Title :
Security Vulnerability Assessment of OpenStack Cloud
Author :
Ristov, Sasko ; Gusev, Marjan ; Donevski, Aleksandar
Author_Institution :
Fac. of Comput. Sci. & Eng., Ss. Cyril & Methodius Univ., Skopje, Macedonia
Abstract :
Migrating the virtual machines from on-premise to cloud raises new security challenges for a company. A potential threat to the tenants are not only the Internet hackers, but also the cloud service provider and the other co-tenants, due to the multi-tenancy feature. The cloud service provider´s security is challenged by the tenants, as well. Deploying the open source cloud raises additional challenges since the intruders have access to the cloud source code and can assess its vulnerabilities. In this paper, we thoroughly assess the security vulnerabilities of OpenStack cloud framework, one of the most used open source cloud frameworks today. We assess the vulnerabilities of OpenStack server node, virtual machine instances and OpenStack´s Dashboard, the web management interface. The security assessment shows that OpenStack cloud has security vulnerabilities that need to be secured by developing the patch.
Keywords :
cloud computing; public domain software; security of data; user interfaces; virtual machines; Internet hackers; OpenStack cloud framework; OpenStack dashboard; Web management interface; cloud service provider; cloud source code; multitenancy feature; open source cloud frameworks; security vulnerability assessment; server node; virtual machine instances; Cloud computing; ISO standards; Operating systems; Ports (Computers); Security; Servers; Virtual machining; Cloud; OpenStack; Security Assessment;
Conference_Titel :
Computational Intelligence, Communication Systems and Networks (CICSyN), 2014 Sixth International Conference on
Print_ISBN :
978-1-4799-5075-1
DOI :
10.1109/CICSyN.2014.32
