Published October 12, 2019 | Version v1
Conference paper Open

An architecture to manage security services for cloud applications

  • 1. CNIT
  • 2. Infocom Srl


The uptake of virtualization and cloud technologies has pushed novel development and operation models for the software, bringing more agility and automation. Unfortunately, cyber-security paradigms have not evolved at the same pace and are not yet able to effectively tackle the progressive disappearing of a sharp security perimeter. In this paper, we describe a novel cyber-security architecture for cloud-based distributed applications and network services. We propose a security orchestrator that controls pervasive, lightweight, and programmable security hooks embedded in the virtual functions that compose the cloud application, pursuing better visibility and more automation in this domain. Our approach improves existing management practice for service orchestration, by decoupling the management of the business logic from that of security. We also describe the current implementation stage for a programmable monitoring, inspection, and enforcement framework, which represents the ground technology for the realization of the whole architecture.



Files (790.0 kB)

Name Size Download all
790.0 kB Preview Download

Additional details


ASTRID – AddreSsing ThReats for virtualIseD services 786922
European Commission
GUARD – A cybersecurity framework to GUArantee Reliability and trust for Digital service chains 833456
European Commission