Secure Cloud Connectivity for Scientific Applications

Show full item record



Permalink

http://hdl.handle.net/10138/327068

Citation

Osmani , L , Toor , S , Komu , M , Kortelainen , M J , Linden , T , White , J , Khan , R , Eerola , P & Tarkoma , S 2018 , ' Secure Cloud Connectivity for Scientific Applications ' , IEEE Transactions on Services Computing , vol. 11 , no. 4 , pp. 658-670 . https://doi.org/10.1109/TSC.2015.2469292

Title: Secure Cloud Connectivity for Scientific Applications
Author: Osmani, Lirim; Toor, Salman; Komu, Miika; Kortelainen, Matti J.; Linden, Tomas; White, John; Khan, Rasib; Eerola, Paula; Tarkoma, Sasu
Contributor: University of Helsinki, Department of Computer Science
University of Helsinki, Helsinki Institute of Physics
University of Helsinki, Helsinki Institute of Physics
University of Helsinki, Helsinki Institute of Physics
University of Helsinki, Helsinki Institute of Physics
University of Helsinki, Helsinki Institute of Physics
University of Helsinki, Department of Computer Science
Date: 2018-07
Language: eng
Number of pages: 13
Belongs to series: IEEE Transactions on Services Computing
ISSN: 1939-1374
URI: http://hdl.handle.net/10138/327068
Abstract: Cloud computing improves utilization and flexibility in allocating computing resources while reducing the infrastructural costs. However, in many cases cloud technology is still proprietary and tainted by security issues rooted in the multi-user and hybrid cloud environment. A lack of secure connectivity in a hybrid cloud environment hinders the adaptation of clouds by scientific communities that require scaling-out of the local infrastructure using publicly available resources for large-scale experiments. In this article, we present a case study of the DII-HEP secure cloud infrastructure and propose an approach to securely scale-out a private cloud deployment to public clouds in order to support hybrid cloud scenarios. A challenge in such scenarios is that cloud vendors may offer varying and possibly incompatible ways to isolate and interconnect virtual machines located in different cloud networks. Our approach is tenant driven in the sense that the tenant provides its connectivity mechanism. We provide a qualitative and quantitative analysis of a number of alternatives to solve this problem. We have chosen one of the standardized alternatives, Host Identity Protocol, for further experimentation in a production system because it supports legacy applications in a topologically-independent and secure way.
Subject: Cloud computing
security
VPN
scientific applications
grid
cluster
PERFORMANCE
113 Computer and information sciences
Rights:


Files in this item

Total number of downloads: Loading...

Files Size Format View
Linden_IEEE_paper.pdf 4.143Mb PDF View/Open

This item appears in the following Collection(s)

Show full item record