Towards Multi-Layer Autonomic Isolation of Cloud Computing and Networking Resources

This paper describes a flexible approach to manage autonomically cloud resource isolation between different layers of an IaaS infrastructure, reconciling computing and network views. The corresponding framework overcomes fragmentation of security components and automates their administration by orchestrating different autonomic loops, vertically (between layers) and horizontally (between views).

[1]  Marc Lacoste,et al.  A Policy Management Framework for Self-Protection of Pervasive Systems , 2010, 2010 Sixth International Conference on Autonomic and Autonomous Systems.

[2]  Daniele Catteddu,et al.  Cloud Computing: Benefits, Risks and Recommendations for Information Security , 2009 .

[3]  Timothy Grance,et al.  Guidelines on Security and Privacy in Public Cloud Computing | NIST , 2012 .

[4]  Frank Gens,et al.  Cloud Computing Benefits, risks and recommendations for information security , 2010 .

[5]  Stefan Berger,et al.  Building a MAC-based security architecture for the Xen open-source hypervisor , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[6]  Peter A. Dinda,et al.  Towards Virtual Networks for Virtual Machine Grid Computing , 2004, Virtual Machine Research and Technology Symposium.

[7]  Amit A. Levy,et al.  Vanish: Increasing Data Privacy with Self-Destructing Data , 2009, USENIX Security Symposium.

[8]  Stefan Berger,et al.  TVDc: managing security in the trusted virtual datacenter , 2008, OPSR.

[9]  Farnam Jahanian,et al.  CloudAV: N-Version Antivirus in the Network Cloud , 2008, USENIX Security Symposium.

[10]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[11]  Daniele Sgandurra,et al.  Cloud Security Is Not (Just) Virtualization Security , 2009 .

[12]  Raouf Boutaba,et al.  Network virtualization: state of the art and research challenges , 2009, IEEE Communications Magazine.

[13]  Daniele Catteddu and Giles Hogben Cloud Computing. Benefits, risks and recommendations for information security , 2009 .

[14]  Sunay Tripathi,et al.  Crossbow: from hardware virtualized NICs to virtualized networks , 2009, VISA '09.

[15]  Claudia Eckert,et al.  A formal model for virtual machine introspection , 2009, VMSec '09.

[16]  J. Leneutre ASPF: A Policy Administration Framework for Self-Protection of Large-Scale Systems , 2010 .

[17]  T. Grance,et al.  SP 800-144. Guidelines on Security and Privacy in Public Cloud Computing , 2011 .

[18]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[19]  J. Rutkowska Qubes OS Architecture , 2010 .

[20]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.

[21]  Charles C. Palmer,et al.  Security in an autonomic computing environment , 2003, IBM Syst. J..

[22]  Xuxian Jiang,et al.  VIOLIN: Virtual Internetworking on Overlay Infrastructure , 2004, ISPA.

[23]  Jörg Schwenk,et al.  On Technical Security Issues in Cloud Computing , 2009, 2009 IEEE International Conference on Cloud Computing.

[24]  M. Lacoste,et al.  ASPF : A Policy Administration Framework for Self-Protection of Large-Scale Systems , 2011 .