Your Perfect Assignment is Just a Click Away

We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!

How It Works
Order Now
glass
pen
clip
papers
heaphones

Lahore University Wk 5 What Is the Cloud Computing Reference Architecture Questions

Computer Science, Lahore university

Computer Science, Lahore university

Lahore University Wk 5 What Is the Cloud Computing Reference Architecture Questions

Description

5.1 Provide a brief definition of network access control.

5.2 What is an EAP?

  • 5.3 List and briefly define four EAP authentication methods.

5.4 What is EAPOL?

  • 5.5 What is the function of IEEE 802.1X?

5.6 Define cloud computing.

  • 5.7 List and briefly define three cloud service models.

5.8 What is the cloud computing reference architecture?

  • 5.9 Describe some of the main cloud-specific security threats.

Week5 AssignmentAnudeep GottipatiNEC- Network Security- Week5                                                    Date- 11/18/20205.1 Provide a brief definition of network access control.This is an umbrella term for managing access to a network. A NAC is critical towards the implementation of organizational policies. Technically, it deploys the use of a set of approaches to implement a policy after its definition. As a computer networking parameter, it is attributed to setting policies under various paradigms and roles as well as access-based inclinations. It is also mandated with the precision of enforcing security compliance, patch control, and several mitigation measures that come with policy management. the implementation of NAC comes with advantages of visibility into devices, control of risk, and management of IoT among other substantial measures.5.2 What is an EAP?Extensible Authentication Protocol (EAP) is used to pass the authentication information between the supplicant (the Wi-Fi workstation) and the authentication server (Microsoft IAS or other). The EAP type actually handles and defines the authentication. The access point acting as authenticator is only a proxy to allow the supplicant and the authentication server to communicate.5.3 List and briefly define four EAP authentication methods.• EAP-TLS (EAP Transport Layer Security): EAP-TLS (RFC 5216) defineshow the TLS protocol (described in Chapter 17) can be encapsulated in EAP messages. EAP-TLS uses the handshake protocol in TLS, not its encryption method. Client and server authenticate each other using digital certificates. Client generates a pre-master secret key by encrypting a random number with the server’s public key and sends it to the server. Both client and server use the pre-master to generate the same secret key.• EAP-TTLS (EAP Tunneled TLS): EAP-TTLS is like EAP-TLS, except onlythe server has a certificate to authenticate itself to the client first. As in EAPTLS, a secure connection (the “tunnel”) is established with secret keys, but that connection is used to continue the authentication process by authenticating the client and possibly the server again using any EAP method or legacy method such as PAP (Password Authentication Protocol) and CHAP(Challenge-Handshake Authentication Protocol). EAP-TTLS is defined in RFC 5281.• EAP-GPSK (EAP Generalized Pre-Shared Key): EAP-GPSK, defined inRFC 5433, is an EAP method for mutual authentication and session key derivation using a Pre-Shared Key (PSK). EAP-GPSK specifies an EAP method based on pre-shared keys and employs secret key-based cryptographic algorithms. Hence, this method is efficient in terms of message flows and computational costs but requires the existence of pre-shared keys between each peer and EAP server. The setup of these pairwise secret keys is part of the peer registration, and thus, must satisfy the system preconditions. It provides a protected communication channel when mutual authentication is successful for both parties to communicate over and is designed for authentication over insecure networks such as IEEE 802.11. EAP-GPSK does not require any public-key cryptography. The EAP method protocol exchange is done in a minimum of four messages.• EAP-IKEv2: It is based on the Internet Key Exchange protocol version 2 (IKEv2), which is described in Chapter 20. It supports mutual authentication and session key establishment using a variety of methods. EAP-TLS is definedin RFC 5106.5.4 What is EAPOL?EAPoL, similar to EAP is a simple encapsulation that can run over any LAN. The same three main components are defined in EAP and EAPoL to accomplish the authentication conversation. The figure shows how these LAN components are connected in a wired environment.5.5 What is the function of IEEE 802.1X?This is the link layer protocol that enforces authorization before a port is assigned an IP address. It makes use of the Extensible Authentication Protocol for the authentication process. 5.6 Define cloud computing.The practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer. Cloud computing is defined as a model for enabling readily available, convenient, on-demand network access to a shared pool of configurable computing resources. N I S T defines cloud computing, in N I S T S P-800-145 (The N I S T Definition of Cloud Computing), as follows:            “A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.”5.7 List and briefly define three cloud service models.1. Public Cloud: A public cloud represents a cloud computing infrastructure that is made accessible to the general public or a large industry group and is owned by an organization selling cloud services. The cloud provider is responsible for both the cloud infrastructure and the control of the data and operations within the cloud.2. Private Cloud: Unlike a public cloud, the private cloud is made accessible only for those who are members of that organization.3. Hybrid Cloud: A hybrid cloud may be a combination of public and private (or some other cloud model) where data being managed by either model can be easily ported between each managing organization.5.8 What is the cloud computing reference architecture?The NIST cloud computing reference architecture focuses on the requirements of “what” cloud services provide, not a “how to” design solution and implementation. The reference architecture is intended to facilitate the understanding of the operational intricacies in cloud computing. It does not represent the system architecture of a specific cloud computing system; instead it is a tool for describing, discussing, and developing a system-specific architecture using a common framework of reference.5.9 Describe some of the main cloud-specific security threats.Insecure interfaces and APIs: CPs expose a set of software interfaces or APIs that customers use to manage and interact with cloud services. The security and availability of general cloud services are dependent upon the security of these basic APIs. From authentication and access control to encryption and activity monitoring, these interfaces must be designed to protect against both accidental and malicious attempts to circumvent policy. Countermeasures include (1) analyzing the security model of CP interfaces; (2) ensuring that strong authentication and access controls are implemented in concert with encrypted transmission; and (3) understanding the dependency chain associated with the API.Malicious insiders: Under the cloud computing paradigm, an organization relinquishes direct control over many aspects of security and, in doing so, confers an unprecedented level of trust onto the CP. One grave concern is the risk of malicious insider activity. Cloud architectures necessitate certain roles that are extremely high risk. Examples include CP system administrators and managed security service providers.Abuse and nefarious use of cloud computing: For many Cloud Providers (CPs), it is relatively easy to register and begin using cloud services, some even offering free limited trial periods. This enables attackers to get inside the cloud to conduct various attacks, such as spamming, malicious code attacks, and denial of service. Platform-as-a-Service (PaaS) providers have traditionally suffered most from this kind of attacks; however, recent evidence shows that hackers have begun to target IaaS vendors as well. The burden is on the CP to protect against such attacks, but cloud service clients must monitor activity with respect to their data and resources to detect any malicious behavior. Countermeasures include (1) stricter initial registration and validation processes; (2) enhanced credit card fraud monitoring and coordination; (3) comprehensive introspection of customer network traffic; and (4) monitoring public blacklists for one’s own network blocks.sample answers sir

 

Our Service Charter

1. Professional & Expert Writers: Writing Expert only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Writing Expert are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Writing Expert is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Writing Expert, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.

Our Service Charter

1. Professional & Expert Writers: Writing Expert only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Writing Expert are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Writing Expert is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Writing Expert, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.

Menu
Free resources
 
Dissertation help
 
Email
support@writeship.com
Writingexpert.org ©2022 All rights reserved. Terms of use | Privacy Policy