This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The security and performance challenges on the concept of Security-as-a-Service on cloud using Unified threat management for providing security services has been investigated and its solutions is been described in this paper with the help of literature reviews and surveys. Unified Threat Management (UTM) is a comprehensive gateway defense procedure which is a combination of an all security product which performs multiple functions which emerged in the network security industry. The literatures and organizations support the concept of Security-as-a-Service using UTM and been widely deployed as a defense solution for secured services on clouds, but a particular literature showed that UTM may not be an effective approach as there may be chance of performance degradation and bottleneck due to the centralized architecture of UTM and the benefits of cloud computing may be damaged if UTMs doesn't scale up as the load. This paper studies the particular issue in UTM cloud and points a solution that by effectively implementing load balancing and proper scheduling of loads at UTM cloud a sudden surge in load can be effectively managed, giving better turn around and performance and prevents a chance of bottleneck.
Keywords: Cloud, unified threat management ,security-as-a-service
Cloud computing is a new blend technology which is been considered as a vast scope for research and innovations, its been recognized as a vision of computing as a utility. The cloud provides on demand access to a centralized pool of resources for computing deployed with minimum management and great efficiency . Cloud computing is an Environment that provides computing resources as a services in a network such as Platform-as-a-Service(PaaS), Infrastructure-as-a-Service(IaaS),Storage-as-a-service(SaaS),Data-as-a-service(DaaS),Desktop-as-a-service(DTaaS),software-as-a-service(SaaS) Test environment-as-a-service(TEaaS),API-as-a-service (APIaaS), Security-as-a-service(SECaaS).
In Platform-as-a-service (PaaS), cloud provides computing service to various storage and other services.
In Infrastructure-as-a service (IaaS) the cloud provides computer as a virtual machine and it supports to scale to support large number of virtual machines.
In Software-as-a-service (SaaS), cloud hosts the software and its related data as a service through web browser using clients.
In Storage-as-a-service(SaaS) cloud computing providers provides its own space in large infrastructure for rents for business applications with low cost and good environment compared to other corporations and individuals.
In Data-as-a-service (DaaS) cloud provides data as a service to the various users applications or to web page as a web service.
In Desktop-as-a-service (DTaaS) clouds provides service as desktop virtualization or client virtualization by holding the hardware and software systems to support virtualized environment.
Test environment-as-a-service (TEaaS) is based on multi-tenant architecture. In TEaaS data from the host environments like software and its data are accessed by users through web browser over the Internet.
Application Programming Interfaces-as-a-service (APIaaS) in cloud acts as a service platform which provides the ability to creation and hosting of application programming interfaces.
In Security-as-a-service(SECaaS) cloud provides secured access to various application users from Anti-virus, intrusion detection, Anti-malware/spyware etc. Various security issues clouds dealing are firewalls, security event managements, preventing unauthorized accessing of data without authentication .
With the growing importance of cloud its concerns of security is also raising, the business managements should understand those and instead of handling those themselves they should rather give that task to a trusted party who is an expert in this field. This paper mainly deals the area of security-as-a-service, its application in cloud environment ,its vulnerabilities and the solutions for it.
Efficiency ,Threats and Vulnerabilities of UTM's
Unified Threat Management (UTM) is a fused defense mechanism which was developed in the network security industry and been widely deployed as a defense solution for organizations.UTM is practically the combination of various security mechanisms which works in various fields of threat occurrences which includes VPN content filtering, antivirus(AV) and gateway anti spam, network firewalling, data leak prevention, network intrusion prevention gateway, in a single appliance.
F:\SET 1st review\utm security.jpg
Fig.1 UTM security measures
This paper is based on the study and background of cloud computing security using security-as-a-service by a separate cloud provider using unified threat management and its feasibility.
The concept of cloud over cloud in which the security of a public cloud will be monitored by another private security cloud is been now widely adopted by the organizations.Instead of deploying security measures separately for each application cloud and keeping a separate wing for its monitoring and maintenance its better to hand over that part to an private organizations who is efficient in security and provides security as a service through a cloud so that the company wont get stroked down when a potential threat comes. This particular security issuing cloud stay as individual entity and watches over the security of the application clouds in a centralized position.This security providing cloud using security-as-a-service by a separate cloud , using unified threat management solutions are called the UTM cloud is a centralized one point security which watches over threats, attacks and ensures maximum security.
UTM cloud works to prevent all kinds security issues that may arise in a cloud computing environment like.
Unauthorized use of components in cloud
Vulnerabilities and threats in APIs
Masquerading, spoofing or entry to unauthorized areas
Phishing and sniffing
Implant of Anti spam or any other kind of Viruses, backdoors or worms.
Data manipulation ,damage of resources or leakage
Any other kind of known or emerging threats .
UTM cloud occupies a centralized solution, which ensures that all requests to the application clouds are passed through it and thoroughly examined.
