Conference paper Open Access

An architecture to manage security services for cloud applications

Repetto, Matteo; Carrega, Alessandro; Lamanna, Guerino

The uptake of virtualization and cloud technologies has pushed novel development and operation models for the software, bringing more agility and automation. Unfortunately, cyber-security paradigms have not evolved at the same pace and are not yet able to effectively tackle the progressive disappearing of a sharp security perimeter. In this paper, we describe a novel cyber-security architecture for cloud-based distributed applications and network services. We propose a security orchestrator that controls pervasive, lightweight, and programmable security hooks embedded in the virtual functions that compose the cloud application, pursuing better visibility and more automation in this domain. Our approach improves existing management practice for service orchestration, by decoupling the management of the business logic from that of security. We also describe the current implementation stage for a programmable monitoring, inspection, and enforcement framework, which represents the ground technology for the realization of the whole architecture.

Files (790.0 kB)
Name Size
icccs19-5.pdf
md5:55e924af183d308095d593c7728d4c0a
790.0 kB Download
26
40
views
downloads
Views 26
Downloads 40
Data volume 31.6 MB
Unique views 20
Unique downloads 37

Share

Cite as