Advancing Security Services for Cloud Applications
Loading...
Authors
Elsayed, Marwa
Date
Type
thesis
Language
eng
Keyword
Cloud applications , Security , Security as a Service , Software as a Service , Program analysis , Data analytics , Security Monitoring , Vulnerability Scanning , Cloud Computing
Alternative Title
Abstract
With cloud computing taking roots, Software as a Service (SaaS) is transforming the future of Information Technology (IT). SaaS is a modern pervasive software delivery model in the Cloud in which software providers host applications and provide them to consumers over the Internet. The Cloud brings operational and analytical applications together to empower software innovation. SaaS has become indispensable to the advancement of applications spanning different domains such as business, banking, and health. Although the glory of SaaS grows in popularity, an important question remains: how secure are cloud SaaS applications? Cloud SaaS applications are highly accessible, and the vast amount of sensitive data they manipulate makes them an attractive target by attackers. Nevertheless, software providers and consumers overlook critical security measures as they move to the Cloud, obliterating any gains made.
In this thesis, we address these concerns and aim to advance security services for cloud SaaS applications. Cloud Security as a Service (SecaaS) model expands the horizon to deliver security solutions over the Internet. Motivated by the rise of the SecaaS model, this research proposes a platform introducing Information Flow Control as a Service (IFCaaS) notion. The platform embeds robust and effective IFC-based security services in different phases of the software development lifecycle (SDLC) to govern end-to-end protection of cloud applications. Further, the platform is augmented by the Cloud capabilities to provide efficient and scalable security services. Data breaches due to security vulnerabilities, insecure APIs and interfaces as well as insecure computations and unauthorized access are prevalent security issues to cloud applications. Hence, this research expands on targeting two different types of applications in the Cloud: operational and analytical. It presents two different security services and builds a framework for each service. They aim at mitigating the aforesaid security issues regarding each application type. Extensive evaluation of the proposed frameworks is conducted over benchmark applications in real-world settings. The experimental results reveal that the presented frameworks provide robust, effective, and yet efficient protection for cloud applications against prevalent security breaches. They offer significant improvement in terms of detection accuracy, performance, scalability, and resource consumption.
Description
Citation
Publisher
License
CC0 1.0 Universal
Queen's University's Thesis/Dissertation Non-Exclusive License for Deposit to QSpace and Library and Archives Canada
ProQuest PhD and Master's Theses International Dissemination Agreement
Intellectual Property Guidelines at Queen's University
Copying and Preserving Your Thesis
This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.
Queen's University's Thesis/Dissertation Non-Exclusive License for Deposit to QSpace and Library and Archives Canada
ProQuest PhD and Master's Theses International Dissemination Agreement
Intellectual Property Guidelines at Queen's University
Copying and Preserving Your Thesis
This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.