F:\SET 1st review\utm model.jpg
Fig.2 UTM Architectural model
The UTM cloud actually creates a fortress around the entire application clouds with entry restricted to a single part where security is heavily checked. The main advantages of UTM's are:
Less complexity and simplicity
Centralized system ensures one door system.
Single security solution
Subscription with a single vendor and single AMC
The headache of maintaining a security wing for every organization is reduced.
Most of the literatures and surveys suggest the use of security-as-a-service using UTM, but one particular paper reference,claimed that the use of UTM cloud may not be a feasible approach.
The paper shows that the benefit of cloud computing its elasticity will be broken if UTMs do not scale up efficiently, and the application clouds cannot take the blame for the UTM cloud. This paper went through deep through the reference and found that there is a chance of bottleneck and performance degradation as the author says since all the traffic first is directed to the UTM cloud where its processed and routed to the application clouds. A particular no. of application cloud will be subscribing to only one UTM cloud, therefore a single UTM cloud will be handling many application cloud, and in the market the no .of UTM providers will be less than to application cloud and thus there is a saturation point for the scalability of UTM cloud which will very less compared to the scalability of App clouds, thus there is a chance of congestion and performance degradation and at a instance bottleneck may happen. Neglecting this part the UTM is an efficient security solution, seeing a drawback we can't simply reject a good and simple solution like UTM, also we cant suggest its deployment until a solution is found. This paper mainly deals with finding a solution for this congestion and proposed a simple way through which congestion can be avoided and waiting time will be reduced, so that the usage of security-as-a-service using unified threat management can be encouraged.
The particular literature rejected the usage of UTM in a centralized system, and proposed the usage of security implementation for each App cloud, which will result in extra maintenance and overhead, also the risk of a disaster which will happen when security is handled by a non expert. This paper in turn proposes a feasible approach which is simple and efficient. Here we bring the concept of load balancing in clouds.
Since the UTM cloud is a just like a centralized system the algorithms of load balancing algorithms in distributed systems may not be feasible here, also the transfer of loads will create overhead and the cost the implementing same UTM features in various nodes will be high, for a situation like this our technique is the best for this environment.
In this technique we propose a load balancing technique using virtualization of servers and load distributing technique in which an algorithm is used to schedule the arriving requests distributing it correctly to the virtual servers. This scheduling algorithm is an adaptation of algorithms used to schedule process which will be suitable for this environment and produce the efficiency here also.
Load Balancing Using Virtualization and US scheduling algorithm.
UTM contains security servers which do security processes; we talk about the idea of splitting this servers into many virtual servers. Instead of assigning single servers we split the servers into many virtual servers using the technique of virtualization and providing a queue system for these servers.
F:\SET 1st review\virtualisation.jpg
US Scheduling Algorithm
This algorithm is a combination of different points of algorithm, which queues the coming requests to the servers such a way that waiting time is reduced.The algorithm works in six points:
Free slots Scheduling:
Instead of orderly assigning requests to the queues this algorithm allots requests to servers which are free or to those server which contains minimum queue .This will reduce the waiting time and improve the performance.
This algorithm prioritizes requests on the basis of where it heads, services like bank transactions and media access which feels bottleneck more is given high priority than web page access which feels less waiting time .
Whenever an application service assigns its service duty to the UTM cloud, it informs the cloud how much security it requires and adds it only if the cloud promises to agrees with the security it provides. Thus the UTM understands the security standards it should provide to request.A request which is given high security standard is subjected to rigor security checking which takes more time than other request with less security which is screened through basic security checks. At the time of enrolling organization choose this security standard, some organization choose time more than security, for example for media companies which opts for time accessing more than security, here for this requests security measures should be cleared fast.
It's a term we come across in higher mathematics, jockeying is a tendency of persons to jump for one queue to other. When the requests are put in one queue to process, and if another queue requests are processed quickly and becoming shorter, this request will jump from this queue to the shortest queue.
When a request comes which takes more time to process by a single server ,many servers are fused together to process that server and after that return to their original states.
Round robin for same priority
This part of algorithm is used when the load is at least two times that of the no.of servers,
Here two or more requests of the same priority will assigned to a server in round robin manner decreasing the waiting and turn around time for those processes than in FIFO
F:\SET 1st review\Scheduling flow diagram.png
Fig.4 Scheduling Flow diagram in UTM Cloud
US scheduling algorithm is used when the load(no. of requests is more than the no. of servers)is more otherwise requests is assigned in FIFO order.
The UTM Design
The UTM Cloud is designed such a way to process the requests patterns for decade of years. The strength and performance of the system to be installed is calculated using MODEL III (M/M/C):( ∞/FIFO) of queuing theory of advanced mathematics
For this model 1st part we make this system to avoid bottleneck and assume that US scheduling algorithm is not used,so we process requests in the order they come(FIFO),now we take mean service rate() which we take the worst case performance of a server, means the highest possible time a server takes to process a system, for arrival pattern() we record the heaviest possible traffic which can occur in near future.by this we formulate the possible queue length with C-no.of virtual servers and n-no.of requests
Where, n =
Length of the queue
Lq= Pn( /(1- )^2) where and Pn=^n*(P0/n!)
