Security Enforcement for Multi-Cloud Platforms - The Case of PaaSage

Abstract Multi-cloud adaptive application provisioning promises to solve the vendor lock-in problem and lead to optimizing the user re- quirements through the selection of the best from the great variety of services offered by cloud providers. As such, various research prototypes and platforms attempt to support this provisioning type. One major concern in using such platforms comes with respect to security in terms of improper access to user personal data and VMs as well as to platform services. To successfully address this concern, this paper proposes a novel model-driven approach and architecture able to secure multi-cloud platforms as well as enable users to have their own private space. Such a solution exploits state-of-the-art security standards and secure model manage- ment technology. This solution is able to cover different security scenarios involving external, web-based and programmatic user authentication.

[1]  Ning Wang,et al.  A Transparent Approach of Enabling SaaS Multi-tenancy in the Cloud , 2010, 2010 6th World Congress on Services.

[2]  Laurence Duchien,et al.  Cardinality-based feature models with constraints: a pragmatic approach , 2013, SPLC '13.

[3]  Keith G. Jeffery,et al.  Research information management: the CERIF approach , 2014, Int. J. Metadata Semant. Ontologies.

[4]  Srinath Perera,et al.  Multi-tenant SOA Middleware for Cloud Computing , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[5]  William J. Caelli,et al.  Mutual Protection in a Cloud Computing Environment , 2010, 2010 IEEE 12th International Conference on High Performance Computing and Communications (HPCC).

[6]  Jose M. Alcaraz Calero,et al.  Toward a Multi-Tenancy Authorization System for Cloud Services , 2010, IEEE Security & Privacy.

[7]  Dimitris Plexousakis,et al.  Multi-cloud Application Design through Cloud Service Composition , 2015, 2015 IEEE 8th International Conference on Cloud Computing.

[8]  Jörg Domaschka,et al.  D2.1.2 - CloudML Implementation Documentation - First version , 2014 .

[9]  Nils Gruschka,et al.  Security and Privacy-Enhancing Multicloud Architectures , 2013, IEEE Transactions on Dependable and Secure Computing.

[10]  Carlos Becker Westphall,et al.  Multi-Tenancy Authorization System with Federated Identity for Cloud-Based Environments Using Shibboleth , 2012, ICON 2012.

[11]  Jianxin Li,et al.  CyberGuarder: A virtualization security assurance architecture for green cloud computing , 2012, Future Gener. Comput. Syst..