Abstract
This paper presents a security assurance platform to monitor and control the security in the context of multi-cloud applications. Indeed, this property is a crucial issue in multi cloud-based environments where many aspects need to be faced, including risk management, data privacy and isolation, security-by-design applications, and vulnerability scans. Moreover, it also becomes necessary to have an efficient system that interrelates and operates all security controls that are configured and executed independently on each component of the system.
In addition, as new attacks emerge every day, threat detection systems play a fundamental role in security monitoring schemes, identifying possible attacks. These systems handle an enormous volume of data, as they detect unknown malware by monitoring different activities from different points of observation, as well as adapting to new attack strategies and considering techniques to detect malicious behaviors and react accordingly.
In this paper, we describe a monitoring platform for securing multi-cloud applications, from a Service Level Agreement perspective. Moreover, we present a case study depicting the multi-cloud monitoring of a smart-city transport application for the citizens of Tampere, Finland. Considering the nature of the application under study, the service requires continuous execution and availability functionalities, as end-users may utilize the service at any time.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Musa project. http://www.musa-project.eu/. Accessed Jan 2017
Openstack ceilometer. http://docs.openstack.org/developer/ceilometer/. Accessed Jan 2017
Opnfv doctor. http://wiki.opnfv.org/doctor. Accessed Jan 2017
Stacktach. http://stacktach.readthedocs.org/en/latest/index.html. Accessed Jan 2017
Lifecycle management of service-based applications on multi-clouds: a research roadmap (2013)
Multi-Cloud: expectations and current approaches (2013)
Carvallo, P., Cavalli, A.R., Mallouli, W., Rios, E.: Multi-cloud applications security monitoring. In: Au, M.H.A., Castiglione, A., Choo, K.-K.R., Palmieri, F., Li, K.-C. (eds.) GPC 2017. LNCS, vol. 10232, pp. 748–758. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-57186-7_54
Casola, V., Benedictis, A.D., Modic, J., Rak, M., Villano, U.: Per-service security sla: A new model for security management in clouds. In: 2016 IEEE 25th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), pp. 83–88, June 2016
Casola, V., Benedictis, A.D., Rak, M., Rios, E.: Security-by-design in clouds: a security-sla driven methodology to build secure cloud applications. Procedia Comput. Sci. 97, 53–62 (2016). http://www.sciencedirect.com/science/article/pii/S1877050916320968. 2nd International Conference on Cloud Forward: From Distributed to Complete Computing
Collectd. http://collectd.org/. Accessed Jan 2017
Consul. https://www.consul.io/. Accessed Jan 2017
Ferry, N., Rossini, A., Chauvel, F., Morin, B.: Towards model-driven provisioning, deployment, monitoring, and adaptation of multi-cloud systems. In: 2013 IEEE Sixth International Conference on Cloud Computing (2013)
Global Inter-cloud Technology Forum: Use Cases and Functional Requirements for Inter-Cloud Computing. Technical report (2010)
Grozev, N., Buyya, R.: Inter-Cloud architectures and application brokering: taxonomy and survey. Softw. Pract. Exp. 44(3), 369–390 (2012)
OpenStack Security Guide. http://docs.openstack.org/sec/. Accessed Jan 2017
Nabi, M., Toeroe, M., Khendek, F.: Availability in the cloud: state of the art. J. Netw. Comput. Appl. 60, 54–67 (2016)
Patel, A., Taghavi, M., Bakhtiyari, K., Celestino Júnior, J.: An intrusion detection and prevention system in cloud computing: a systematic review. J. Netw. Comput. Appl. 36(1), 25–41 (2013)
Bandit Project. http://wiki.openstack.org/wiki/Security/Projects/Bandit. Accessed Jan 2017
Zbakh, M., Elmahdi, K., Cherkaoui, R., Enniari, S.: A multi-criteria analysis of intrusion detection architectures in cloud environments. In: 2015 International Conference on Cloud Technologies and Applications (CloudTech), pp. 1–9. IEEE (2015)
Zeginis, C., Kritikos, K., Garefalakis, P., Konsolaki, K., Magoutis, K., Plexousakis, D.: Towards cross-layer monitoring of multi-cloud service-based applications. In: Lau, K.-K., Lamersdorf, W., Pimentel, E. (eds.) ESOCC 2013. LNCS, vol. 8135, pp. 188–195. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40651-5_16
Acknowledgement
The work presented in this paper has been developed in the context of the MUSA EU Horizon 2020 project [1] under grant agreement No 644429.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Carvallo, P., Cavalli, A.R., Mallouli, W. (2018). A Platform for Security Monitoring of Multi-cloud Applications. In: Petrenko, A., Voronkov, A. (eds) Perspectives of System Informatics. PSI 2017. Lecture Notes in Computer Science(), vol 10742. Springer, Cham. https://doi.org/10.1007/978-3-319-74313-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-74313-4_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-74312-7
Online ISBN: 978-3-319-74313-4
eBook Packages: Computer ScienceComputer Science (R0)