceedings of the Sixth International Conference on Semantics Knowledge and Grid (SKG), Beijing, 2010, pp. 105-112. [2] C. S. Aishwarya, “Insight into Cloud Security Issues,” UACEE International Journal of Computer Science and its Applications, 2011, pp. 30-33. [3] J. W. Rittinghouse and J. F. Ransome, “Cloud Computing: Implementation, Management, and Security (Chapter 6),” 2009. [4] C. Wang, Q. Wang, K. Ren and W. Lou, “Ensuring Data Storage Security in Cloud Computing,” IEEE, Vol. 186, No. 978, 2009, pp. 1-9. [5] A. M. Talib, R. Atan, R. Abdullah and M. A. A. Murad, “Formulating a Security Layer of Cloud Data Storage Framework Based on Multi Agent System Architecture,” TGSTF International Journal on Computing, Vol. 1, No. 1, 2010, pp. 120-124. [6] A. M. Talib, R. Atan, R. Abdullah and M. A. A. Murad, “Towards New Access Data Control Technique Based on Multi Agent System Architecture for Cloud Computing in Software Engineering and Computer Systems Part II,” In: V. Snasel, J. Platos and E. El-Qawasmeh, Eds., Springer Series: Communications in Computer and Information Science 189, Springer-Verlag, location and year, pp. 268-279. [7] M. R. Genesereth and S. P. Ketchpel, “Software Agents,” Communication of the ACM, Vol. 37, No. 7, 1994, pp. 48-53. [8] E. H. Durfee, V. R. Lesser and D. D. Corkill, “Trends in Cooperative Distributed Problem Solving,” IEEE Transactions on Knowledge and Data Engineering, 1989, pp. 63-83. [9] H. Mouratidis, P. Giorgini and G. Manson, “Modelling Secure Multi-agent Systems,” ACM, 2003, pp. 859-866. [10] S. Ramgovind, M. M. Eloff and E. Smith, “The Management of Security in Cloud Computing,” Information Security for South Africa (ISSA), Sandton, Johannesburg, 2010, pp. 1-7. [11] K. D. Bowers, A. Juels and A. Oprea, “HAIL: A High-Availability and Integrity Layer for Cloud Storage,” 2009. http://eprint.iacr.org/2008/489.pdf [12] D. Zissis and D. Lekkas, “Addressing Cloud Computing Security Issues,” Future Generation Computer Systems, Vol. 28, No. 3, 2010, pp. 583-592. [13] J. Yang and Z. Chen, “Cloud Computing Research and Security Issues,” International Conference on Computational Intelligence and Software Engineering (CiSE), 2010, pp. 1-3. [14] H. Takabi, J. B. D. Joshi and G. J. Ahn, “Secure Cloud: Towards a Comprehensive Security Framework for Cloud Computing Environments,” 34th Annual IEEE Computer Software and Applications Conference Workshops, 2010, pp. 393-398. [15] H. Yu, N. Powell, D. Stembridge and X. Yuan. “Cloud Computing and Security Challenges,” ACM, 2012, pp. 298-302. [16] J. Du, W. Wei, X. Gu and T. Yu, “RunTest: Assuring Integrity of Dataflow Processing in Cloud Computing Infrastructures,” ASIACCS’10, Beijing, 13-16 April 2010, pp. 293-304. [17] S. Venkatesan and A. Vaish, “Multi-Agent Based Dynamic Data Integrity Protection in Cloud Computing,” 2011, pp. 76-82. [18] A. A. Aziz, A. Mohamed, A. Zaharim, S. Zakaria, H. A. Ghulman and M. S. Masodi, “Evaluation of Information Professionals Competency Face Validity Test using Rasch,” Proceedings of 4th Pacific Rim Objective Measurement Symposiom (PROMS), 2008, pp. 396-403. [19] A. M. Talib, R. Atan, R. Abdullah and M. A. A. Murad, “Security Framework of Cloud Data Storage Based on Multi Agent System Architecture: Semantic Literature Review,” Computer and Information Science, Vol. 3, No. 4, 2010, p. 175. [20] A. M. Talib, R. Atan, R. Abdullah and M. A. A. Murad, “CloudZone: Towards an Integrity Layer of Cloud Data Storage Based on Multi Agent System Architecture,” ICOS, 2011, pp. 127-132.
