PresentationPDF Available

Current Issues on Cloud Computing Security and Management

November 2014

Conference: SEURWARE 2014

Authors:

Pedro Vitti

Federal University of Santa Catarina

Daniel Ricardo dos Santos

Forescout Technologies

Carlos Becker Westphall

Federal University of Santa Catarina

Carla Merkle Westphall

Federal University of Santa Catarina

Show all 5 authorsHide

Cloud computing is becoming increasingly more popular and telecommunications companies perceive the cloud as an alternative to their service deployment models, one that brings them new possibilities. But to ensure the successful use of this new model there are security and management challenges that still need to be faced. There are numerous threats and vulnerabilities that become more and more important as the use of the cloud increases, as well as concerns with stored data and its availability, confidentiality and integrity. This situation creates the need for monitoring tools and services, which provide a way for administrators to define and evaluate security metrics for their systems. In this paper, we propose a cloud computing security monitoring tool based on our previous works on both security and management for cloud computing.

No caption available

…

Figures - uploaded by Carlos Becker Westphall

Content may be subject to copyright.

Content uploaded by Carlos Becker Westphall

Content may be subject to copyright.

!"##$%&'())"$)'*%'!+*",'!*-."/%0'

1$2"#3&4'5%,'65%50$-$%&'

7$,#*'8#&"#'930"$3#$,*':3;<'=5%3$+'>325#,*',*)'

15%&*)<'!5#+*)'?$2@$#'A$)&.B5++<'!5#+5'6$#@+$'

A$)&.B5++<'C+$D$#'650%*'6523$+':3$3#5'

E$&F*#@)'5%,'65%50$-$%&'G5D*#5&*#4'

9$,$#5+'H%3I$#)3&4'*J'15%&5'!5&5#3%5'

EK:L6?L>'<'G(1?KE<'7K>MHN8G' 1L!H>A8>L'OPQR'S'787L>' "!

#$%&'()!

"* +,-.#/01-+#,!!

2* .345-3/!6#.78!

9* 8310.+-:!1#,13.,8!+,!14#0/!1#;<0-+,=!

>* 14#0/!;#,+-#.+,=!

?* 8310.+-:!1#,13.,8!+,!845!

@* 14#0/!8310.+-:!;#,+-#.+,=!

A* 1583!8-0/:!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 2!

#$%&'()!

G*!73:!4388#,8!435.,3/!

H*!1#,1408+#,8!5,/!I0-0.3!6#.78!

"E*!8#;3!.3I3.3,138!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 9!

"*!+,-.#/01-+#,!

F! ,$J)KL$M! %NK)O%M! O(P! Q$&()KOR'&'S)M! %NO%!

R)TLJ)!JLK)!'JULK%O(%! OM! %N)!$M)!LV! %N)!

T&L$P! '(TK)OM)MD! OM! W)&&! OMD! TL(T)K(M! W'%N!

M%LK)P!PO%O!O(P!'%M!OQO'&OR'&'%XD!TL(YP)(SO&'%X!

O(P!'(%)ZK'%X*!!

F!,))P!VLK!JL('%LK'(Z!%LL&M!O(P!M)KQ'T)MD!WN'TN!

UKLQ'P)!O!WOX!VLK!OPJ'('M%KO%LKM!%L!P)Y()!O(P!

)QO&$O%)!M)T$K'%X!J)%K'TM!VLK!%N)'K!MXM%)JM*!!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! >!

"*!+,-.#/01-+#,!

F 6)!UKLULM)! O! T&L$P!TLJU$S(Z! M)T$K'%X!

JL('%LK'(Z! %LL&! ROM)P! L(!L$K!UK)Q'L$M!

WLK[M!L(! RL%N! M)T$K'%X! O(P! JO(OZ)J)(%!

VLK!T&L$P!TLJU$S(Z*!

F I)O%$K)M!LV!T&L$P!TLJU$S(Z!M$TN!OM!

Q'K%$O&'\OSL(D!J$&SF%)(O(TX!O(P!$R']$'%L$M!

OTT)MM! UKLQ'P)! O! Q'OR&)! ML&$SL(! %L! M)KQ'T)!

UKLQ'M'L('(Z!UKLR&)JM*!!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! ?!

"*!+,-.#/01-+#,!

F 6NO%! OK)! %N)!()W!K'M[M! OMMLT'O%)P! W'%N! %N)!

T&L$P!O(P! WNO%! L%N)K! K'M[M!R)TLJ)!JLK)!

TK'STO&^!

F 6)!UKLQ'P)! MLJ)! ROT[ZKL$(P! '(! M)T$K'%X!

TL(T)K(M!'(!T&L$P!TLJU$S(ZD! RK')_X!P)MTK'R)!

O! UK)Q'L$M! 'JU&)J)(%OSL(! LV! O! JL('%LK'(Z!

%LL&! VLK! %N)!T&L$PD!MNLW! NLW!M)T$K'%X!

'(VLKJOSL(! TO(! R)! M$JJOK'\)P! O(P! %K)O%)P!

$(P)K!O!JO(OZ)J)(%!U)KMU)TSQ)*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! @!

2*!.345-3/!6#.78!

F 0K'OK%)!O(P!6)M%UNO&&!`>a!UKLULM)P! O!

JL('%LK'(Z! OKTN'%)T%$K)! P)Q'M)P!VLK!UK'QO%)!

1&L$P!%NO%!TL(M'P)KM!%N)![(LW&)PZ)!

K)]$'K)J)(%M!LV!O$%L(LJ'T!MXM%)JM*!!

F I)K(OP)M!)%!O&*!`?a!M$KQ)XM!%N)!WLK[M!L(!T&L$P!

M)T$K'%X!'MM$)MD! OPPK)MM)M'(Z![)X!%LU'TMb!

