A hybrid cloud architecture for secure service—measures against poodle vulnerability

Abstract

Cloud computing and its services are growing day by day in a real world scenario. In hybrid cloud architecture also, we have same service security threats like poodle (Padding Oracle on Downgraded Legacy Encryption) attack that will affect the SSL-based communication between client and server. If the connection between client and server is compromised, then it will be a serious issue for cloud users, which gives hackers more privilege and cause effect. POODLE will disconnect the SSL connections. In cloud, it is a open connectivity over the network from which we can access the resources for user requirement. Connection setup, recently everywhere used SSL. So, POODLE (This vulnerability discovered by Google Team at September 2014) will crack. So far, strong authentication in connection setup, server-side authentication should be in cloud. For sever-side keystone which is in OPENSTACK, for sever-side authentication. So, in this paper, mainly for SAAS (Secure as a Service), model for cloud environment.