Abstract
OpenStack is a popular cloud management software. Because it is open-source many companies and organizations opt for OpenStack as their solution for cloud computing. This paper focuses on OpenStack vulnerabilities. A variety of vulnerability scanning tools are used to detect vulnerabilities on OpenStack. The process of attack exploiting specific vulnerabilities is presented. Besides, this paper puts forward recommendations on eliminating vulnerabilities and building a more secure OpenStack platform.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Dahbur, K., Mohammad, B., Tarakji, A.B.: A survey of risks, threats and vulnerabilities in cloud computing. In: Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications. ACM (2011)
Ristov, S., Gusev, M.: Security evaluation of open source clouds. In: EUROCON, 2013 IEEE, pp. 73–80. IEEE (2013)
Ristov, S., Gusev, M., Donevski, A.: Openstack cloud security vulnerabilities from inside and outside. In: CLOUD COMPUTING, pp. 101–107 (2013)
LaBarge, R., McGuire, T.: Cloud penetration testing (2013). arXiv preprint, arXiv:1301.1912
Ma, Y.L., Chen, S.P.: Research on OpenStack virtual machines security policies. Inf. Technol. 38(1), 35–38 (2014)
Xiong, W., et al.: Research on OpenStack authentication security. Design Technol. Posts Telecommun. 7, 21–25 (2014)
OpenStack homepage. http://www.openstack.org/
OpenVAS homepage. http://www.OpenVAS.org/
Li, H.C., Liang, P.H., Yang, J.M., Chen, S.J.: Analysis on cloud-based security vulnerability assessment. In: 2010 IEEE 7th International Conference on e-Business Engineering (ICEBE), pp. 490–494. IEEE (2010)
Ubuntu homepage. http://www.ubuntu.com/usn/usn-1981-1/
Wei, X.W.: Security Analysis and improvement on OpenStack object storage identity and access control. Software 2, 008 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lu, L., Han, Z., Chen, Z. (2015). OpenStack Vulnerability Detection and Analysis. In: Niu, W., et al. Applications and Techniques in Information Security. ATIS 2015. Communications in Computer and Information Science, vol 557. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-48683-2_22
Download citation
DOI: https://doi.org/10.1007/978-3-662-48683-2_22
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-48682-5
Online ISBN: 978-3-662-48683-2
eBook Packages: Computer ScienceComputer Science (R0)