Q$&()KOR'&'S)MD! %NK)O%MD! O(P!OcOT[MD! O(P!

UKLULM)M!O!%OdL(LJX!VLK!%N)'K!T&OMM'YTOSL(*!!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! A!

2*!.345-3/!6#.78!

F 1&L$P!8)T$K'%X!5&&'O(T)!`@a!NOM!'P)(SY)P!%N)!

%LU!('()!T&L$P!TLJU$S(Z!%NK)O%M*!-N)!K)ULK%!

MNLWM!O!TL(M)(M$M!OJL(Z!'(P$M%KX!)dU)K%M*!!

F ;$[N%OKLQ!)%!O&*!`Aa!UKLULM)P!O!T&L$P!

()%WLK[!M)T$K'%X!JL('%LK'(ZD!WN'TN!'M!ROM)P!

L(!_LW! J)OM$K)J)(%M! O(P! 'JU&)J)(%M! O(!

O&ZLK'%NJ!%NO%!P)%)T%M!O(P!K)MUL(PM!%L!

()%WLK[!O(LJO&')M*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! G!

9*!8310.+-:!1#,13.,8!+,!14#0/8!

F 3OTN!T&L$P! %)TN(L&LZX!UK)M)(%M!MLJ)!['(P!LV!

[(LW(! Q$&()KOR'&'%Xb! 6)R! 8)KQ'T)MD!8)KQ'T)!

#K')(%)P!5KTN'%)T%$K)!e8#5fD!.)UK)M)(%OSL(O&!

8%O%)!-KO(MV)K! e.38-f! O(P!5UU&'TOSL(!

<KLZKOJJ'(Z! +(%)KVOT)M! e5<+fD! Q'K%$O&'\OK'L(D!

()%WLK[!'(VKOM%K$T%$K)***!`Ga*!

F -N)! $M$O&! %NK))! ROM'T! 'MM$)M!LV! M)T$K'%Xb!

OQO'&OR'&'%XD! '(%)ZK'%X! O(P! TL(YP)(SO&'%X! OK)!

MS&&!V$(POJ)(%O&!'(!%N)!T&L$P*!!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! H!

9*!8310.+-:!1#,13.,8!+,!14#0/8!

F ;$&SF%)(O(%!TNOKOT%)K'MSTb! L()!M'(Z&)!

Q$&()KOR&)!M)KQ'T)!'(!O!Q'K%$O&!JOTN'()D!

)dU&L'%OSL(! LV! JO(X! M)KQ'T)M! NLM%)P!'(!%N)!

MOJ)!UNXM'TO&!JOTN'()*!

F 6)R! OUU&'TOSL(M!O(P!W)R!M)KQ'T)Mb!

M$MT)USR&)!%L!O!&L%!LV!)OM'&X!P)U&LX)P!OcOT[M!

M$TN! OM! 8g4! '(h)TSL(D! 1KLMMF8'%)! 8TK'US(Z!

ei88fD! 1KLMMF8'%)! .)]$)M%! ILKZ)KX! e18.If! O(P!

M)MM'L(!N'hOT['(Z*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! "E!

9*!8310.+-:!1#,13.,8!+,!14#0/8!

F 5(L%N)K!'JULK%O(%!%LU'T!'(!T&L$P!M)T$K'%X!'M!

+P)(S%X! O(P! 5TT)MM! ;O(OZ)J)(%D! R)TO$M)! (LW!

PO%O! LW()KM! O(P! PO%O! UKLQ'P)KM! OK)! (L%!'(!%N)!

MOJ)!%K$M%)P!PLJO'(!`Ha*!!

F -N)! JO'(! M)T$K'%X! JO(OZ)J)(%! 'MM$)M!LV! O! 1&L$P!

8)KQ'T)! <KLQ'P)K!e18<f!OK)b!OQO'&OR'&'%X!

JO(OZ)J)(%D! OTT)MM!TL(%KL&! JO(OZ)J)(%D!

Q$&()KOR'&'%X! JO(OZ)J)(%D! UO%TN! O(P!TL(YZ$F!

KOSL(! JO(OZ)J)(%D! TL$(%)KJ)OM$K)MD! O(P! T&L$P!

$MOZ)!O(P!OTT)MM!JL('%LK'(Z!`"Ea*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! ""!

9*!8310.+-:!1#,13.,8!+,!14#0/8!

F -N)!T&L$P!'M!O(!)OMX!%OKZ)%!VLK!O(!'(%K$P)K!%KX'(Z!%L!

$M)!'%M!OR$(PO(%!K)ML$KT)M!JO&'T'L$M&XD!O(P!%N)!+/8!

O&ML! NOM! %L! R)! P'M%K'R$%)PD!%L! R)! OR&)! %L! JL('%LK!

)OTN!(LP)!`""a*!

F /'M%K'R$%)P! /)('O&! LV!8)KQ'T)!e//L8f! OcOT[M! TO(!

NOQ)! O! J$TN! RKLOP)K! 'JUOT%! L(! %N)! T&L$PD! M'(T)!

(LW! JO(X! M)KQ'T)M! JOX! R)! NLM%)P!'(!%N)! MOJ)!

JOTN'()*! //L8!'M! O! UKLR&)J! %NO%! 'M!MS&&!(L%!Q)KX!

W)&&!NO(P&)P*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! "2!

9*!8310.+-:!1#,13.,8!+,!14#0/8!

F -L! JO'(%O'(! PO%O! M)T$K'%X! O! UKLQ'P)K! J$M%!

'(T&$P)D! O%! &)OM%b! O(! )(TKXUSL(!MTN)JOD! O(!

OTT)MM!TL(%KL&!MXM%)JD!O(P!O!ROT[$U!U&O(!`"2a*!

