Presented by: ABHISHEK ANAND SAMBIT KR.

SAHOO SHAHSI KUMAR VIBHUTI BHUSHAN VIVEK RANJAN B080264CS B080322CS B080442CS B080487CS B080572CS

Mobile cloud computing could be defined as the availability of cloud computing services in a mobile ecosystem. This incorporates many elements including consumer, enterprise, transcoding, end to end security, home gateways and mobile broadband enabled services. Also since the terms mobile and wireless are used interchangeably, as Mobile anywhere anytime and wireless is without wires. Thus mobile is wireless. Hence, Mobile Cloud Computing essentially means Anywhere anytime secure data access .

A mechanism to authenticate weblets belonging to the same application and user to each other. This is especially important when they are running on different platforms. Authentication is the prerequisite to building secure communication between weblets.

mobile application can consist of one or more weblets, which function independently, but communicate with each other. When the application is launched, an application manager running on the device monitors the resource requirements of the weblets of the application , and make decisions where they should be launched.

Image and video processing usually strain the processors of mobile devices, therefore they can be launched on one or more platforms in the cloud; while User Interface components (UI) or those needing extensive access to local data may be launched on the device. In very general scenarios, the application manager can also make decisions about migrating running weblets from the device to cloud, or from cloud to device, according to changes in computing constraints on the device or changes in user preferences.

When a user downloads and installs an application, the integrity of all weblets are verified by the installer of the device by re-computing and comparing their hashes and with those in the bundle. After successful integrity verification, the installer registers the application with the DM(Device Manager). The DM maintains a table of installed applications on the device which need device application manager support, each with detailed information of weblets including signed hash values and migration settings.

Whenever an elastic application wants to launch a weblet or any UI component invoked by the user, it first connects to the DM, which decides where to launch the weblet. DM generates a pair of weblet session keys (wsk) and a secret (wss) for the application if this is the first weblet to be launched. These are shared by all weblets during a single session.

When DM decides to launch a weblet in local device, it executes the installed weblet function with LaunchWeblet ( localhost,wid,wss,wsk). Upon invoking, the weblet ,construction method records wid, wsk, and wss into its member variables. The weblet returns a valid URL endpoint which is used to communicate with other weblets with http(s). DM then updates a weblet table which records the active weblets URL, wid, and wsk

If DM decides to launch a weblet in a cloud, it calls the CFI(cloud fabric interface)s web method LaunchWeblet (cfi , wid,wsk,wss). This method has to be done with https as it transfers a session secret wss. Based on its service logic, the CFI queries its cloud manger and decides on which cloud node the weblet will be loaded. The corresponding weblet is either installed in the application manager of CS, or download from the URL provided by DM . Once this is decided, CFI call the targetnode managers LaunchWeblet (nodeid, wid, wsk, wss), again with https as it goes via public Internet.

The node manager executes weblet binaries provided by the application manager of the CS, similar to launching a weblet by the DM locally. The successfully launched weblet returns a valid URL endpoint to the node manager, which in turn is passed back to CFI and DM. DM updates the weblet table with returned result. Before updating, DM verifies if the WebletOK message is generated by the launched weblet,by checking the HMAC(Hash-based Message Authentication Code) value with wss.

A local weblet can query DM to obtain the list of all active weblets in the same session by call DEM::GetWeblet( wsk).DM returns the URLs of all weblets by querying the table. The local weblet can broadcast the URLs to any other weblet that needs to communicate. Interfaces of a weblet invoke another weblets method or receive a call from another weblet.

Specifically, when calling, the calling weblet generates a nonce, and creates a HMAC value by calculating all parameters with the nonce, its own wid, the target wid, and its own wss. When responding to a call, the weblet first verifies the HMAC with its wss, and processes the request if successes; otherwise, it denies the calling.

There are 2 main categories of mobile app risks. The category of Malicious Functionality is a list of unwanted and dangerous behaviors that are stealthily placed in a Trojan app that the user is tricked into installing. The user thinks they are installing a game or utility and instead get hidden spyware, phishing UI, or unauthorized premium dialing.

Activity monitoring and data retrieval Unauthorized dialing, SMS, and payments Unauthorized network connectivity (exfiltration or command & control) UI Impersonation System modification (rootkit, APN proxy config) Logic or Time bomb

 The

category of Vulnerabilities are errors in design or implementation that expose the mobile device data to interception and retrieval by attackers. Vulnerabilities can also expose the mobile device or the cloud applications used from the device to unauthorized access.

Sensitive data leakage (inadvertent or side channel) Unsafe sensitive data storage Unsafe sensitive data transmission Hardcoded password/keys

Is a licence required to offer Cloud Computing services? Ans:Despite the lack of specific regulation, in certain jurisdictions the provision of Cloud

Computing services will require the supplier to obtain a licence. For example, in China The provision of SaaS, PaaS or IaaS services will require the supplier to obtain a Type

Contractual

How is Cloud Computing currently regulated? Cloud Computing is not currently subject to specific regulation. However, customers and suppliers of Cloud Computing may be potentially subject to a range of laws: for example, data protection legislation (please see below) and any relevant industry sector regulations (e.g. financial services and healthcare).

Complication
The situation may be further complicated where Cloud Computing services are 'bundled' with other services, such as internet connection, as such other services may be subject to specific regulatory and/or licensing requirements. Storing and processing customer data at remote data centres gives rise to potentially complex data protection issues which need to be addressed in order to avoid customers and suppliers breaching applicable regulations.

Data Export Restrictions: in many jurisdictions the export of data to other jurisdictions is prohibited or subject to onerous restrictions; Monitoring Data Handling Regulated Industries: customers operating in regulated industries such as financial services or healthcare may be subject to even more stringent data . Protection obligations given the financial value or sensitivity of data such as bank details and medical records; Multiple Jurisdictions.