Secured Educational Cloud Computing Through Virtualization

Secured Educational Cloud Computing Through Virtualization

Secured Educational Cloud Computing Through Virtualization

Sreenivas Gundu. MSc(Phy,Psy), MTech, MPhil,(PGDIS) Asst. Professor (CSE Dept)

Kommuri Pratap Reddy Institute of Technology Hyderabad

Abstract: Clouds provide an inexpensive remote access to hardware and storage resources. It has become a widely used term in the industry. Academics have not remained unaware of this trend, and several educational solutions based on cloud technologies are already in place, especially for software as a service (SAAS) cloud. Academia has not remained unaware of this trend, and several educational solutions (LMS) based on cloud technologies are already in place, especially for software as a service (SAAS) cloud. Education is a self-enlightening process. Extending this usage to infrastructure and platform clouds (IAAS, PAAS) has not been explored yet. All the country spends huge amount for education from primary to higher education either directly or indirectly. Cloud computing is a correct choice for providing flexibility for all educational institutions. In this paper, we expresses the importance of cloud computing, guidelines to develop cloud computing for education are provided and various security crisis related to data management. Here, we extend the usage to infrastructure and platform clouds by implementing the virtualization and virtual machines (VMs). It also includes various tools for developing cloud computing and virtualization of resources that maintains and manages itself.

1. INTRODUCTION

   When compared to the existed traditional IT services provisioning models, cloud computing has

   many advantages such as reduced upfront investment (i.e., software, hardware, and professional staff to maintain servers and upgrade software), reduced launching time, where days become hours ,expected performance, high availability, infinite scalability, tremendous fault-tolerance capability, and enhanced collaboration, accessibility, and mobility, allowing users to use any device, such as a personal computer (PC), or a mobile phone, etc. .

   Cloud computing allows consumers to use applications without installation and access their personal files at any computer with Internet access. This technology used for more efficient computing by centralizing storage, memory, processing and bandwidth. Therefore, the use of cloud computing will have a profound positive impact on the cost structure of all the industries using IT resources by lowering the total cost of ownership (TCO).

   This benefits the private as well as the public sectors, including healthcare, education (especially for e-learning) , and the activities of government agencies. In both academia and industry, cloud computing has been recently attracting significant momentum and attention as one of those opportunities that could prove to be of immense benefits and empowering in some situations, due to its flexibility and pay-per-use cost structure, for organizations.

   Managing data in Internet based computing is a critical issue in todays IT world particularly in public clouds in which resources are made available over the internet by third party. All information resides in clouds; whenever client needs they can access data. Security must be provided in accessing database, resources and programs from cloud computing environment for customer satisfaction.

   In this paper, we expresses the importance of cloud computing, guidelines to develop cloud computing for education are provided and various security crisis related to data management. Here, we extend the usage to infrastructure and platform clouds by implementing the virtualization and virtual machines (VMs). Cloud computing uses virtualization for cost effective access of computing resources of connected network. Virtualization brings very little added security to the environment. Virtualization is a powerful solution to reduce the operational costs in todays computing but if done wrong it become as a threat to the environment. Virtualization enables the user to access multiple operating systems at the same time and understand the infrastructure of a network through a process of aggregation. Security is one of the critical issue arises in cloud computing because both user data and programs are residing in provider premises. So, Various data security issues arises in cloud computing are described and finally guidelines to develop cloud computing for education are provided.

2. RELATED WORK

   1. Service-Oriented Architecture

      The SOA concept has been receiving considerable attention in recent years. According to the Organization for the Advancement of Structured Information Standards (OASIS), SOA can be defined as a paradigm for organizing and utilizing distributed capabilities that may be under the control of different ownership domains. It provides a uniform means to offer, discover, interact with, and use capabilities to produce desired effects consistent with measurable preconditions and expectations. Services can be described and accessed using well defined

      service interfaces and via standard message- exchanging protocols and exercised by following a service contract with certain policies. This provides a loose coupling of services and ensures operational agility.

