Embedding security and privacy into the development and operation of cloud applications and services

This paper introduces an approach allowing cloud application developers, service providers to consider security and privacy requirements across the application lifecycle. Specifically, a DevOps framework has been described that took into account several emerging technologies such as Network Functions Virtualization (NFV) and Microservice Pattern Design. As an illustration, a proof-of-concept application in the healthcare domain is presented to support such direction.

[1]  Carol J. Fung,et al.  VGuard: A distributed denial of service attack mitigation method using network function virtualization , 2015, 2015 11th International Conference on Network and Service Management (CNSM).

[2]  Otto Carlos Muniz Bandeira Duarte,et al.  Providing elasticity to intrusion detection systems in virtualized Software Defined Networks , 2015, 2015 IEEE International Conference on Communications (ICC).

[3]  Guofei Gu,et al.  CloudWatcher: Network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?) , 2012, 2012 20th IEEE International Conference on Network Protocols (ICNP).

[4]  Stefan Covaci,et al.  An Integrated Access Control Service Enabler for Cloud Applications , 2015, FNSS.

[5]  Basil S. Maglaris,et al.  Policy-based orchestration of NFV services in Software-Defined Networks , 2015, Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft).