Name
Abstract | ||
|---|---|---|
Strong user expectations for protecting their cloud-hosted IT systems make enhanced security a key element for cloud adoption. This means that cloud infrastructure security should be guaranteed, but also that security monitoring services should be correctly designed to protect the user Virtual Machines (VMs), using Intrusion Detection and Prevention Services (IDPS). This paper gives an overview of available and emerging techniques for building intrusion monitoring services, analyzing their ability to address the VM protection requirements in a cloud context. While network- and host-based security monitoring are shown not to be well suited for the cloud, this paper makes a position statement, recommending a new monitoring approach, called hyper visor-based, as an alternative. This approach benefits from virtualization to monitor through the hyper visor, and from outside the user execution context, the security of computing, networking, and storage resources allocated to user VMs. Compared to traditional IDPS designs, hyper visor-based architectures are shown to be the most promising, greatly improving user VM security. This analysis also highlights the privileged role of the cloud provider to operate such type of IDPS, since it may perform integrated security monitoring as provider of both infrastructure and security services. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1109/SOSE.2013.27 | SoSE |
Keywords | Field | DocType |
cloud provider,host-based security monitoring,security monitoring service,engineering intrusion prevention services,cloud infrastructure security,intrusion monitoring service,integrated security monitoring,iaas clouds,user vm security,cloud context,security service,cloud adoption,virtualization,intrusion detection,cloud computing,computer architecture,security,hypervisor,virtual machines | Virtualization,Host-based intrusion detection system,Computer science,Computer security,Hypervisor,Security service,Real-time computing,Cloud computing security,Intrusion detection system,Computer security model,Cloud computing | Conference |
Citations | PageRank | References |
3 | 0.40 | 0 |
Authors | ||
6 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Sylvie Laniepce | 1 | 30 | 4.12 |
| Marc Lacoste | 2 | 4 | 1.78 |
| Mohammed Kassi-Lahlou | 3 | 4 | 0.77 |
| Fabien Bignon | 4 | 3 | 0.40 |
| Kahina Lazri | 5 | 35 | 4.94 |
| Aurelien Wailly | 6 | 3 | 0.40 |