Securing services in networked cloud infrastructures

Research output: Contribution to journalArticle

4 Citations (Scopus)

Abstract

In this paper, we propose techniques and architecture for securing services that are hosted in a multi-tenant networked cloud infrastructures. Our architecture is based on trusted virtual domains and takes into account both security policies of the tenant domains as well as specific security policies of the virtual machines in the tenant domains. We describe techniques for detecting a range of attacks such as attacks between the virtual machines within a trusted virtual domain, attacks between the virtual machines in different domains, malicious insider attacks and attacks against specific services such as DNS, database and web servers within a domain. We address security policies for trusted virtual domain management such as secure addition and deletion of a virtual machine and the revocation of privileges associated with a virtual machine in a domain. We also discuss forensic analysis of attacks and fine granular detection of malicious entities and mechanisms for restoration of services. Furthermore the proposed architecture provides mechanisms for enhancing the assurance of communications between the virtual machines in different domains. Finally, we present the implementation of our security architecture using Xen and illustrate how our architecture is able to secure services in networked cloud infrastructures.

Original languageEnglish
Article number7473937
Pages (from-to)1149-1163
Number of pages15
JournalIEEE Transactions on Cloud Computing
Volume6
Issue number4
DOIs
Publication statusPublished - 1 Oct 2018

Keywords

  • Networked cloud security
  • Security architecture
  • Security attacks
  • Security management
  • Trusted virtual domains

Fingerprint Dive into the research topics of 'Securing services in networked cloud infrastructures'. Together they form a unique fingerprint.

  • Cite this