   2. Network resource virtualization and control

      Virtualization constitutes the enabling technology for interconnecting groups of network nodes into virtual private networks (VPNs) [11]. According to [10], in a virtualized network, virtual networks exist co- instantaneously on top of a shared substrate. Different virtual networks may use different protocols and packet formats and provide alternate packet delivery systems. For example over a MPLS/GMPLS (Multi- Protocol Label Switching/Generalized Multi-Protocol Label Switching) network, virtual private networks are provisioned as Label Switched Paths tunnels. Current virtual networking access and control methods are based on statistical multiplexing of simple conceptual models such as virtual links, virtual switches or virtual routers. These simplistic models have the advantage of keeping the complexity and the details of the underlying infrastructure invisible (and inaccessible) to customers, and instead provide them with a uniform, simple abstraction as the interface.

   3. Virtual Machine Technology

   Since 2005, virtual machines are again becoming a hot topic in academia and industry. Venture capital firms are competing to fund startup companies touting virtual machine based technologies while major hardware manufacturers Intel, AMD, Sun Microsystems and IBM are developing virtualization strategies that target markets with revenues in billions and growing. In research labs and universities worldwide, researchers are developing approaches based on virtual machines to solve mobility, security and manageability problems [12].

   Some of the many benefits of using virtual machines are: simplicity of service management, application scheduling flexibility, ease of testing and

   debugging complex systems, hardware multiplexing, enhanced system management capabilities, the ability to run conflicting processes in isolation from each other, heightened system security, and live migration, dynamic content distribution and secure trusted computing.

3. CLOUD TYPES AND SERVICES

   Clouds are classified into three types based on visibility. They are: Public clouds, Private clouds, Hybrid clouds.

   • Resources are dynamically utilized on self service basis over Internet via web services are trmed as external or public clouds.

   • Data and processes are managed by an organization which uses public clouds for open access called internal or private clouds.

   • Hybrid cloud comprises both public and private clouds.

     Cloud computing provides various services in application, platform and infrastructure levels. Services can be split into three major categories. They are Infrastructure-as-a-Service (IaaS), Platform- as-a-Service (PaaS) and Software-as-a-Service (SaaS).

     • Infrastructure-as-a-Service (IaaS): Infrastructure-as-a-Service (IaaS) provides virtual servers with unique IP addresses and blocks of storage in on demand basis. Customers benefit from an API from which they can control their servers. The components included in IaaS are platform virtualization, computer hardware, Internet, computer network, utility computing and service level agreements.

     • Platform-as-a-Service (PaaS): It is a set of software and development tools hosted on the provider's servers. Developers can create applications using the provider's APIs. Google Apps is one of the most famous Platform-as-a- Service providers. It provides services to develop, test, deploy, host and

       maintain applications in the same integrated development environment and support team collaboration development.

     • Software-as-a-Service (SaaS): SaaS is the broadest market. In this case, the provider allows the customer to use its applications only. The software interacts with the user through a user interface. These applications can be anything from web based.

4. VIRTUALIZATION

   Virtualization was first developed in 1960s by IBM Corporation, originally to partition large mainframe computer into several logical instances and to run on single physical mainframe hardware as the host. This feature was invented because maintaining the larger mainframe computers became cumbersome. By day to day development, virtualization technologies has rapidly attains popularity in computing, in fact it is now proven to be a fundamental building block for todays computing [9].

   Two primary benefits offered by any virtualization technology are 1.Resource sharing and 2.Isolation. Resource sharing – Unlike in non- virtualized environment where all the resources are dedicated to the running programs, in virtualized environment the VMs shares the physical resources such as memory, disk and network devices of the underlying host. The resources are allocated to the virtual machine on request. Hypervisors plays a significant role in resource allocation. Isolation – One of the key issue in virtualization, provides isolation between virtual machines that are running on the same physical hardware. Programs running in one virtual machine cannot see programs running in another virtual machine. This is contrast to non- virtual environment where the running programs can see each other and if allowed can communicate with each other.

