Secure Web System in a Cloud Environment
Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Advent of cloud computing has brought a lot of benefits for users based on its essential characteristics. Users are attracted by its costs per use service and rapidly deploy their applications in the cloud and scale by using virtualization technology without investing in their own IT infrastructure. These applications can be accessed through web based technology, such as web browsers or mobile apps. However, security becomes a major challenge when user’s data and applications are stored in a remote server in a virtualized environment and Internet is medium for accessing them. Internet is always prone to known and unknown threats and a successful breach in the security in cloud environment could lead to a massive loss to property, data and thereafter future of cloud computing technology.
In order to meet the challenges of security needs in cloud computing, security architecture is presented in this Thesis. This Cloud Security Architecture delivers security solutions to deployed applications in the cloud as a service. Security solutions that are delivered by the architecture are Authentication, Authorization, Identity Management and Access Control. With these security solutions by Cloud Security Architecture, the Thesis proposes Secure Web System that incorporates secure authentication and privacy enhancing applications in cloud environment. Authentication utilizes the use of the smart card technology and thus is able to provide robustness to the procedure. Further, two more methods of authentication, browser certificate and username/password based give flexible approach when smart card is not available to clients. Applications deployed in a cloud environment would provide security and privacy for users while searching for any query in remote search engine or browsing a remote web server. Thus, the Thesis lays a foundation towards approaching security and privacy for applications that are deployed in Cloud Security Architecture and building up a Secure Web System.
Place, publisher, year, edition, pages
2013. , 46 p.
Engineering and Technology
IdentifiersURN: urn:nbn:se:kth:diva-117352OAI: oai:DiVA.org:kth-117352DiVA: diva2:601699
Master of Science - Information and Communication Systems Security
Muftic, Sead, Professor