HYBRID SECURE MOBILE CLOUD COMPUTING MODEL
FOR THE SERVICES OF COLLEGE OF GRADUATE STUDIES
ZuhraB. M. Elfurgani (Matric No. 3140013)
Thesis submitted in fulfilment for the degree of MASTER OF COMPUTER SCIENCE
INFORMATION SECURITY AND ASSURANCE
Faculty of Science and Technology
UNIVERSITI SAINS ISLAM MALAYISA Nilai
February 2018
1
AUTHOR DECLARATION
, _ýýtºý,
I hereby declare that the work in this thesis is my own except for quotation and summaries which have been duly acknowledged.
Date: Feb 14,2018 Signature:
Name: Zulira B. M. Elfurgani Matric No: 3140013
Address: Kajang, Malaysia
ii
Biodata of Author
Zuhra B. M. Elfurgani (3140013) was born on may 18,1973 in Tripoli. Libya. She's passport number is (L5RGKNZR). Her previously was a student at University of AL- mergheb/LIBYA and obtained her Bachelor Degree in Electrical &computer Eng
. field of computer. Currently, She is a Master student of Faculty of Science and Technology at Universiti Sains Islam Malayisa majoring in Information Security and Assurance.
III
DEDICATION
This work is dedicated, with love, to my husband, Osama, who sacrificed so much time and effort and to my children: Aseel, Areej, Hasan and All for their patience and moral support and so many wonderful things.
iv
ACKNOWLEDGMENTS
114ýYýý0, ýoý:
_. "IA
tý_
ýJ-, . 1-ý9First and foremost, all praise and deep thanks is due to Allah. who has given me patience, strength and knowledge to continue and finish this work.
From the depths of my heart, I wish to acknowledge those who have contributed to
making this work a reality. So, a special acknowledgement goes to Associate Prof Dr Ismail Abdullah, my supervisor for providing me with insightful feedback, with his enthusiasm, inspiration, expertise, patience and great efforts to explain everything
clearly and simply throughout the process of writing this work.
I would like to express my appreciation to Dr. Mohd Zalisham . tali, who has cheerfully answered my queries, provided me advices and helpfully commented on my of this project. I am very grateful to his.
I would also like to thank professors evaluators and experts DR. Nai\w a Havaati , Dr.
Sundresan Perumal. Dr. Aini Ilaslizan Abhalm. Dr. Faraida Hazwani, and Dr. Fauiiah Abdul \Vahid.
For their suggestions, guidance and support, And they gave me of their time and effort Thanking them for their cooperation.
Not forgotten to say big thanks to my course mates student of the FST PhD and Master To answer them with all transparency and honesty to the questionnaire.
\I
ABSTRAK
Pengkomputeran awan mudah alih menawarkan banyak kelebihan bagi organisasi dan pengguna kerana ketersediaan perkhidmatan pada bila-bila masa dan dari mana saja, pengurangkan kos pengedaran sistem maklumat yang diedarkan, dan menjimatkan usaha dan masa yang diperlukan oleh pengguna untuk mendapatkan perkhidmatan.
Keselamatan perkhidmatan pengkomputeran awan mudah alih merupakancabaran utama yang dihadapi oleh pengamal dan pengguna perkhidmatan mi. Matlamat utama penyelidikan ini adalah untuk mencadangkan model pengkomputeran awan mudah alih yang selamat berdasarkan pendekatan pembangunan hibrid bagi pihak universiti meningkatkan keberkesanan perkhidmatan yang disediakan olehnya dan memastikan tahap keselamatan pengkomputeran awan mudah alihnya berkesan. Untuk mencapaimatlamat ini, tiga objektif penyelidikan telah ditetapkan iaitu (1) untuk mengenal pasti kaedah dan proses keselamatan yang paling berkesan untuk meningkatkan prestasi keselarnatan pengkomputeran awan mudah alih, (2) untuk mengkaji kepentingan dan cabaran yang dihadapi olehkeselamatan pengkomputeran awan mudah alih di persekitaran universiti, dan (3) mengkaji pemboleh ubah berkaitan, komponen, dan kaedah keselamatan yang diperlukan untuk membina model yang dicadangkan. Kajian literatur telah dijalankan untuk mencapai objektif penyelidikan pertama. Satu kaji selidik telah dijalankan dengan 38 orang pelajar dari Universiti USIM bagi mencapai objektif penyelidikan kedua. Satu temu bual dengan tiga orang pakar dalam bidang keselamatan sistem maklumat telah dijalankan untuk menangani objektif penyelidikan ketiga. Penemuan pengesahan menunjukkan bahawa struktur, kaedah keselamatan yang dicadangkan, dan komponen model yang dicadangkan berguna untuk menjamin keselamatan perkhidmatan pengkomputeran awan mudah alih di universiti. Model yang dicadangkan dapat mengisi kekurangan dalam bidang pembangunan keselarnatan model pengkomputeran awan mudah alihbagi perkhidmatan yang disediakan di universiti. Model yang dicadangkan juga boleh menggalakkan pihak universiti menggunakan perkhidmatan pengkomputeran awan mudah alih, dan menggalakkan para pelajar menggunakan perkhidmatan tersebut.