F 6N)(!JLQ'(Z!%L!%N)!T&L$P!'%!'M!'JULK%O(%!%NO%!

O!UKLMU)TSQ)!T$M%LJ)K![(LWM!%L!WNO%!K'M[M!'%M!

PO%O! OK)! R)'(Z!)dULM)P*!8LJ)! LV! %N)! [)X!

UL'(%M! TL(M'P)K)P!'(!%N'M!J'ZKOSL(!OK)!

UK)M)(%)P!'(!`"9D!2ED!O(P!2"a*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! "9!

9*!8310.+-:!1#,13.,8!+,!14#0/8!

F 4)ZO&! TLJU&'O(T)!'M!V$(POJ)(%O&!WN)(!

P)O&'(Z! W'%N! T&L$P!TLJU$S(Z*! +(! %N)! T&L$P!

WLK&PD! '%! 'M!ULMM'R&)! %NO%! PO%O! TKLMM! JO(X!

h$K'MP'TSL(!RLKP)KM*!!

F 5QO'&OR'&'%X! O(P! TL(YP)(SO&'%X! OK)! TK'STO&! %L!

%N)!%)&)TLJJ$('TOSL(M! R$M'()MM! O(P!'V!

M)KQ'T)M!OK)!R)'(Z!P)U&LX)P!'(!O!U$R&'T!T&L$P!

W'%NL$%!O!UKLU)K!845!`"?a*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! ">!

>*!14#0/!;#,+-#.+,=!!

F #$K!%)OJ!NOM!UK)Q'L$M&X!UKLULM)P!O(P!

'JU&)J)(%)P!O(!LU)(FML$KT)!T&L$P!

JL('%LK'(Z! OKTN'%)T%$K)! O(P! %LL&! TO&&)P! %N)!

<K'QO%)! 1&L$P! ;L('%LK'(Z! 8XM%)J! e<1;#,8f!

`">a*!

F -N)! OKTN'%)T%$K)! LV! %N)! MXM%)J! 'M!P'Q'P)P!'(!

%NK))!&OX)KMb!+(VKOM%K$T%$K)j! +(%)ZKOSL(j! O(P!

Q')W*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! "?!

>*!14#0/!;#,+-#.+,=!!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! "@!

?*!8310.+-:!1#,13.,8!+,!845!!!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! "A!

F <KLQ'P)KM!J$M%!NOQ)!WOXM!%L!)(M$K)!%N)'K!

T&')(%M!%NO%!%N)'K!PO%O!'M!MOV)!O(P!J$M%!PL!

ML!RX!JL('%LK'(Z!O(P!)(NO(T'(Z!M)T$K'%X!

J)%K'TM*!

F 845M! JOX! O&ML! R)! $M)P! '(! %N)! P)Y('SL(D!

JL('%LK'(Z! O(P! )QO&$OSL(! LV! M)T$K'%X!

J)%K'TMD! '(! %N)! VLKJ! LV! 8)T$K'%X! 845MD! LK!

8)TF845M!`"?a*!

@*!14#0/!8310.+-:!;#,+-#.+,=!!

F 6)!(LW!UKLULM)!O(!)d%)(M'L(!%L!%N)!

<1;#,8! OKTN'%)T%$K)! O(P! %LL&! %L! )(OR&)!

M)T$K'%X!JL('%LK'(Z!VLK!T&L$P!TLJU$S(Z*!!

F 6)! O&ML! UK)M)(%! %N)! M)T$K'%X! J)%K'TM! WN'TN!

W)!TL(M'P)K! OP)]$O%)! %L! R)! JL('%LK)P! '(! O!

T&L$P! '(VKOM%K$T%$K)!O(P! WN'TN!UKLQ'P)! O!

ZLLP! U'T%$K)! LV! M)T$K'%X! OM! O! WNL&)!'(!%N'M!

)(Q'KL(J)(%*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! "G!

@*!14#0/!8310.+-:!;#,+-#.+,=!!

F -N)! %LL&! $M)M! PO%O! O(P!&LZM!ZO%N)K)P! VKLJ!

M)T$K'%X! MLkWOK)! OQO'&OR&)!'(!%N)! JL('%LK)P!

MXM%)JMD!M$TN!OM!+/8MD!O(SFJO&WOK)!MLkWOK)D!

Y&)! MXM%)J! '(%)ZK'%X!Q)K'YTOSL(!MLkWOK)D!

ROT[$U! MLkWOK)D! O(P!W)R!OUU&'TOSL(!

YK)WO&&M*!

F -N)! )(SS)M!'(QL&Q)P!'(!%N)!P)Y('SL(D!

TL(YZ$KOSL(!O(P!OPJ'('M%KOSL(!LV!%N)!

M)T$K'%X!845M!O(P!J)%K'TM!OK)b!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! "H!

@*!14#0/!8310.+-:!;#,+-#.+,=!!

F 1&L$P! $M)KMj! 1&L$P! OPJ'('M%KO%LKMj! O(P!

8)T$K'%X!OUU&'TOSL(M*!

F /O%O!8)T$K'%X! ;)%K'TMD! 5TT)MM!1L(%KL&!;)%K'TM!

O(P! 8)KQ)K! 8)T$K'%X! ;)%K'TM! OK)! MNLW(! '(!

-OR&)!+D!-OR&)!++D!O(P!-OR&)!+++D!K)MU)TSQ)&X*!

F +V!O!Q'K%$O&!JOTN'()!NOM!NOP!O!N$Z)!($JR)K!LV!

VO'&)P! OTT)MM! Oc)JU%M! '(! %N)! &OM%! NL$KM! W)!

JOX!WO(%!%L!&LT[!O(X!V$K%N)K!OTT)MM*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 2E!

@*!14#0/!8310.+-:!;#,+-#.+,=!!

