Investigating security issues in OpenStack
Abstract
Security and Privacy issues has always been top concerns people have for cloud computing. In this project, we will look into the source code of popular cloud computing software like OpenStack and try to identify potential security and privacy problems and its implications. We will either directly provide fix or suggest potential defensive methods for any problem found.
Intellectual Merit
Try to identify security and privacy issues and provide fixes (guild lines for fixes) for popular open-source cloud computing software.
Broader Impact
Given the wide adoption of popular open source cloud computing software in both private cloud and public cloud environment, any security and privacy issues existing in those software will have a huge impact on users IT infrastructure. We will try to submit security patches to related open-source projects for any problem found and also try to submit any valuable and novel findings to computer security conference.
Use of FutureGrid
We plan to have our own OpenStack deployment on FutureGrid, it can be deployed inside VMs or on bare metal nodes if possible.
Scale Of Use
If possible, provision several large VMs (5~10) with ~16 cores and ~16G memory. Or provision many small VMs (30-50) with ~4cores and ~8G memory.