Asser Sherif

Abstract

With the increasing usage of Cloud and the Virtualization technology, there comes also an increasing demand to ensure the security levels of all computing environments and components associated and accordingly in this work we propose a new machine authentication mechanism using Trusted Platform Module that can be used to provide a secure access to virtual environments in the cloud. The proposed authentication module is aiming to contribute in providing a solution to Poor machine identity, Multi-tenancy as well as Malicious insiders known security problems in the cloud. It is targeting the access security to graphical user interface of virtual machines hosted on VirtualBox hypervisor in a Linux based environment through authenticating clients trying to connect using the client's Trusted Platform Module Public Endorsement key as a pre-authorized signature to the virtual environment in addition to the normal user name and password authentication of the connecting user. Results obtained from the output of this work indicates that it is possible to authenticate the machines based on their Trusted Platform Module signatures and provide them access to VirtualBox environment only based on a pre-defined Access Control List with minimal one time overhead upon establishing the initial connection.

Department

Computer Science & Engineering Department

Degree Name

MS in Computer Science

Graduation Date

2-1-2015

Submission Date

January 2015

First Advisor

El-Kadi, Amr

Committee Member 1

El-Kassas, Sherif

Committee Member 2

Gamal Ali, Sherif

Extent

115 p.

Document Type

Master's Thesis

Library of Congress Subject Heading 1

Embedded computer systems.

Library of Congress Subject Heading 2

Computer security.

Rights

The author retains all rights with regard to copyright. The author certifies that written permission from the owner(s) of third-party copyrighted matter included in the thesis, dissertation, paper, or record of study has been obtained. The author further certifies that IRB approval has been obtained for this thesis, or that IRB approval is not necessary for this thesis. Insofar as this thesis, dissertation, paper, or record of study is an educational record as defined in the Family Educational Rights and Privacy Act (FERPA) (20 USC 1232g), the author has granted consent to disclosure of it to anyone who requests a copy.

Institutional Review Board (IRB) Approval

Not necessary for this item

Download

Share

COinS