Integrating Security Services in Cloud Service Stores

Protecting systems, applications and data hosted on a Cloud environment against cyber-threats, and accounting for security incidents across the Cloud estate are prerequisites to Cloud adoption by business, and a fundamental element of both national and corporate cyber-security and Cloud strategies. Yet, Cloud IaaS and PaaS providers typically hold Cloud consumers accountable for protecting their applications, while Cloud users often find that protecting their proprietary system, application and data stacks on public or hybrid Cloud environments can be complex, expensive and time-consuming. In this paper we describe a novel Cloud-based security management solution that empowers Cloud consumers to protect their systems, applications and data in the Cloud, whilst also improving the control and visibility of their Cloud security operations. This is achieved by enhancing the security policy management of commercial technologies, and via their integration with multiple Cloud-based hosts and applications. The result of this integration is then offered as a re-usable service across multiple Cloud platforms through a Cloud service store.

[1]  Ahmed Patel,et al.  An intrusion detection and prevention system in cloud computing: A systematic review , 2013, J. Netw. Comput. Appl..

[2]  Daan Broeder,et al.  A data infrastructure reference model with applications: towards realization of a ScienceTube vision with a data replication service , 2013, Journal of Internet Services and Applications.

[3]  Zhi Li,et al.  Cloud computing risk assessment method based on game theory , 2015 .

[4]  Eduardo B. Fernández,et al.  An analysis of security issues for cloud computing , 2013, Journal of Internet Services and Applications.

[5]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[6]  Wolfgang Ziegler,et al.  Towards a Contextualization Solution for Cloud Platform Services , 2011, 2011 IEEE Third International Conference on Cloud Computing Technology and Science.

[7]  Kamalrulnizam Abu Bakar,et al.  Distributed Intrusion Detection in Clouds Using Mobile Agents , 2009, 2009 Third International Conference on Advanced Engineering Computing and Applications in Sciences.

[8]  Johan Tordsson,et al.  Runtime Virtual Machine Recontextualization for Clouds , 2012, Euro-Par Workshops.

[9]  Tim Storer,et al.  Cloud Security Challenges: Investigating Policies, Standards, And Guidelines In A Fortune 500 Organization , 2013, ECIS.

[10]  Al-Sakib Khan Pathan,et al.  IDPS: An Integrated Intrusion Handling Model for Cloud , 2012, ArXiv.

[11]  Ryan K. L. Ko,et al.  Cloud computing vulnerability incidents: a statistical overview , 2013 .

[12]  Xiaohong Yuan,et al.  Cloud computing and security challenges , 2012, ACM-SE '12.

[13]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..