الفهرس 
Cloud System DescriptionOnly 14 pages are availabe for public view
 |  | from | 111 |  |  |
| | | from | 111 | | |
Abstract
Thesis summary
Cloud computing is a new emerging technology which provides a lot of services and resources via public networks. The cloud it self is a set of hardware, networks, storage, services and interfaces that enable the delivery of cloud computing services and resources according to users demand. Cloud services can be introduced in different forms including the delivery of software, platform and infrastructure based on user demands and requests. The delivery of these services and resources via public networks is organized and controlled by different cloud models according to the requests and demands of each model. Cloud model may be public, hybrid, private and community model each differ in configuration and number of users. However the great benefits from adopting cloud computing, as a new emerging technology and efficient tool on business growth and development, security challenges that faces cloud computing as a new technology which may hinder the spread of this new technology.
Security challenge is one of the most effective and significant challenges for cloud computing that hinder the cloud performance and resources availability. Many forms of security attacks and breaches can occur during cloud computing activities that must be considered during system design and implementation. Authentication protocol is one of the most security protocols that must be considered in designing security architecture for cloud environment.
The thesis contribution can be summed in two major points, the description and analysis of different security breaches and attacks that may violates cloud environment and hinder its performance. The other point is the security protocols that may be used to counter these attacks and breaches. In this thesis an authentication scheme is proposed using elliptic curve to authenticate users with authentication server at the edge of the cloud.
A handshake transmitted messages between the server and the user at the beginning of authentication process which are encrypted with AES-256 are used to protect against different attacks.
The proposed scheme is compared with another authentication scheme, that proposed in 2014 that uses a modified Diffie Hellman as authentication protocol, with the concept of two agents. The proposed scheme uses Elliptic Curve Diffie Hellman protocol for authentication due to its smaller key size compared to Diffie Hellman&RSA at the same time the proposed model countermeasures the attacks violate the other protocol using modified Diffie Hellman. The thesis introduces also a verification tool called scyther that is designed to formally analyze security protocols according to their security requirements and potential vulnerabilities. The main reason of using scyther as a verification tool that it can provide many attack traces compared to other verification tools that provide single attack trace. Security requirements for the proposed security protocol are discussed in the last part of the thesis to show how the proposed scheme fulfills these requirements.