| Title | An architecture to manage security services for cloud applications |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Repetto, M., Carrega, A., Lamanna, G. |
| Conference Name | 2019 4th International Conference on Computing, Communications and Security (ICCCS) |
| Keywords | cloud application, cloud computing, cloud technologies, cloud-based distributed applications, Computer architecture, cyber-security architecture, cyber-security paradigms, Human Behavior, human factors, Inspection, management practice, Metrics, Monitoring, network services, operation models, Pervasive Computing Security, pubcrawl, resilience, Resiliency, Scalability, security, Security architectures, security of data, security orchestrator, security perimeter, security services, service orchestration, Software, software orchestration, Topology, ubiquitous computing, virtual functions, virtualization |
| Abstract | The uptake of virtualization and cloud technologies has pushed novel development and operation models for the software, bringing more agility and automation. Unfortunately, cyber-security paradigms have not evolved at the same pace and are not yet able to effectively tackle the progressive disappearing of a sharp security perimeter. In this paper, we describe a novel cyber-security architecture for cloud-based distributed applications and network services. We propose a security orchestrator that controls pervasive, lightweight, and programmable security hooks embedded in the virtual functions that compose the cloud application, pursuing better visibility and more automation in this domain. Our approach improves existing management practice for service orchestration, by decoupling the management of the business logic from that of security. We also describe the current implementation stage for a programmable monitoring, inspection, and enforcement framework, which represents the ground technology for the realization of the whole architecture. |
| DOI | 10.1109/CCCS.2019.8888061 |
| Citation Key | repetto_architecture_2019 |
An architecture to manage security services for cloud applications