Conference paper Open Access

An architecture to manage security services for cloud applications

Repetto, Matteo; Carrega, Alessandro; Lamanna, Guerino

The uptake of virtualization and cloud technologies has pushed novel development and operation models for the software, bringing more agility and automation. Unfortunately, cyber-security paradigms have not evolved at the same pace and are not yet able to effectively tackle the progressive disappearing of a sharp security perimeter. In this paper, we describe a novel cyber-security architecture for cloud-based distributed applications and network services. We propose a security orchestrator that controls pervasive, lightweight, and programmable security hooks embedded in the virtual functions that compose the cloud application, pursuing better visibility and more automation in this domain. Our approach improves existing management practice for service orchestration, by decoupling the management of the business logic from that of security. We also describe the current implementation stage for a programmable monitoring, inspection, and enforcement framework, which represents the ground technology for the realization of the whole architecture.

Files (790.0 kB)
Name Size
icccs19-5.pdf
md5:55e924af183d308095d593c7728d4c0a
790.0 kB Download
18
20
views
downloads
Views 18
Downloads 20
Data volume 15.8 MB
Unique views 13
Unique downloads 17

Share

Cite as