Advanced

Improving Security in Software-as-a-Service Solutions

Edéus, Viktor LU and Toft, Christoffer (2017) EITM01 20162
Department of Electrical and Information Technology
Abstract
The essence of cloud computing is about moving workloads from your local IT infrastructure to a data center that scales and provides resources at a moments notice. Using a pay-as-you-go model to rent virtual infrastructure is also known as a Infrastructure-as-a-Service (IaaS) offering. This helps consumers provision hardware on-demand without the need for physical infrastructure and the challenges and costs that come with it. When moving to the cloud, however, issues regarding the confidentiality, integrity, and availability of the data and infrastructure arise, and new security challenges compared to traditional on-premises computing appear. It is important for the consumer to know exactly what is their responsibility when it comes to... (More)
The essence of cloud computing is about moving workloads from your local IT infrastructure to a data center that scales and provides resources at a moments notice. Using a pay-as-you-go model to rent virtual infrastructure is also known as a Infrastructure-as-a-Service (IaaS) offering. This helps consumers provision hardware on-demand without the need for physical infrastructure and the challenges and costs that come with it. When moving to the cloud, however, issues regarding the confidentiality, integrity, and availability of the data and infrastructure arise, and new security challenges compared to traditional on-premises computing appear. It is important for the consumer to know exactly what is their responsibility when it comes to securing software running on IaaS platforms.
Axis has one such software solution, henceforth referred to as the 'Axis-hosted cloud service'. There is a need for Axis to improve the client-cloud communication, and in this report, we detail a prototype solution for a new secure communication between client and cloud. Additionally, an evaluation of the prototype is presented.
The evaluation is based on a model constructed by studying literature from state-of-the-art cloud service providers and organizations dedicated to defining best practices and critical areas of focus for cloud computing. This was collected and compiled in order to present a summary of the most important aspects to keep in mind when deploying software on an IaaS.
It showed that the cloud service fulfills many industry best-practices, such as encrypting data in transit between client and cloud, using virtual private clouds to separate infrastructure credentials from unauthorized access, and following the guidelines from their infrastructure provider. It also showed areas where there was a need for improvement in order to reach a state-of-the-art level.
The model proved to be a useful tool to ensure that security best practices are being met by an organization moving to the cloud, and specifically for Axis, the prototype communication solution can be used as a base for further development. (Less)
Please use this url to cite or link to this publication:
author
Edéus, Viktor LU and Toft, Christoffer
supervisor
organization
course
EITM01 20162
year
type
H2 - Master's Degree (Two Years)
subject
keywords
Cloud security Best practice model Software-as-a-Service
report number
LU/LTH-EIT 2017-572
language
English
id
8912360
date added to LUP
2017-06-13 13:50:22
date last changed
2017-06-13 13:50:22
@misc{8912360,
  abstract     = {The essence of cloud computing is about moving workloads from your local IT infrastructure to a data center that scales and provides resources at a moments notice. Using a pay-as-you-go model to rent virtual infrastructure is also known as a Infrastructure-as-a-Service (IaaS) offering. This helps consumers provision hardware on-demand without the need for physical infrastructure and the challenges and costs that come with it. When moving to the cloud, however, issues regarding the confidentiality, integrity, and availability of the data and infrastructure arise, and new security challenges compared to traditional on-premises computing appear. It is important for the consumer to know exactly what is their responsibility when it comes to securing software running on IaaS platforms.
Axis has one such software solution, henceforth referred to as the 'Axis-hosted cloud service'. There is a need for Axis to improve the client-cloud communication, and in this report, we detail a prototype solution for a new secure communication between client and cloud. Additionally, an evaluation of the prototype is presented.
The evaluation is based on a model constructed by studying literature from state-of-the-art cloud service providers and organizations dedicated to defining best practices and critical areas of focus for cloud computing. This was collected and compiled in order to present a summary of the most important aspects to keep in mind when deploying software on an IaaS.
It showed that the cloud service fulfills many industry best-practices, such as encrypting data in transit between client and cloud, using virtual private clouds to separate infrastructure credentials from unauthorized access, and following the guidelines from their infrastructure provider. It also showed areas where there was a need for improvement in order to reach a state-of-the-art level.
The model proved to be a useful tool to ensure that security best practices are being met by an organization moving to the cloud, and specifically for Axis, the prototype communication solution can be used as a base for further development.},
  author       = {Edéus, Viktor and Toft, Christoffer},
  keyword      = {Cloud security Best practice model Software-as-a-Service},
  language     = {eng},
  note         = {Student Paper},
  title        = {Improving Security in Software-as-a-Service Solutions},
  year         = {2017},
}