Security Architecture for Federated Mobile Cloud Computing

Mobile cloud computing systems are getting increasingly popular because they can facilitate many new applications, such as opportunistic social computing by smartphone users who happen to be at a scene of importance (e.g., disaster rescue), while possibly uploading compute-heavy tasks to the resource-rich clouds. Federated mobile cloud computing further allows to coordinate and optimize the services to mobile users of different clouds. Accompanying the great deal of opportunities it brings up, federated mobile cloud computing imposes a diverse set of new challenges, especially from a security perspective because the defender needs to cope with a large spectrum of attacks. Example security questions are: How should we better deal with the new dimension of threats that are caused by that smartphones run a huge population of untrusted third-party applications (apps)? How should we monitor the mobile clouds for security purposes? How should we deal with the targeted attackers that attempt to launch attacks against the various credentials used for authentication purposes (e.g., banking)? How should we enhance the privacy of users when a malware breaks into their smartphone (e.g., records of location information?) How should the federated mobile clouds share security information and possibly coordinate their defense activities? In this chapter, we explore the threat model against, and security requirements of, federated mobile clouds computing. We then propose and investigate a comprehensive security architecture, which can seamlessly integrate a set of novel security mechanisms that are tailored to satisfy the security needs of federated mobile cloud computing. Shouhuai Xu Department of Computer Science, University of Texas at San Antonio, One UTSA Circle, San Antonio, TX 78249, e-mail: [email protected] E. Paul Ratazzi Information Directorate, Air Force Research Laboratory, Rome, NY 13441, e-mail: edward.