6$&#32'' =$)2#3./*%''

3(TKXU%)P!/O%O^!! +(P'TO%)M!WN)%N)K!%N)!PO%O!M%LK)P!'(!%N)!B;!'M!)(TKXU%)P!!

3(TKXUSL(!5&ZLK'%NJ!! -N)!O&ZLK'%NJ!$M)P!'(!%N)!)(TKXUSL(lP)TKXUSL(!UKLT)MM!!

4OM%!ROT[$U!! -N)!PO%)!O(P!SJ)!WN)(!%N)!&OM%!ROT[$U!WOM!U)KVLKJ)P!!

4OM%!'(%)ZK'%X!TN)T[!! -N)!PO%)!O(P!SJ)!WN)(!%N)!&OM%!Y&)!MXM%)J!'(%)ZK'%X!TN)T[!WOM!

U)KVLKJ)P!!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 2"!

-5C43!+*!/5-5!8310.+-:!;3-.+18!!

@*!14#0/!8310.+-:!;#,+-#.+,=!!

6$&#32'' =$)2#3./*%''

BO&'P!5TT)MM)M!! -N)!($JR)K!LV!QO&'P!OTT)MM!Oc)JU%M!'(!%N)!&OM%!2>!NL$KM!!

IO'&)P!OTT)MM!Oc)JU%M!!! -N)!($JR)K!LV!VO'&)P!OTT)MM!Oc)JU%M!'(!%N)!&OM%!2>!NL$KM!!

<OMMWLKP!TNO(Z)!'(%)KQO&!! -N)!VK)]$)(TX!W'%N!WN'TN!$M)KM!J$M%!TNO(Z)!UOMMWLKPM!'(!

%N)!B;mM!LU)KOS(Z!MXM%)J!!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 22!

-5C43!++*!511388!1#,-.#4!;3-.+18!!!

@*!14#0/!8310.+-:!;#,+-#.+,=!!

6$&#32'' =$)2#3./*%''

;O&WOK)!! ,$JR)K!LV!JO&WOK)!P)%)T%)P!'(!%N)!&OM%!O(SFJO&WOK)!MTO(!!

4OM%!JO&WOK)!MTO(!! -N)!PO%)!O(P!SJ)!LV!%N)!&OM%!JO&WOK)!MTO(!'(!%N)!B;!!

B$&()KOR'&'S)M!! ,$JR)K!LV!Q$&()KOR'&'S)M!VL$(P!'(!%N)!&OM%!MTO(!!

4OM%!Q$&()KOR'&'%X!MTO(!! -N)!PO%)!O(P!SJ)!LV!%N)!&OM%!Q$&()KOR'&'%X!MTO(!'(!%N)!B;!!

5QO'&OR'&'%X!! <)KT)(%OZ)!LV!%N)!SJ)!'(!WN'TN!%N)!B;!'M!L(&'()!!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 29!

-5C43!+++*!83.B3.!8310.+-:!;3-.+18!!

A*!1583!8-0/:!

F 6)!NOQ)!'JU&)J)(%)P! %N)! J)%K'TM!UK)M)(%)P!

'(!-OR&)M!+F+++!O(P!ZO%N)K)P!%N)!PO%O!Z)()KO%)P!

'(!O!TOM)!M%$PX*!

F -N)! VL&&LW'(Z! MLkWOK)! W)K)!$M)P! %L! ZO%N)K!

%N)!M)T$K'%X!'(VLKJOSL(b! PJFTKXU%!

e)(TKXUSL(fD! KMX(T! eROT[$UfD! %K'UW'K)!

eY&)MXM%)J! '(%)ZK'%XfD! MMN!eK)JL%)! OTT)MMfD!

T&OJ5B!eO(SFJO&WOK)fD! SZ)K!eQ$&()KOR'&'%X!

OMM)MMJ)(%f!O(P!$USJ)!eOQO'&OR'&'%Xf*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 2>!

A*!1583!8-0/:!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 2?!

A*!1583!8-0/:!

F +%! K)UK)M)(%M! NLW! %N)! J)%K'TM! OK)! MNLW(!'(!

,OZ'LM!O(P!'%!'M!ULMM'R&)!%L!M))!%N)!Q'M'L(!%NO%!

O! ()%WLK[! OPJ'('M%KO%LK! NOM!LV!O!M'(Z&)!

JOTN'()*!!

F -N)!J)%K'TM!n--<!1#,,31-+#,8D!4#5/D!<+,=D!

.5;!O(P!88n!OK)!VKLJ!%N)!UK)Q'L$M!Q)KM'L(!LV!

<1;#,8! O(P!OK)!(L%!M%K'T%&X!K)&O%)P!%L!

M)T$K'%XD!R$%!%N)X!OK)!MNLW!TLJR'()P*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 2@!

G*!73:!4388#,8!435.,3/!!

F -N)!%LL&!N)&UM! ()%WLK[! O(P!M)T$K'%X!OPJ'('M%KO%LK!

U)KT)'Q)!Q'L&OSL(M!%L!8)TF845M!O(P!OTSQ)&X!

K)MUL(P!%L!%NK)O%M*!

F -N)! JOhLK! U')T)!LV! %)TN(L&LZX! $M)P! %L! UKLQ'P)!

M)T$K'%X!'(!%N)!T&L$P!'M!TKXU%LZKOUNX*!

F /O%O! &)O[OZ)! O(P! PO%O! &LMM! OK)! ULMM'R&X! %N)!

ZK)O%)M%!TL(T)K(M!LV!T&L$P!$M)KM*!

F COT[$U!O(P!K)TLQ)KX!OK)!O&ML!V$(POJ)(%O&!%LL&M!%L!

)(M$K)!%N)!OQO'&OR'&'%X!LV!T$M%LJ)K!PO%O*!!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 2A!

