论文信息 - A new agent based security framework for collaborative cloud environment

A new agent based security framework for collaborative cloud environment

With the increasing adoption of cloud technologies, the concern regarding the security of the deployed environment is gaining importance. Vulnerabilities are often added to the virtual machines (VM) without the knowledge of the user due to the dynamics of the cloud technologies. The situation becomes worse when applications are deployed in a collaborative manner. To support collaboration user must allow inbound traffics to its own VM from VMs of other Cloud Service Users (CSU). The usage of Security Groups (SG) has been introduced by cloud service provider to control the inbound traffic. This often leads to certain vulnerabilities in the system. In this paper, an agent based security framework is proposed for providing multilevel security for a collaborative cloud deployment. A secure communication protocol is also proposed for communication among the nontrusted groups. This can be used by the agents to control access between two VMs belonging to the same domain or in two different security groups. The proposed framework ensures that the trust-level of an entire domain does not fall due to malicious activities of only a small minority of members. The trust value of each member changes dynamically depending on its behavior.

Nandini Mukherjee | Nabendu Chaki | Sunirmal Khatua

[1] Cynthia A. Phillips,et al. A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[2] Somesh Jha,et al. Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[3] Rituparna Chaki,et al. HIDS: Honesty-Rate Based Collaborative Intrusion Detection System for Mobile Ad-Hoc Networks , 2008, 2008 7th Computer Information Systems and Industrial Management Applications.

[4] Jeannette M. Wing,et al. Tools for Generating and Analyzing Attack Graphs , 2003, FMCO.

[5] Cyril Onwubiko,et al. Security Issues to Cloud Computing , 2010, Cloud Computing.

[6] Harit Shah,et al. Security Issues on Cloud Computing , 2013, ArXiv.

[7] Dimitrios Pendarakis,et al. Security audits of multi-tier virtual infrastructures in public infrastructure clouds , 2010, CCSW '10.

[8] Kai Miao,et al. A Simple Technique for Securing Data at Rest Stored in a Computing Cloud , 2009, CloudCom.

[9] Antonio Puliafito,et al. An Approach to Enable Cloud Service Providers to Arrange IaaS, PaaS, and Saas Using External Virtualization Infrastructures , 2011, 2011 IEEE World Congress on Services.

[10] Sugata Sanyal,et al. A New Trusted and Collaborative Agent Based Approach for Ensuring Cloud Security , 2011, ArXiv.

[11] Lingdi Ping,et al. Trust Model to Enhance Security and Interoperability of Cloud Environment , 2009, CloudCom.