Investigating security issues in OpenStack

Project Information

Discipline

Computer Science (401) 

Orientation

Research 

Security and Privacy issues has always been top concerns people have for cloud computing. In this project, we will look into the source code of popular cloud computing software like OpenStack and try to identify potential security and privacy problems and its implications. We will either directly provide fix or suggest potential defensive methods for any problem found.

Try to identify security and privacy issues and provide fixes (guild lines for fixes) for popular open-source cloud computing software.

Given the wide adoption of popular open source cloud computing software in both private cloud and public cloud environment, any security and privacy issues existing in those software will have a huge impact on users IT infrastructure. We will try to submit security patches to related open-source projects for any problem found and also try to submit any valuable and novel findings to computer security conference.

Project Contact

Project Lead

Yangyi Chen (yangchen) 

Project Manager

Yangyi Chen (yangchen) 

Project Members

Xiaorui Pan, Sumayah Alrwais  

Resource Requirements

Hardware Systems

• alamo (Dell optiplex at TACC)
• foxtrot (IBM iDataPlex at UF)
• hotel (IBM iDataPlex at U Chicago)
• india (IBM iDataPlex at IU)
• sierra (IBM iDataPlex at SDSC)
• xray (Cray XM5 at IU)
• bravo (large memory machine at IU)
• delta (GPU Cloud)

 

We plan to have our own OpenStack deployment on FutureGrid, it can be deployed inside VMs or on bare metal nodes if possible.

If possible, provision several large VMs (5~10) with ~16 cores and ~16G memory. Or provision many small VMs (30-50) with ~4cores and ~8G memory.

Project Timeline

Submitted

04/10/2014 - 11:54