Ki-Ngā-Kōpuku: a Decentralised, Distributed Security Model for Cloud Computing

Ahmed, Monjur
Litchfield, Alan T
Cusack, Brian
Item type
Degree name
Doctor of Philosophy
Journal Title
Journal ISSN
Volume Title
Auckland University of Technology

The research proposes a decentralised and distributed security model for Cloud Computing in the form of a development framework. The distributed nature of Cloud infrastructure makes it a very complex one. This research examines whether the distributed nature of Cloud resources is a contributing factor for secured Cloud Computing. The research also seeks answer to whether a decentralised and distributed approach for the distributed Cloud resources is more credible than a centralised approach. The proposed security model is named Ki-Ngā-Kōpuku.

To present Ki-Ngā-Kōpuku, the concept and definition of Cloud Computing is explored. State-of-the-art Cloud Computing security and security models have also been explored, with a specific focus on finding the worthiness of conducting research for a decentralised and distributed Cloud security model. The focus is also on finding Cloud security models that are distributed in nature. Design Science Research is determined as the research methodology for the conducted research, which is aided by Formal Methods for validation. Formulation of research questions and hypotheses as well as approaches to test the hypotheses are addressed in discussing the methodology. An adapted Design Science Research framework is used with three main stages: Problem Identification, Solution Design and Evaluation. In Problem Identification, literature review leads to formulate research questions that leads to design the artefacts in Solution Design stage. The Evaluation stage of Design Science Research then helps to validate the design artefacts where formal methods are used as validation tool within the adapted Design Science Research framework.

Ki-Ngā-Kōpuku outlines a security model in the form of a software development framework. It consists of a reference architecture and an associated security mechanism. It provides a means to secure an application such that an application cannot be taken down resulting in service unavailability. Ki-Ngā-Kōpuku does so by dividing an application into several parts and randomly distributing the parts into random Cloud servers, thus making the application distributed as well as decentralised. The distinct features of Ki-Ngā-Kōpuku are being distributed and decentralised by means of redundancy that results in having no single point of failure and makes it a self-healing system. The problem is then defined and the specifications of the proposed security model are outlined. Software Requirements Specifications and the framework perspective Software Requirements Specifications for Ki-Ngā-Kōpuku form part of the problem analysis. The system architecture based on the specification is then developed followed by discussion on the associated security mechanism.

The proof of concept is done through logical validation and logical simulation. Validation of various aspects of the proposed security model is done by logical modelling. Formal methods and logical reasoning are used to establish the logical validation of the system. Finally, the analysis and discussion of the research findings are noted. Possible future developments and enhancement of the proposed security model forms major part of the concluding discussion.

Cloud Computing , Cloud Computing Security , Cloud Security Model , Cloud Security , Decentralised Cloud Security , Distributed Security Model
Publisher's version
Rights statement