Managing Data Access on Clouds: A Generic Framework for Enforcing Security Policies

Abstract : Recently there has been a great need to provide an adequate security level in Cloud Environments, as they are vulnerable to various attacks. Malicious behaviors such as Denial of Service attacks, especially when targeting large-scale data management systems, cannot be detected by typical authentication mechanisms and are responsible for drastically degrading the overall performance of such systems. In this paper we propose a generic security management framework allowing providers of Cloud data management systems to define and enforce complex security policies. This security framework is designed to detect and stop a large array of attacks defined through an expressive policy description language and to be easily interfaced with various data management systems. We show that we can efficiently protect a data storage system, by evaluating our security framework on top of the BlobSeer data management platform. We evaluate the benefits of preventing a DoS attack targeted towards BlobSeer through experiments performed on the Grid'5000 testbed.
Complete list of metadatas

Cited literature [13 references]  Display  Hide  Download

https://hal.inria.fr/inria-00536603
Contributor : Alexandra Carpen-Amarie <>
Submitted on : Tuesday, November 16, 2010 - 3:13:46 PM
Last modification on : Friday, November 16, 2018 - 1:38:43 AM
Long-term archiving on : Thursday, February 17, 2011 - 3:02:39 AM

File

GenericFrameworkForEnforcingSe...
Files produced by the author(s)

Identifiers

Citation

Cristina Basescu, Alexandra Carpen-Amarie, Catalin Leordeanu, Alexandru Costan, Gabriel Antoniu. Managing Data Access on Clouds: A Generic Framework for Enforcing Security Policies. The 25th International Conference on Advanced Information Networking and Applications (AINA-2011), Institute for Infocomm Research (I2R) in cooperation with the Singapore Chapter of ACM, Mar 2011, Singapore, Singapore. pp.459-466, ⟨10.1109/AINA.2011.61⟩. ⟨inria-00536603⟩

Share

Metrics

Record views

830

Files downloads

655