An advanced security-aware Cloud architecture

Nowadays, Cloud offers many interesting features such as on-demand and pay-as-you-go resources, but induces new security problems in case a company wants to outsource its critical services. But since Clouds are shared between multiple tenants, both applications and execution environments need to be secured consistently in order to avoid possible attacks from malicious tenants. Moreover, if a large range of security mechanisms can improve the Cloud security, the configuration of those mechanisms to guarantee a global security property remains an open problem. Nowadays Clouds solutions lack two key features in order to realize it: an easy expression of security requirements and an actual enforcement of those requirements. This paper describes an overall architecture providing those features and an experiment run in order to demonstrate its validity. Our solution includes a language, a distribution engine and a security enforcement agent. The language eases the definition of the security properties required to plug an application into a Cloud. The distribution engine computes the sub-properties related to the different resources that must be deployed into the Cloud and coordinates the different enforcement agents associated to the provisioned resources. Our use-case addresses private hosting of customer data into the Cloud. The implementation and experiments show that the global security requirements (authentication and confidentiality) are satisfied when the application is scheduled within virtual machines and shared resources.

[1]  Ravi S. Sandhu,et al.  Towards a discipline of mission-aware cloud computing , 2010, CCSW '10.

[2]  Francesco Tiezzi,et al.  Formalisation and Implementation of the XACML Access Control Mechanism , 2012, ESSoS.

[3]  Michael Carl Tschantz,et al.  Verification and change-impact analysis of access-control policies , 2005, Proceedings. 27th International Conference on Software Engineering, 2005. ICSE 2005..

[4]  Trent Jaeger,et al.  Outlook: Cloudy with a Chance of Security Challenges and Improvements , 2010, IEEE Security & Privacy.

[5]  Tim Moses,et al.  EXtensible Access Control Markup Language (XACML) version 1 , 2003 .

[6]  Felix Klaedtke,et al.  Monitoring security policies with metric first-order temporal logic , 2010, SACMAT '10.

[7]  Salvatore J. Stolfo,et al.  The MEERKATS Cloud Security Architecture , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[8]  Tao Xie,et al.  Conformance Checking of Access Control Policies Specified in XACML , 2007, 31st Annual International Computer Software and Applications Conference (COMPSAC 2007).

[9]  Crispin Cowan,et al.  Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[10]  David A. Basin,et al.  A decade of model-driven security , 2011, SACMAT '11.

[11]  Felix Klaedtke,et al.  Policy Monitoring in First-Order Temporal Logic , 2010, CAV.

[12]  Bill McCarty,et al.  Selinux: NSA's Open Source Security Enhanced Linux , 2004 .

[13]  Bill MacCarty,et al.  SELinux - NSA's open source security enhanced linux: beating the o-day vulnerability threat , 2005 .