vi
ABSTRACT
Mobile cloud computing offer many advantages for organizations and users such as availability of services in anytime and from anywhere, reduce the costs of distributed
information systems, and save the users efforts and time the required to accomplish the services. The public services security of mobile cloud computing represents the main challenges of adopts and uses these services. The main aim of this research is to propose a secure mobile cloud computing model based on hybrid development approach for universities' in order to enhance the effectiveness of services provided by university and to ensure an effective mobile cloud computing security level. To
address this aim, three main research objectives are formulated; 1) to identify the most applicable security methods and processes to increase the security performance of mobile cloud computing, (2) to study the important and challenges that face the security of mobile cloud computing according to university environment, and (3) to study the related variables, components, and security methods that needed to construct the proposed model. The literature review was conducted to address the first research
objective. A questionnaire survey with 38 students from USIM University was conducted to address the second research objective. An interview with three experts in infonnation system security was conducted to address the third research objective.
The validation findings show that the structure, the proposed security methods, and the components of the proposed model are useful to secure the mobile cloud computing services in the university. The proposed model fill important research gap which is the lack of the development of security cloud computing model for university services. The proposed model could encourage the university to adopt the mobile cloud computing services, and encourages the students to use these services.
vii
%. 1,
a"IA°-; L roJ U L: äl
ý. ý °
a-ý ýe ýti, o.. lýc. ti,., i, ý
ý ýýr 1-`ý" ° r, ýýo lý ý WtCý
Irý-' .ýý
ý--ý'
ý'-° .. li Ieýý,, ` L. ý
`jý yýa e ý?
Ja
ýýýý. ý.,,.; 11 I .ýL.. lh-ý I : a. 'ls,;; ý. 1 ý,,: Lý.... ýIä..,..
ý vtiL ýu L. ýIý Lq.. l> I ý,, o I
yý.;: e. .ýl, o. Ü iý lY iý
. ýý ýoý I
LIZ .: LA
ýýýe LaLw
äLi, l. l ý lý JI
---`... -
J_., Z. ýcJ 1J ý L,
c3 -t
ýý
(l
ýý, ;äs,-"i-"
>jaý ýl
cý ýI
ýLs ýýI ý, "ýýý . Jý, c. >hýý. la cý1211 ýIý ýýýeýl ä. l, ý ý3ý ý cä, colýý ýý Lý lö 38
l, ý 'ýI
iý , -ý' . r-Oý ý't iýJý-ý- 4iý 1c... a 4ý. +ýu ý.. ý_>rýa , ý1.. ýý ý. ýý
... i.. li =ý>ýu.
výý --I : u. o lý- "ý
L, ýJ as
JI :
ý. ý. ý ý
... c-
ý"ý,.
4r... o
ýI ýJ 1,... lJcý 0....,:.. ý' I
4. r
Lh.,.. J
ý g, _,,., oTýý ýT
l'-ý°'ý' a.. l. r- ýý ä.
o Lz
Lý Cýv--. ."L
o.. lA I li<: -I
...: ý L..