Waiting time in the queue
Lq-length of queue
Wq-waiting time in queue
-mean arrival rate
-mean service rate
here the queue length and waiting time can be calculated using this equations if this, waiting time is not affordable it can be reduced by installing better performance and advanced version of servers thus decreasing service time and by increasing the value of C(installing more no. of servers).The UTM will give more performance since the service time in normal will be very less than the taken value, also if at any particular load time US scheduling algorithm can be used which gives lesser response time than normal FIFO allocation. Most of the cases requests come with less than this mean service time. If the service time of request is more than the mean time then we use the fusion technique to handle the situation. If request rates are increasing tremendously, waiting time of the request increases. So, in order to avoid such kind of situations we introduce Network Management Systems tool which watch over the cloud and be in constant communication with the UTM cloud through messages. This NMS checks the mean waiting time of requests periodically using gnat chart and calculating the individual waiting time from the US algorithm. If it finds that the waiting time is increasing and performance of system is degrading it will alarm UTM cloud manager.
Fig.5 NMS watch over UTM diagram
Then using MODEL III pattern with updated values new UTM design with newer version servers and more quantity is installed. This type of updating happens once in a decade so once a system is installed it will run for years so the owner organization doesn't need to worry about cost.
The UTM model given in the below fig.6 was simulated in the opnet simulator to find out the results of requests, the presented model was simulated by putting virtualization concept and US scheduling algorithm in the UTM cloud. By using virtualization more no. of security servers are ready to be deployed it enables to use full processor utilization and better turnaround than before.
H:\set in opnet\utm pic.png
Fig.6 UTM model using opnet
The clouds are connected using high end class switches with ATM oc-48 link and the servers and switches are connected using 1000BaseX links. Some of the applications in the application cloud are there within opnet with default values in load parameters.
A light browsing load HTTP browser as cloud application, a database with high load for RDBMs service, Antispyware , Anti-spam and Antivirus system using database having medium load, A firewall system with database having high load.
F:\SET 1st review\application cloud.png Fig.7 Application Cloud in opnet
The simulation has been done by generating a mild traffic with 15-20 packets /s, between corporate LANs(Source) and UTM firewall object(Destination).
F:\SET 1st review\utm cloud in opnet.png
Fig.8 UTM Components
The packets will be taken by the load balancer in the UTM which is injected with the US scheduling algorithm code, if the load is less it allocates requests normally to free servers, otherwise the US algorithm is activated, and load will be allocated as per the condition in the algorithm.
The simulation shows better response with the algorithm and more no. of servers implemented by virtualization, thus a sudden surge and bottleneck can be managed by the proposed system.
Results and Discussions
Based on the results, and the mathematical model the proposed system for balancing is effective in balancing loads in UTM clouds the mathematical model helps design which is designed the worst case factors which rarely happens in n/w at a period, so at normal situations its very effective. Also the scheduling algorithm which is a combination of priority scheduling, round robin which gives less response time than normal FIFO as per gnatts chart is effective ,also the jumping of request to lesser queues(jockeying)implemented prevents unnecessary waiting time for service, the security scheduling removes the problem of rigorous and same kind of security testing for every process, thus priority scheduling proves advantageous for high priority requests like transactions media access and security scheduling is beneficial for low priority requests like web access thus both are profited from this algorithm . Thus our proposed system is much more effective than the distributed load balancing algorithm which is not effective here. The distributive load balancing algorithm is effective in normal application clouds since all the nodes are not loaded at every time so the chance of finding a free node there is high, but for a security cloud where the requests to all the application pass through, thus all the nodes may be employed round time so the time taken to find a free node to transfer load is high resulting in much more waiting time, thus our system proves a better edge here. One best point of US scheduling algorithm compared to other algorithms is it benefits every requests in some way as explained above avoiding starvation.
Thus with the proposed system the chance of congestion in UTM is very much reduced and its use can be carried on instead of individual security measures by each cloud which requires extra maintenance and cost.
In this paper the security issues in cloud computing has been gone through. The performance problem upheld in the reference has been investigated deeply and this paper has come up with a solution with our proposed system, through simulation and mathematical model of queuing theory MODEL III (M/M/C):( ∞/FIFO),we can design the capacity of the UTM system to prevent any performance problem other than unusual traffic spike which can be effectively balanced by scheduling it correctly to all virtual servers in the whole cloud using US scheduling algorithm, and also a NMS system to warn the organization if the spike situation is constantly happening, so that a redesign can help better processing of requesting thus removing any possible chance of bottleneck, by this proposed any performance degradation occurs will be temporary and system will recover from the state within a short span of time.