G*!73:!4388#,8!435.,3/!!

F 845M! OK)! V$(POJ)(%O&! %L! UKLQ'P)! T$M%LJ)KM!

W'%N!%N)!())P)P!Z$OKO(%))M*!

F /)Y('SL(!LV!K)]$'K)J)(%M!O(P!%N)!JL('%LK'(Z!

LV!M)T$K'%X!J)%K'TM!K)JO'(!O(!'JULK%O(%!LU)(!

K)M)OKTN!%LU'T*!!

F -N)!JOhLK!P)T'M'L(M!'(!%N'M!WLK[!W)K)!K)&O%)P!

%L!%N)!M)T$K'%X!J)%K'TM!O(P!%N)!MLkWOK)!$M)P!

%L!UKLQ'P)!%N)!()T)MMOKX!M)T$K'%X!PO%O*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 2G!

G*!73:!4388#,8!435.,3/!!

F -N)! 'P)O!LV! O(O&X\'(Z!&LZM!%L! LR%O'(! M)T$K'%X!

PO%O! 'M! T&OMM'TO&!'(!'(VLKJOSL(! M)T$K'%X! O(P! '%!

M))J)P!&'[)!O!(O%$KO&!OUUKLOTN!%L!L$K!

TNO&&)(Z)M*!

F -L!K)OPD!UOKM)!O(P!UK)M)(%!%N)!PO%O!W)!TNLM)!

%L!$M)!%N)! <X%NL(! UKLZKOJJ'(Z! &O(Z$OZ)!

R)TO$M)!'%!O&K)OPX!VLKJ)P!%N)!ROM)!LV!

<1;#,8!e<K'QO%)!1&L$P!;L('%LK'(Z!8XM%)Jf*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 2H!

G*!73:!4388#,8!435.,3/!!

F 8)o(Z!$U!O!K)&'OR&)!%)MS(Z!)(Q'KL(J)(%!WOM!O&ML!

)d%K)J)&X!'JULK%O(%!%L!%N)!M$TT)MM!LV!%N)!

UKLh)T%*!

F 5(!'JULK%O(%!V)O%$K)!LV!%N'M!)d%)(M'L(!LV!

<1;#,8! 'M! %NO%! '%! TO(! K$(!LQ)K!#U)(,)R$&OD!

#U)(8%OT[!O(P!1&L$P8%OT[*!!

F -N)! $M)! LV!MTK'US(Z!&O(Z$OZ)M!'(!%N)!

P)Q)&LUJ)(%!UKLT)MMD! M$TN! OM! <X%NL(! O(P! COMN!

8TK'U%!O&&LW)P!$M!%L!P)Y()!%N)!J)%K'TM*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 9E!

H*!1#,1408+#,!5,/!I0-0.3!6#.7!!!

-N'M!WLK[!P)MTK'R)Pb!!

F! 5! V)W!LV!L$K!UK)Q'L$M!WLK[M!'(!%N)! Y)&P!LV!

1&L$P!1LJU$S(Z!O(P!NLW! %L! RK'(Z! %N)J! O&&!

%LZ)%N)K!'(!LKP)K! %L! P)Q)&LU! O! T&L$P! M)T$K'%X!

JL('%LK'(Z!OKTN'%)T%$K)j!O(P!

F! -N)! P)M'Z(! O(P! 'JU&)J)(%OSL(! LV! O! T&L$P!

M)T$K'%X!JL('%LK'(Z!%LL&D!O(P!NLW!'%! TO(! ZO%N)K!

PO%O!VKLJ!JO(X!M)T$K'%X!ML$KT)M!'(M'P)!B;M!O(P!

%N)!()%WLK[*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 9"!

H*!1#,1408+#,!5,/!I0-0.3!6#.7!!!

5M!V$%$K)!WLK[b!

F 6)! TO(! UL'(%! %L! %N)! P)Y('SL(! O(P! 'JU&)F!

J)(%OSL(!LV!()W!J)%K'TM!O(P!O!R)c)K!

'(%)ZKOSL(!W'%N!)d'MS(Z!8)T$K'%X!845Mj!O(P!

F +%!WL$&P!R)!'JULK%O(%!%L!M%$PX!%N)!'(%)ZKOSL(!

LV! %N)! M)T$K'%X! JL('%LK'(Z! JLP)&! W'%N! L%N)K!

OTSQ)!K)M)OKTN!Y)&PM!'(!T&L$P!M)T$K'%XD!M$TN!OM!

+P)(S%X!O(P! 5TT)MM! ;O(OZ)J)(%! O(P!

+(%K$M'L(!/)%)TSL(!8XM%)JM*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 92!

"E*!.3I3.3,138!!

.)V)K)(T)M!'(P'TO%)P!'(!%N'M!UK)M)(%OSL(b!

F `>a! .*! C*! 0K'OK%)! O(P! 1*! C*! 6)M%UNO&&D! p<O(LU%)Mb! 5!

JL('%LK'(Z! OKTN'%)T%$K)! O(P! VKOJ)WLK[! VLK!

M$UULKS(Z! O$%L(LJ'T! T&L$PMDq! '(! +333! ,)%WLK[!

#U)KOSL(M!O(P!;O(OZ)J)(%!8XJULM'$JD!2E">*!

F `?a! /*! I)K(O(P)M! )%! O&*D! p8)T$K'%X! 'MM$)M! '(! T&L$P!

)(Q'KL(J)(%Mb! O! M$KQ)XDq! +(%)K(OSL(O&! rL$K(O&! LV!

+(VLKJOSL(!8)T$K'%XD!2E">*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 99!

"E*!.3I3.3,138!!

.)V)K)(T)M!'(P'TO%)P!'(!%N'M!UK)M)(%OSL(b!

