Toward Automated Security Analysis and Enforcement for Cloud Computing Using Graphical Models for Security

IEEE ACCESS(2022)

引用 3|浏览6
暂无评分
摘要
Cloud computing has become widely adopted by businesses for hosting applications with improved performance at a fraction of the operational costs and complexity. The rise of cloud applications has been coupled with an increase in security threat vectors and vulnerabilities. In this paper, we propose a new security assessment and enforcement tool for the cloud named CloudSafe, which provides an automated security assessment and enforce best security control for the cloud by collating various security tools. To demonstrate the applicability and usability of CloudSafe, we implemented CloudSafe and conducted security assessment in Amazon AWS. Also, we analyzed four different security countermeasure options in depth; Vulnerability Patching, Virtual Patching, Network Hardening and Moving Target Defence. Virtual Patching, Network Hardening and Moving Target Defence were determined to be feasible with regards to deployment implementation for the project. Proof of concepts were developed demonstrating the effectiveness of each feasible countermeasure option. These results indicate that the proposed tool CloudSafe is effective and efficient in helping security administrators to select optimal countermeasures to secure their cloud by conducting an in-depth security assessment.
更多
查看译文
关键词
Security, Cloud computing, Databases, Costs, Optimization, Cloud computing security, Automation, Cloud computing, cloud security, graphical security models, security assessment
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要