   Figure- 1 Virtualization System Architecture

   Above figure presents the Virtualization System Architecture. System architecture clearly shows that Virtualization allows multiple OSes to share a single physical interface, to maximize the utilization of computer system resources, such as I/O devices. A virtual machine is a tightly isolated software container that can run its own operating systems and applications as if it were a physical computer. A virtual machine behaves exactly like a physical computer and contains it own virtual CPU, RAM hard disk and network interface card (NIC). An operating system cant tell the difference between a virtual machine and a physical machine, nor can applications or other computers on a network. Even the virtual machine thinks it is a real computer. Nevertheless, a virtual machine is composed entirely of software and contains no hardware components whatsoever. As a result, virtual machines offer a number of distinct advantages over physical hardware. An additional software layer, named Virtual Machine Monitor (VMM) or hypervisor[3], is introduced to provide the illusion of Virtual Machines (VMs), on top of which each OS assumes owning resources exclusively. Mainly there are two kinds of virtualization. They are: Full virtualiztion and partial virtualiztion.

   1. Full Virtualization:

      In this approach the hypervisor simulates several logical instances of completely independent virtual computers possessing its own virtual resources. These virtual resources included IO ports and DMA channels. Therefore, each virtual machine

      can run any operating system supported by the underlying hardware. The virtual machine environment that provides "enough representation of the underlying hardware to allow guest operating systems to run without modification can be considered to provide "Full Virtualization" [5]".

   2. Partial virtualization:

   Unlike full virtualization, in partial virtualization the running guest OS should be modified in order to be operated in the virtual environment. Partial virtualization is a subset of server virtualization, which provides a thin software interface between the host hardware and the modified guest OS. One of the main characteristics of partial virtualization technology is, the virtual machine monitor is simple which allows partial virtualization to achieve performance closer to nonvirtualized hardware. Device interaction in partial virtualized environment is very similar to the device interaction in full virtualized environment.

5. SECURITY ISSUES

   Security is one of the critical issue arises in cloud computing because both user data and programs are residing in provider premises. Fig 1 shows the skeleton of data access from cloud service provider.

   Fig 1: Data access

   Security must be provided at different levels of accessing i.e. server, database, Internet, program and privacy of the data. For example in cloud data storage, a user stores data through cloud service provider into a set of cloud servers, which are running in a simultaneous, cooperated and distributed manner. Data redundancy can be employed for fault

   tolerance. The user interacts with the cloud servers via cloud service providers to access or retrieve the data. In some cases, the user may need to perform the operations such as update, insert and delete on data. In addition, it supports confidentiality, integrity, availability and non- repudiation.

   Security issue arises in cloud data storage because services provided by cloud service provider which may be self-interested, untrusted, possibly malicious and economically motivated adversary. The service provider has the capability to compromise a number of cloud data storage servers in different time intervals and subsequently is able to modify or delete users data after certain period.

   In order to achieve assurance of data storage correctness and data error localization, the concept of precomputed verification tokens are provided. Secure communication between clients and service providers are obtained by the use of SSL protocol. This exchange is needed to manage different virtual environments and it is implemented using the XMPP protocol. Methodologies based on Virtual Private Network (VPN), X.509 certificates and SSL protocol are used to create secure communications between the machines on the physical business network and the enterprise virtual environment. It guarantees data confidentiality, authentication, message integrity and prevention of replay attacks.

6. EDUCATIONAL CLOUD COMPUTING

   Education is a self-enlightening process. It is an important component of life because it equips us with all that is needed to make our dreams come true. It fetches better prospects in career and growth. It is necessary to learn new things, such as the latest trends or some of the things from way back thousands of years ago. One of the best parts of education is that everyone can learn the basic things on how to handle situations suchas family problems, how to answer to the assignments and how to face some of our fears.

   All the country spends huge amount for education from primary to higher education either

   directly or indirectly. Now a day, most of the communication takes place through Internet. Particularly, in today's society, Internet has become a very important learning tool. The most popular uses of the Internet include entertainment and education. Many people argue that the internet should be used for educational purposes only. The internet is a very valuable resource when it comes to education, but it is not limited to that area.

