A Framework for Intrusion Tolerance in Cloud Computing
Cloud Computing has been envisioned as the next generation architecture and one of the fastest growing segments of the IT enterprises. No matter how much investment is made in cloud intrusion detection and prevention, cloud infrastructure remains vulnerable to attacks. Intrusion Tolerance in Cloud Computing is a fault tolerant design approach to defend cloud infrastructure against malicious attacks. Thus to ensure dependability we present a framework by mapping available Malicious and Accidental Fault Tolerance for Internet Applications (MAFTIA) intrusion tolerance framework for dependencies such as availability, authenticity, reliability, integrity, maintainability and safety against new Cloud Computing environment. The proposed framework has been validated by integrating Intrusion Tolerance via Threshold Cryptography (ITTC) mechanism in the simulated cloud environment. Performance analysis of the proposed framework is also done.
KeywordsCloud Computing Framework Intrusion Tolerance Security Threshold Cryptography
Unable to display preview. Download preview PDF.
- 3.Saidane, A., Nicomette, V., Deswarte, Y.: The Design of a Generic Intrusion-Tolerant Architecture for Web Servers. IEEE Trans. 6, 45–58 (2009)Google Scholar
- 4.Powell, D., Stroud, R.: Malicious-and Accidental-Fault Tolerance for Internet Applications: Conceptual Model and Architecture. Technical Report 03011, Project IST-1999-11583 MAFTIA, Deliverable D21, LAAS-CNRS (January 2003)Google Scholar
- 5.Ramasamy, H.V., Agbaria, A., Sanders, W.H.: CoBFIT: A Component-Based Framework for Intrusion Tolerance. In: 30th EUROMICRO Conference (EUROMICRO 2004), pp. 591–600 (2004)Google Scholar
- 6.Information Technology Infrastructure Library, http://www.itil-officialsite.com/home/
- 7.Intrusion Tolerance via Threshold Cryptography, http://crypto.stanford.edu/~dabo/ITTC/
- 8.Reynolds, J.C., Just, J., Clough, L., Maglich, R.: On-Line Intrusion Detection and Attack Prevention Using Diversity, Generate-and-Test, and Generalization. In: HICSS 2003, Track -9, vol. 9 (2003)Google Scholar
- 9.Pal, P., Schantz, R., Atighetchi, M., Loyall, J.: What Next in Intrusion Tolerance. BBN Technologies, CambridgeGoogle Scholar
- 10.Popovic, K., Hocenski, Z.: Cloud computing security issues and challenges. In: IEEE Trans. MIPRO, 2010 Proceedings of the 33rd International Convention, pp. 344–349 (May 2010)Google Scholar
- 11.Proposed Security Assessment and Authorization for U.S. Government Cloud Computing (November 2010), http://www.govinfosecurity.com/
- 12.Buyya, R., Ranjan, R., Calheiros, R.N.: Modeling and Simulation of Scalable Cloud Computing Environments and the CloudSim Toolkit: Challenges and Opportunities. University of Melbourne, Australia (July 2009)Google Scholar