F `@a!-*! -*!6*!=KL$U!)%!O&*D! p-N)!(L%LK'L$M!('()b!T&L$P!

TLJU$S(Z! %LU! %NK)O%M! '(! 2E"9Dq! 1&L$P! 8)T$K'%X!

5&&'O(T)D!2E"9*!

F `Aa! ;*! ;$[N%OKLQ! )%! O&*D! p1&L$P! ()%WLK[! M)T$K'%X!

JL('%LK'(Z! O(P! K)MUL(M)! MXM%)JDq! 14#0/!

1#;<0-+,=! 2E"2! e-N)! -N'KP! +(%)K(OSL(O&!

1L(V)K)(T)! L(! 1&L$P! 1LJU$S(ZD! =.+/MD! O(P!

B'K%$O&'\OSL(f*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 9>!

"E*!.3I3.3,138!!

.)V)K)(T)M!'(P'TO%)P!'(!%N'M!UK)M)(%OSL(b!

F `Ga! C*! =KLRO$)KD! )%! O&*D! p0(P)KM%O(P'(Z! T&L$P!

TLJU$S(Z! Q$&()KOR'&'S)MDq! 8)T$K'%X! <K'QOTXD! +333D!

QL&*!HD!(L*!2D!;OKTNF5UK'&!2E""*!

F `Ha!i*!-O(!O(P!C*!5'D!p-N)!'MM$)M!LV!T&L$P!TLJU$S(Z!

M)T$K'%X! '(! N'ZNFMU))P! KO'&WOXDq! '(! 3&)T%KL('T! O(P!

;)TNO('TO&!3(Z'())K'(Z!O(P!+(VLKJOSL(!-)TN(L&LZX!

e3;3+-fD! 2E""! +(%)K(OSL(O&! 1L(V)K)(T)! L(D! QL&*! GD!

2E""*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 9?!

"E*!.3I3.3,138!!

.)V)K)(T)M!'(P'TO%)P!'(!%N'M!UK)M)(%OSL(b!

F `"Ea!I*!8ORON'D!p1&L$P!TLJU$S(Z!M)T$K'%X!%NK)O%M!O(P!

K)MUL(M)MDq! '(! 1LJJ$('TOSL(! 8LkWOK)! O(P!

,)%WLK[M!e+118,fD!+333!9KP!+(%)K(OSL(O&!1L(V)K)(T)!

L(D!2E""*!

F `""a!7*!B')'KOD!)%!O&*D!p+(%K$M'L(!P)%)TSL(!VLK!ZK'P!O(P!

T&L$P!TLJU$S(ZDq!+333!+-!<KLV)MM'L(O&D!QL&*!"2D!(L*!>D!

2E"E*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 9@!

"E*!.3I3.3,138!!

.)V)K)(T)M!'(P'TO%)P!'(!%N'M!UK)M)(%OSL(b!

F `"2a!4*!7O$VJO(D!p/O%O!M)T$K'%X!'(!%N)!WLK&P!LV!T&L$P!

TLJU$S(ZDq! 8)T$K'%X! <K'QOTXD! +333D! QL&*! AD! (L*! >D!

2EEH*!

F `"9a!8*!1NOQ)M!)%!O&*D!p1$M%LJ)K!M)T$K'%X!TL(T)K(M!'(!

T&L$P! TLJU$S(ZDq! '(! +1,D! -N)! -)(%N! +(%)KF! (OSL(O&!

1L(V)K)(T)!L(!,)%WLK[MD!2E""*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 9A!

"E*!.3I3.3,138!!

.)V)K)(T)M!'(P'TO%)P!'(!%N'M!UK)M)(%OSL(b!

F `">a!8*! 5*!1NOQ)MD!.*!C*!0K'OK%)D! O(P!1*!C*!6)M%UNO&&D!

p-LWOKP! O(! OKTN'%)T%$K)! VLK! JL('%LK'(Z! UK'QO%)!

T&L$PMDDq!1LJJ$('TOSL(M!;OZO\'()D!+333D!QL&*!>HD!(*!

"2D!2E""*!

F `"?a!8*!5*!1NOQ)MD!1*!C*!6)M%UNO&&D!O(P!I*!4OJ'(D!p8&O!

U)KMU)TSQ)! '(! M)T$K'%X! JO(OZ)J)(%! VLK! T&L$P!

TLJU$S(ZDq!'(!,)%WLK['(Z!O(P!8)KQ'T)M!e+1,8fD!2E"E!

8'd%N!+(%)K(OSL(O&!1L(V)K)(T)!L(D!2E"E*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 9G!

"E*!.3I3.3,138!!

.)V)K)(T)M!'(P'TO%)P!'(!%N'M!UK)M)(%OSL(b!

F `2Ea! /*! .*! PLM! 8O(%LMD! 1*! ;*! 6)M%UNO&&D! O(P! 1*! C*!

6)M%UNO&&D! p5! PX(OJ'T! K'M[FROM)P! OTT)MM! TL(%KL&!

OKTN'%)T%$K)! VLK! T&L$P! TLJU$S(ZDq! '(! +333! ,)%WLK[!

#U)KOSL(M! O(P! ;O(OZ)J)(%! 8XJULM'$J! e,#;8fD!

2E">*!

F `2"a!<*!I*!8+&QO!)%!O&*D!p5(!OKTN'%)T%$K)!VLK!K'M[!O(O&XM'M!

'(! T&L$PDq! '(! +1,8D! -N)! -)(%N! +(%)K(OSL(O&!

1L(V)K)(T)!L(!,)%WLK['(Z!O(P!8)KQ'T)MD!2E">*!

,#B3;C3.!D!4+8C#,D!<#.-0=54! 8310.65.3!2E">!F!<5<3.! 9H!