_ý ý
N'lll
TABLE OF CONTENTS
Contents
AUTHOR DECLARATION BIODATA OF AUTHOR
DEDICATION
ACKNOWLEDGMENTS ABSTRAK
ABSTRACT
MULAKHAS AL-BAHTH CONTENT PAGE
LIST OF TABLES LIST OF FIGURES
LIST OF APPENDICES
CHAPTER I: INTRODUCTION 1.1 Introduction
1.2 Problem Statement
1.3 Research Main Objectives
1.3.1 Research Sub Objectives and Questions 1.4 Research Directions and Approaches
1.5 Research Scope
1.6 Research Significance 1.7 Thesis Structure
CHAPTER II: LITERATURE REVIEW 2.1 Introduction
2.2 Overview of Cloud Computing
2.2.1 Cloud Computing Services
2.2.2 Deployment Approaches of Cloud Computing 2.2.3 Importance of Cloud Computing
2.2.4 Limitations of Cloud Computing 2.3 Overview of Mobile Computing
2.4 Mobile Cloud Computing
2.5 Security of Mobile Cloud Computing 2.5.1 Cloud Security
2.5.2 Users Mobile Security
2.6 Related Works of Mobile Cloud Computing Security 2.6.1 Discussion of Related Works
2.7 Related Models of Cloud Computing for Universities 2.7.1 A Federation Model for Higher Education
2.7.2 Cooperative Cloud Computing Model 2.7.3 A Service Computing Model
2.7.4Discussion of Related Models 2.8 Research Gap
2.9 Chapter Summary
CHAPTER 111: RESEARCH METHODOLOGY 3.1 Introduction
3.2 Research Case Study
3.3 Overview of the Research Methodology
Page
ii vi
V vi vii viii
x xi xii
4 6 7 8 11
11 12 14 14 16 19 21 23 26 28 30 32 33 34 35 39 41 42
44 45 46 48 49 50 50 50 52
3.4 Research Methodology Design and Processes 3.4.1 Preliminary Phase
3.4.2 Review Phase
3.4.3 Data Collection Phase 3.4.4 Development Phase
3.4.5Validation Phase 3.5 Chapter Summary
CHAPTER IV: DATA ANALYSIS 4.1
4.2
4.3
Introduction
Analysis of Questionnaire Data 4.2.1 Questionnaire Reliability
4.2.2 Analysis of Demographic Data 4.2.3 Descriptive Analysis
4.2.4 Correlation Test
4.2.5 Summary of Questionnaire analysis Analysis of Interview Data
4.3.1 Challenges of current information system in the university 4.3.2 Services based on mobile cloud computing
4.3.3 Security of mobile cloud computing services 4.4 Chapter Summary
CHAPTER V: DEVELOPMENT AND VALIDATION OF THE PROPOSED 5.1
5.2 5.3
5.4
5 .5
MODEL Introduction
Proposed Environment of Security Model of Mobile Cloud Computing
Development of the Proposed Security Model of Mobile Cloud Computing
Proposed Model Validation Chapter Summary
CHAPTER VI: CONCLUSION AND FUTURE WORKS 6.1
6.2 6.3 6.4 6.5 6.6
Introduction
Research Summary
Research Contributions Research Implications
Research Limitations Future Works
BIBLIOGRAPHY APPENDICES
Ix
53
57 59 60 67 68 69 70 70 71 72 72 78 87 88 89 90
91 93 95 97 96
98 100 107 108 110 110 110 114 115 116
117 118 121
x
LIST OF TABLES
Table 1.1: Research Directions and Approaches 10
Table 2.1: Security methods according to mobile cloud layers 40
Table 2.2: Security methods according to Security Kinds 41
Table 2.3: Models Summary 47
Table 3.1: Questionnaire Parts 61
Table 3.2: Sampling Rates 61
Table 3.3: Criterion degree for each level of answers 63
Table 4.1: Questionnaire Main Parts 71
Table 4.2: Questionnaire Reliability 72
Table 4.3: Responses Agreement Level based on Means Intervals 79 Table 4.4: Descriptive analysis of the challenges of current information system 80 Table 4.5: Descriptive analysis of the importance of mobile cloud computing 83 Table 4.6: Descriptive analysis of the security of mobile cloud computing 86
services
Table 4.7: Correlation Test
Table 4.8: Main security activities of mobile cloud computing
RR 94 Table 5.1: Main security activities of mobile cloud computing 103
LIST OF FIGURES Figure 2.1:
Figure 2.2:
Figure 2.3:
Figure 2.4:
Figure 2.5:
Figure 2.6:
Figure 2.7:
Figure 2.8:
Figure 2.9:
Figure 2.10:
Figure 2.11:
Figure 2.12:
Figure 3.1:
Figure 3.2:
Figure 4.1:
Figure 4.2:
Figure 4.3:
Figure 4.4:
Figure 4.5:
Figure 4.6:
General Structure of Literature Review Cloud Computing History
Services of Cloud computing
deployment Approaches of Cloud Computing Advantages of Cloud Computing
Cloud computing Limitations
Main architecture of Mobile Cloud Computing Processes of Bahar et al., (2013) Work
Proposed method of Rassan and Al Shaher (2013) FME based on Hybrid Cloud
CCCM Components SCM Architecture
Research Methodology Design
Development Sources of Proposed Models Gender of Respondents
Computer skills
Proficiency of mobile application use
Hours spent in using smart phones applications Purpose of using mobile applications
Number of owned mobile devices Figure 5.1: Environment of Proposed Model Figure 5.2: Proposed SMCCM
xi
15 18 21 23 26 28 31 36 39 43 44 46 56 68 73 74 75 76 77 78 99 106
X11
LIST OF APPENDICES
APPENDICES Page
Appendix A: The Questionnaire 121
Appendix B: The Interview 125
Appendix C: Validation Interview 130
Appendix D: List of Publications 132