[1] M. Zhou, R. Zhang, W. Xie, W. Qian and A. Zhou, “Security and Privacy in Cloud Computing: A Survey,” Proceedings of the Sixth International Conference on Semantics Knowledge and Grid (SKG), Beijing, 2010, pp. 105-112. [2] C. S. Aishwarya, “Insight into Cloud Security Issues,” UACEE International Journal of Computer Science and its Applications, 2011, pp. 30-33. [3] J. W. Rittinghouse and J. F. Ransome, “Cloud Computing: Implementation, Management, and Security (Chapter 6),” 2009. [4] C. Wang, Q. Wang, K. Ren and W. Lou, “Ensuring Data Storage Security in Cloud Computing,” IEEE, Vol. 186, No. 978, 2009, pp. 1-9. [5] A. M. Talib, R. Atan, R. Abdullah and M. A. A. Murad, “Formulating a Security Layer of Cloud Data Storage Framework Based on Multi Agent System Architecture,” TGSTF International Journal on Computing, Vol. 1, No. 1, 2010, pp. 120-124. [6] A. M. Talib, R. Atan, R. Abdullah and M. A. A. Murad, “Towards New Access Data Control Technique Based on Multi Agent System Architecture for Cloud Computing in Software Engineering and Computer Systems Part II,” In: V. Snasel, J. Platos and E. El-Qawasmeh, Eds., Springer Series: Communications in Computer and Information Science 189, Springer-Verlag, location and year, pp. 268-279. [7] M. R. Genesereth and S. P. Ketchpel, “Software Agents,” Communication of the ACM, Vol. 37, No. 7, 1994, pp. 48-53. [8] E. H. Durfee, V. R. Lesser and D. D. Corkill, “Trends in Cooperative Distributed Problem Solving,” IEEE Transactions on Knowledge and Data Engineering, 1989, pp. 63-83. [9] H. Mouratidis, P. Giorgini and G. Manson, “Modelling Secure Multi-agent Systems,” ACM, 2003, pp. 859-866. [10] S. Ramgovind, M. M. Eloff and E. Smith, “The Management of Security in Cloud Computing,” Information Security for South Africa (ISSA), Sandton, Johannesburg, 2010, pp. 1-7. [11] K. D. Bowers, A. Juels and A. Oprea, “HAIL: A High-Availability and Integrity Layer for Cloud Storage,” 2009. http://eprint.iacr.org/2008/489.pdf [12] D. Zissis and D. Lekkas, “Addressing Cloud Computing Security Issues,” Future Generation Computer Systems, Vol. 28, No. 3, 2010, pp. 583-592. [13] J. Yang and Z. Chen, “Cloud Computing Research and Security Issues,” International Conference on Computational Intelligence and Software Engineering (CiSE), 2010, pp. 1-3. [14] H. Takabi, J. B. D. Joshi and G. J. Ahn, “Secure Cloud: Towards a Comprehensive Security Framework for Cloud Computing Environments,” 34th Annual IEEE Computer Software and Applications Conference Workshops, 2010, pp. 393-398. [15] H. Yu, N. Powell, D. Stembridge and X. Yuan. “Cloud Computing and Security Challenges,” ACM, 2012, pp. 298-302. [16] J. Du, W. Wei, X. Gu and T. Yu, “RunTest: Assuring Integrity of Dataflow Processing in Cloud Computing Infrastructures,” ASIACCS’10, Beijing, 13-16 April 2010, pp. 293-304. [17] S. Venkatesan and A. Vaish, “Multi-Agent Based Dynamic Data Integrity Protection in Cloud Computing,” 2011, pp. 76-82. [18] A. A. Aziz, A. Mohamed, A. Zaharim, S. Zakaria, H. A. Ghulman and M. S. Masodi, “Evaluation of Information Professionals Competency Face Validity Test using Rasch,” Proceedings of 4th Pacific Rim Objective Measurement Symposiom (PROMS), 2008, pp. 396-403. [19] A. M. Talib, R. Atan, R. Abdullah and M. A. A. Murad, “Security Framework of Cloud Data Storage Based on Multi Agent System Architecture: Semantic Literature Review,” Computer and Information Science, Vol. 3, No. 4, 2010, p. 175. [20] A. M. Talib, R. Atan, R. Abdullah and M. A. A. Murad, “CloudZone: Towards an Integrity Layer of Cloud Data Storage Based on Multi Agent System Architecture,” ICOS, 2011, pp. 127-132.