A SURVEY OF SECURITY THREATS IN DISTRIBUTED OPERATING SYSTEM

Article

Jan 2020

Cloud Computing and Cybersecurity Issues Facing Local Enterprises

Chapter

Jan 2019

Emre Erturk

This chapter sets out to explore new trends in cyber and cloud security, and their implications for businesses. First, the terminology and assumptions related to cloud computing are stated. Next, the chapter reports on contemporary research around the awareness of security issues, and the security processes within the cloud computing realm. Cyber security poses a different challenge to local small and medium sized organizations, which may seem to have less at stake financially. However, they are more vulnerable, due to fewer resources dedicated toward prevention. A series of serious security incidents may even keep them out of business. Furthermore, security needs to be understood and handled differently in a cloud based environment. Therefore, the chapter identifies unique security practices and recommendations for these businesses to run their IT resources safely in the cloud.

Cloud Computing and Cybersecurity Issues Facing Local Enterprises

Chapter

Dec 2016

Emre Erturk

Survey on DDoS Attacks and Defense Mechanisms in Cloud and Fog Computing

Chapter

Jan 2019

This article describes how cloud computing has emerged as a strong competitor against traditional IT platforms by offering low-cost and “pay-as-you-go” computing potential and on-demand provisioning of services. Governments, as well as organizations, have migrated their entire or most of the IT infrastructure to the cloud. With the emergence of IoT devices and big data, the amount of data forwarded to the cloud has increased to a huge extent. Therefore, the paradigm of cloud computing is no longer sufficient. Furthermore, with the growth of demand for IoT solutions in organizations, it has become essential to process data quickly, substantially and on-site. Hence, Fog computing is introduced to overcome these drawbacks of cloud computing by bringing intelligence to the edge of the network using smart devices. One major security issue related to the cloud is the DDoS attack. This article discusses in detail about the DDoS attack, cloud computing, fog computing, how DDoS affect cloud environment and how fog computing can be used in a cloud environment to solve a variety of problems.

Security Issues in Distributed Computing System Models

Chapter

May 2018

Distributed computing systems allow homogenous/heterogeneous computers and workstations to act as a computing environment. In this environment, users can uniformly access local and remote resources in order to run processes. Users are not aware of which computers their processes are running on. This might pose some complicated security problems. This chapter provides a security review of distributed systems. It begins with a survey about different and diverse definitions of distributed computing systems in the literature. Different systems are discussed with emphasize on the most recent. Finally, different aspects of distributed systems security and prominent research directions are explored.

Implementation of Security Mechanism in IIoT Systems

Chapter

Jan 2019

The Fourth Industrial Revolution is the paradigm that realizes high-quality intelligent real-time services by combining super intelligent computing technologies associated with super connectable information and communication technologies for various industries. However, the implementation of real-time IoT services satisfying these needs is not possible with just applying existing Cloud technology. So, in this paper, we propose a network framework based on Cloud and Fog computing for the implementation of super connectivity network in IIoT systems for smart factory automation. Also in order to guarantee the confidentiality and integrity of the data to be processed between Fog and Cloud, an efficient security mechanism is needed to be designed and applied. The contribution of this research is also to provide efficient security mechanisms for the proposed service architecture.

Survey on DDoS Attacks and Defense Mechanisms in Cloud and Fog Computing

Article

Full-text available

Jul 2018

This article describes how cloud computing has emerged as a strong competitor against traditional IT platforms by offering low-cost and "pay-as-you-go" computing potential and on-demand provisioning of services. Governments, as well as organizations, have migrated their entire or most of the IT infrastructure to the cloud. With the emergence of IoT devices and big data, the amount of data forwarded to the cloud has increased to a huge extent. Therefore, the paradigm of cloud computing is no longer sufficient. Furthermore, with the growth of demand for IoT solutions in organizations, it has become essential to process data quickly, substantially and on-site. Hence, Fog computing is introduced to overcome these drawbacks of cloud computing by bringing intelligence to the edge of the network using smart devices. One major security issue related to the cloud is the DDoS attack. This article discusses in detail about the DDoS attack, cloud computing, fog computing, how DDoS affect cloud environment and how fog computing can be used in a cloud environment to solve a variety of problems.

Principles of Secure Access and Privacy in Combined E-Learning Environment: Architecture, Formalization, and Modelling

Chapter

Full-text available

Feb 2018

Globalization in the contemporary information society outlines new important challenges in privacy and personal data protection that apply to user security in cyberspace. This is also the case e-learning environments, which use new network technologies, such as remote access, distributed processing, information sharing, cloud services, social computing, etc. Strong security procedures based on authentication, authorization, and data protection should be proposed to protect system resources, user profiles, personal information, educational materials, and other specific information. The chapter presents the opportunities and challenges of some digital technologies that could increase the effectiveness of elearning processes by developing a combined e-learning environment. A functional architecture with two sub-systems (front office and back office) and different information resources (public, internal, external) is discussed. Investigation by using formalization and modelling is made and assessments are presented.

Cloud Computing and Cybersecurity Issues Facing Local Enterprises

Chapter

Jan 2017

Emre Erturk

Security Issues in Distributed Computing System Models

Article

Full-text available

Aug 2016

A dynamic risk-based access control architecture for cloud computing

Conference Paper

Full-text available

May 2014

Cloud computing is a distributed computing model that still faces problems. New ideas emerge to take advantage of its features and among the research challenges found in the cloud, we can highlight Identity and Access Management. The main problems of the application of access control in the cloud are the necessary flexibility and scalability to support a large number of users and resources in a dynamic and heterogeneous environment, with collaboration and information sharing needs. This paper proposes the use of risk-based dynamic access control for cloud computing. The proposal is presented as an access control model based on an extension of the XACML standard with three new components: the Risk Engine, the Risk Quantification Web Services and the Risk Policies. The risk policies present a method to describe risk metrics and their quantification, using local or remote functions. The risk policies allow users and cloud service providers to define how to handle risk-based access control for their resources, using different quantification and aggregation methods. The model reaches the access decision based on a combination of XACML decisions and risk analysis. A prototype of the model is implemented, showing it has enough expressivity to describe the models of related work. In the experimental results, the prototype takes between 2 and 6 milliseconds to reach access decisions using a risk policy. A discussion on the security aspects of the model is also presented.

