Managing Data Access on Clouds: A Generic Framework for Enforcing Security Policies

Abstract : Recently there has been a great need to provide an adequate security level in Cloud Environments, as they are vulnerable to various attacks. Malicious behaviors such as Denial of Service attacks, especially when targeting large-scale data management systems, cannot be detected by typical authentication mechanisms and are responsible for drastically degrading the overall performance of such systems. In this paper we propose a generic security management framework allowing providers of Cloud data management systems to define and enforce complex security policies. This security framework is designed to detect and stop a large array of attacks defined through an expressive policy description language and to be easily interfaced with various data management systems. We show that we can efficiently protect a data storage system, by evaluating our security framework on top of the BlobSeer data management platform. We evaluate the benefits of preventing a DoS attack targeted towards BlobSeer through experiments performed on the Grid'5000 testbed.
Type de document :
Communication dans un congrès
The 25th International Conference on Advanced Information Networking and Applications (AINA-2011), Mar 2011, Singapore, Singapore. pp.459-466, 2011, 〈10.1109/AINA.2011.61〉
Liste complète des métadonnées

Littérature citée [13 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00536603
Contributeur : Alexandra Carpen-Amarie <>
Soumis le : mardi 16 novembre 2010 - 15:13:46
Dernière modification le : vendredi 25 mai 2018 - 01:29:00
Document(s) archivé(s) le : jeudi 17 février 2011 - 03:02:39

Fichier

GenericFrameworkForEnforcingSe...
Fichiers produits par l'(les) auteur(s)

Identifiants

Citation

Cristina Basescu, Alexandra Carpen-Amarie, Catalin Leordeanu, Alexandru Costan, Gabriel Antoniu. Managing Data Access on Clouds: A Generic Framework for Enforcing Security Policies. The 25th International Conference on Advanced Information Networking and Applications (AINA-2011), Mar 2011, Singapore, Singapore. pp.459-466, 2011, 〈10.1109/AINA.2011.61〉. 〈inria-00536603〉

Partager

Métriques

Consultations de la notice

773

Téléchargements de fichiers

516