Advertisement

Security Vulnerabilities of OpenStack Cloud and Security Assessment Using Different Software Tools

  • Manisha P. BharatiEmail author
  • Sharvari C. Tamane
Conference paper
Part of the Smart Innovation, Systems and Technologies book series (SIST, volume 165)

Abstract

New security challenges are raised because of cloud computing when contrasted with customary on-start as a result of its multi-occupant virtual condition on each cloud layer, namely Platform as a Service—PaaS, Infrastructure as a Service—IaaS, or Software as a Service—SaaS. Open clouds are utilizing restrictive cloud programming and security is generally kept up by issuing organizations. Security remains a concern for private clouds. Numerous components influence the cloud mis-configuration and integrity that could emerge on the grounds that security is kept up by an outsider. The target of this investigation is to inspect the territory of OpenStack cloud specifically. This will give a more noteworthy comprehension of in what way cloud computing capacities and any kinds of issues of security emerge in that. The investigation comprises three sections; in the primary section, the foundation of cloud computing and OpenStack is described. In the second section, OpenStack architecture is described. In the third section, known vulnerability exploitation and mitigation strategies are presented along with an assessment of various vulnerabilities in OpenStack is conducted utilizing top security scanners namely Metasploit and OpenVAS in an attempt to finding new vulnerabilities.

Keywords

OpenStack Security issues Vulnerabilities Cloud computing 

References

  1. 1.
    Bharati, M., Tamane, S.: Defending against bruteforce attack using open source-SNORT. In: IEEE—International Conference on Inventive Computing and Informatics-2017 (2017). https://ieeexplore.ieee.org/document/8365267/.  https://doi.org/10.1109/ICICI.2017.8365267
  2. 2.
    Bharati, M., Tamane, S.: Intrusion detection systems (IDS) & future challenges in cloud based environment. In: 2017 1st International Conference on Intelligent Systems and Information Management (ICISIM). https://ieeexplore.ieee.org/document/8122180.  https://doi.org/10.1109/icisim.2017.8122180
  3. 3.
  4. 4.
    Networking in OpenStack: Panoramic view: https://ilearnstack.com/tag/openstack/
  5. 5.
    Albaroodi, H., Manickam, S., Singh, P.: Critical review of open-stack security: issues and weeknesses. J. Comput. Sci. 10(1), 23–33 (2014) (National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, 11800, Penang, Malaysia)Google Scholar
  6. 6.
  7. 7.
    Installing Metasploit Pro, Ultimate, Express, and Community: https://metasploit.help.rapid7.com/docs
  8. 8.
  9. 9.

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  1. 1.SPPU PunePuneIndia
  2. 2.BAMU AurangabadAurangabadIndia

Personalised recommendations