Panoptes: A monitoring architecture and framework for supporting autonomic Clouds

Conference Paper

Full-text available

May 2014

The essential characteristics of Cloud computing are scalability, elasticity, and heterogeneous resource pooling. However, managing these systems is challenging due to their complexity and dynamism. Using Autonomic Computing to achieve self-management is a prominent approach to respond these challenges. The fundamental basis for the decision making process of such systems is the updated status of the system and its operational context. In this paper, we propose a monitoring architecture devised for private Cloud that focuses on providing data analytics capabilities to the monitoring system and that considers the knowledge requirements of autonomic systems. We implemented this architecture as a framework named Panoptes and integrated it to a simple self-protection framework of private Clouds as proof-of-concept. Additionally, we complemented the validation with analytical analyses of the monitoring framework.

An Architecture for Risk Analysis in Cloud

Conference Paper

Full-text available

Feb 2014

Cloud computing offers benefits in terms of availability and cost, but transfers the responsibility of information security management for the cloud service provider. Thus, the consumer loses control over the security of their information and services. This factor has prevented the migration to cloud computing in many businesses. This paper proposes a model where the cloud consumer can perform risk analysis on providers before and after contracting the service. The proposed model establishes the responsibilities of three actors: Consumer, Provider and Security Labs. The inclusion of actor Security Labs provides more credibility to risk analysis making the results more consistent for the consumer.

SLA Perspective in Security Management for Cloud Computing

Article

Full-text available

Mar 2010

One of the network and services management problems is security, either in preventing attacks and using computational mechanisms to protect data and systems or in administrative matters, which involves not just what needs to be protected, but also what security service levels will be delivered. This paper explores Service Level Agreements for Security or just Sec-SLAs. Is tried to provide an overview on the subject, the difficulties faced during the security metrics definition process and the Sec-SLA monitoring, as well as an analysis on the Sec-SLA role in new paradigms like cloud computing.

Intrusion Detection for Grid and Cloud Computing

Article

Full-text available

Sep 2010
IT Prof Mag

Providing security in a distributed system requires more than user authentication with passwords or digital certificates and confidentiality in data transmission. The Grid and Cloud Computing Intrusion Detection System integrates knowledge and behavior analysis to detect intrusions.

Toward an Architecture for Monitoring Private Clouds

Article

Full-text available

Dec 2011
IEEE COMMUN MAG

Cloud computing is rapidly emerging as a new model for service delivery, including for telecommunications services (cloud telephony). Although many solutions are now available, cloud management and monitoring technology has not kept pace, partially because of the lack of open source solutions. To address this limitation, this article describes our experience with a private cloud, discusses the design and implementation of PCMONS (Private Cloud Monitoring System) and its application via a case study for the proposed architecture. An important finding of this article is that is possible to deploy a private cloud within the organization using only open- source solutions and integrating with traditional tools like Nagios. However, there are significant development work to be done while integrating these tools. With PCMONS we took first steps towards this goal, opening paths for new development opportunities as well making PCMONS itself an open-source tool.

Understanding Cloud Computing Vulnerabilities

Article

May 2011
IEEE SECUR PRIV

The current discourse about cloud computing security issues makes a well-founded assessment of cloud computing's security impact difficult for two primary reasons. First, as is true for many discussions about risk, basic vocabulary such as "risk," "threat," and "vulnerability" are often used as if they were interchangeable, without regard to their respective definitions. Second, not every issue that's raised is really specific to cloud computing. We can achieve an accurate understanding of the security issue "delta" that cloud computing really adds by analyzing how cloud computing influences each risk factor. One important factor concerns vulnerabilities: cloud computing makes certain well-understood vulnerabilities more significant and adds new vulnerabilities. Here, the authors define four indicators of cloud-specific vulnerabilities, introduce a security-specific cloud reference architecture, and provide examples of cloud-specific vulnerabilities for each architectural component.

Toward an architecture for monitoring private clouds

Jan 2010

D Fernandes

D. Fernandes et al., "Security issues in cloud environments: a survey," InternaSonal Journal of InformaSon Security, 2014. 10. REFERENCES References indicated in this presentaSon:--[10] F. Sabahi, "Cloud compuSng security threats and responses," in CommunicaSon Sokware and Networks (ICCSN), IEEE 3rd InternaSonal Conference on, 2011.--[11] K. Vieira, et al., "Intrusion detecSon for grid and cloud compuSng," IEEE IT Professional, vol. 12, no. 4, 2010. this presentaSon:--[14] S. A. Chaves, R. B. Uriarte, and C. B. Westphall, "Toward an architecture for monitoring private clouds,," CommunicaSons Magazine, IEEE, vol. 49, n. 12, 2011.--[15] S. A. Chaves, C. B. Westphall, and F. Lamin, "Sla perspecSve in security management for cloud compuSng," in Networking and Services (ICNS), 2010

Current Issues on Cloud Computing Security and Management

Abstract and Figures

Recommendations

Current Issues in Cloud Computing Security and Management

AutoManSec 4 CloudIoT - Autonomic Management and Security for Cloud and IoT

SECENTIS

CITADEL

Current Issues in Cloud Computing Security and Management

Challenges in Cloud Computing Security

Privacy-preserving Identity Federations in the Cloud - A Proof of Concept

A dynamic risk-based access control architecture for cloud computing