Regresar

Market-inspired framework for securing assets in cloud computing environments

Abstract:

Self-adaptive security methods have been extensively leveraged for securing software systems and users from runtime threats in online and elastic environments, such as the cloud. The existing solutions treat security as an aggregated quality by enforcing “one service for all” without considering the explicit security requirements of each asset or the costs associated with security. Dealing with the security of assets in ultra-large environments calls for rethinking the way we select and compose services—considering not only the services but the underlying supporting computational resources in the process. We motivate the need for an asset-centric, self-adaptive security framework that selects and allocates services and underlying resources in the cloud. The solution leverages learning algorithms and market-inspired approaches to dynamically manage changes in the runtime security goals/requirements of assets with the provision of suitable services and resources, while catering for monetary and computational constraints. The proposed framework aims to inform the self-adaptive security efforts of security researchers and practitioners operating in dynamic large-scale environments, such as the Cloud. To illustrate the utility of the proposed framework it is evaluated using simulation on an application based scenario, involving cloud-based storage and security services.