   The evolving demands of the global economy make education vital to sustainable social and economic success. Education is a fundamental human right and is the single most important investment in the future of individuals, communities, the nation, and the world. Cloud computing is a correct choice for providing flexibility for all educational institutions. Based on the academic organizations needs, the platform and applications in cloud computing may be on the institution campus, off campus, or a combination of both. It should provide effective infrastructure and deployment model for their dynamic demands.

   The benefits of cloud computing can support education institutions to resolve some of the common challenges like reduction of cost and provide flexibility and accessibility. In educational cloud computing, the developer should provide following services for effectiveness and enrichment of education.

   1. Low-Cost and Free Technology: There has been a huge growth in low-cost and free technology for social interaction, publishing, collaborating, editing, content creation, computing, etc.

   2. Content Growth: The amount of content (art, expression, opinions, true and false information of all forms) is growing at an exponential rate, available to a broad audience, and anyone can contribute.

   3. Collaboration: Technology is rapidly improving the ability to communicate and collaborate with others.

7. CONCLUSION

   In educational cloud computing, the developer should provide various services for effectiveness and enrichment of education. The benefits of cloud computing can support education institutions to resolve some of the common challenges like reduction of cost and provide flexibility and accessibility. In this paper, we expresses the importance of cloud computing, guidelines to develop cloud computing for education are provided and various security crisis related to data management. Here, we extend the usage to infrastructure and platform clouds by implementing the virtualization and virtual machines (VMs). Cloud computing uses virtualization for cost effective access of computing resources of connected network. Virtualization brings very little added security to the environment. Virtualization is a powerful solution to reduce the operational costs in todays computing but

   if done wrong it become as a threat to the environment. Virtualization enables the user to access multiple operating systems at the same time and understand the infrastructure of a network through a process of aggregation. Security is one of the critical issue arises in cloud computing because both user data and programs are residing in provider premises. So, various data security issues arises in cloud computing are described and finally guidelines to develop cloud computing for education are provided.

8. REFERENCES

1. Onur, E., Sfakianakis, E., Papagianni, C., Karagiannis, G., Kontos, T., Niemegeers, I., Chochliouros, I.P., de Groot, S.H., Sjodin, P., Hidell, M., Cinkler, T., Maliosz, M., Kaklamani, D.I., Carapinha, J., Belesioti, M., Fytros, E., Fac. of Electr. Eng., Math. & Comput. Sci., Delft Univ. of Technol., Delft, Netherlands,

   Intelligent End-To-End Resource Virtualization Using Service Oriented Architecture, GLOBECOM Workshops, IEEE, 28 December 2009 .

2. Luis M. Vaquero, Member, IEEE ,EduCloud: PaaS versus IaaS Cloud Usage for an Advanced Computer Science Course.

3. J. Kirch. Virtual machine security guidelines. The center for InternetSecurity,September2007.http://www.cisecurity.org/tools2/v m/CIS_VM_Benchmark_v1.0.pdf.

1. C. Adams and S. Farrell, 1999, Internet X.509 Public Key Infrastructure: Certificate Management rotocols, RFC 2510.

2. G Minutoli, M Fazio, M Paone and A Puliafito, 2009, Virtual business networks with Cloud Computing and Virtual Machines, IEEE.

3. Börje Ohlman, Anders Eriksson and René Rembarz, 2009, What Networking of Information Can Do for Cloud Computing, 18th IEEE International Workshops on Enabling Technologies:

   Infrastructures for Collaborative Enterprises

4. Prasad B, Enumi C and Ian L, 2009, A taxonomy and survey

   of cloud computing systems, 5th International Joint Conference on IMC, IMS and IDC.

5. M. Armbrust, A. Fox, R. Griffith, A. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica et al., A view of cloud computing, Communications of the ACM, vol. 53, no. 4, pp. 5058, 2010.