Visible to the public Security attack mitigation framework for the cloud

Submitted by BrandonB on Tue, 05/05/2015 - 10:17am
TitleSecurity attack mitigation framework for the cloud
Publication TypeConference Paper
Year of Publication2014
AuthorsDatta, E., Goyal, N.
Conference NameReliability and Maintainability Symposium (RAMS), 2014 Annual
Date PublishedJan
KeywordsAttack Graphs, attack mitigation plan, availability parameter, business data leaks, cloud computing, cloud resource manager, cloud service, Companies, confidentiality parameter, cross-channel attacks, customer trust, enterprise cloud computing, enterprise cloud solutions, enterprise IT infrastructure, enterprise wide information processing system, hacking techniques, information technology, integrity parameter, Markov chain, Markov model, Markov processes, mean time to security failure, MTTSF cloud, privacy losses, private data security, resource consolidation, security, Security Administration, security attack mitigation framework, security guarantee, security of data, Silicon, software products, software vulnerabilities, software vulnerability exploits, virtual machine, Virtual machining, virtualisation, virtualization technology
Abstract

Cloud computing brings in a lot of advantages for enterprise IT infrastructure; virtualization technology, which is the backbone of cloud, provides easy consolidation of resources, reduction of cost, space and management efforts. However, security of critical and private data is a major concern which still keeps back a lot of customers from switching over from their traditional in-house IT infrastructure to a cloud service. Existence of techniques to physically locate a virtual machine in the cloud, proliferation of software vulnerability exploits and cross-channel attacks in-between virtual machines, all of these together increases the risk of business data leaks and privacy losses. This work proposes a framework to mitigate such risks and engineer customer trust towards enterprise cloud computing. Everyday new vulnerabilities are being discovered even in well-engineered software products and the hacking techniques are getting sophisticated over time. In this scenario, absolute guarantee of security in enterprise wide information processing system seems a remote possibility; software systems in the cloud are vulnerable to security attacks. Practical solution for the security problems lies in well-engineered attack mitigation plan. At the positive side, cloud computing has a collective infrastructure which can be effectively used to mitigate the attacks if an appropriate defense framework is in place. We propose such an attack mitigation framework for the cloud. Software vulnerabilities in the cloud have different severities and different impacts on the security parameters (confidentiality, integrity, and availability). By using Markov model, we continuously monitor and quantify the risk of compromise in different security parameters (e.g.: change in the potential to compromise the data confidentiality). Whenever, there is a significant change in risk, our framework would facilitate the tenants to calculate the Mean Time to Security Failure (MTTSF) cloud and allow them to adopt a dynamic mitigation plan. This framework is an add-on security layer in the cloud resource manager and it could improve the customer trust on enterprise cloud solutions.
URLhttps://ieeexplore.ieee.org/document/6798457/
DOI10.1109/RAMS.2014.6798457
Citation Key6798457
Groups: