Abstract
In this chapter, we explain the design and implementation of a middleware, namely PERMON, to apply the proactive approach to OpenStack (OpenStack open-source cloud computing software (2015). http://www.openstack.org. Accessed 14 Feb, 2018), which is one of the most popular cloud platforms. The middleware is designed to intercept the attributes of user-issued requests on their path to an intended API service, and identify the requested event types based on the examined attributes. Having processed the selected parameters coupled with the identified event types, the middleware enforces the verification result by either granting or rejecting the user request.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
S. Bleikertz, C. Vogel, T. GroĂŸ, S. Mödersheim, Proactive security analysis of changes in virtualized infrastructures, in Proceedings of the 31st Annual Computer Security Applications Conference (ACSAC) (ACM, New York, 2015), pp. 51–60
S. Majumdar, Y. Jarraya, T. Madi, A. Alimohammadifar, M. Pourzandi, L. Wang, M. Debbabi, Proactive verification of security compliance for clouds through pre-computation: application to OpenStack, in European Symposium on Research in Computer Security (ESORICS) (Springer, Berlin, 2016), pp. 47–66
S. Majumdar, Y. Jarraya, M. Oqaily, A. Alimohammadifar, M. Pourzandi, L. Wang, M. Debbabi, Leaps: learning-based proactive security auditing for clouds, in ed. by S.N. Foley, D. Gollmann, E. Snekkenes. Computer Security – ESORICS 2017 (Springer, Cham, 2017), pp. 265–285
OpenStack, Neutron firewall rules bypass through port update (2015). https://security.openstack.org/ossa/OSSA-2015-018.html
OpenStack, OpenStack open source cloud computing software (2015). http://www.openstack.org. Accessed 14 Feb 2018
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Majumdar, S. et al. (2019). Runtime Security Policy Enforcement in Clouds. In: Cloud Security Auditing. Advances in Information Security, vol 76. Springer, Cham. https://doi.org/10.1007/978-3-030-23128-6_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-23128-6_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-23127-9
Online ISBN: 978-3-030-23128-6
eBook Packages: Computer ScienceComputer Science (R0)