An Advanced Security-Aware Cloud Architecture

Abstract : Nowadays, Cloud offers many interesting features such as on-demand and pay-as-you-go resources, but induces new security problems in case a company wants to outsource its critical services. But since Clouds are shared between multiple tenants, both applications and execution environments need to be secured consistently in order to avoid possible attacks from malicious tenants. Moreover, if a large range of security mechanisms can improve the Cloud security, the configuration of those mechanisms to guarantee a global security property remains an open problem. Nowadays Clouds solutions lack two key features in order to realize it: an easy expression of security requirements and an actual enforcement of those requirements. This paper describes an overall architecture providing those features and an experiment run in order to demonstrate its validity. Our solution includes a language, a distribution engine and a security enforcement agent. The language eases the definition of the security properties required to plug an application into a Cloud. The distribution engine computes the sub-properties related to the different resources that must be deployed into the Cloud and coordinates the different enforcement agents associated to the provisioned resources. Our use-case addresses private hosting of customer data into the Cloud. The implementation and experiments show that the global security requirements (authentication and confidentiality) are satisfied when the application is scheduled within virtual machines and shared resources.
Type de document :
Communication dans un congrès
HPCS 2014 - The 2014 International Conference on High Performance Computing & Simulation, Jul 2014, Bologne, Italy. IEEE, 2014
Liste complète des métadonnées

https://hal.inria.fr/hal-01063852
Contributeur : Aline Bousquet <>
Soumis le : dimanche 14 septembre 2014 - 14:16:26
Dernière modification le : mardi 16 janvier 2018 - 15:36:00

Identifiants

  • HAL Id : hal-01063852, version 1

Citation

Laurent Bobelin, Aline Bousquet, Jérémy Briffaut, Eddy Caron, Jean-François Couturier, et al.. An Advanced Security-Aware Cloud Architecture. HPCS 2014 - The 2014 International Conference on High Performance Computing & Simulation, Jul 2014, Bologne, Italy. IEEE, 2014. 〈hal-01063852〉

Partager

Métriques

Consultations de la notice

402