Security is a very complex and challenging problem in Cloud organizations. Ensuring the security of operations within the cloud by also enforcing the users’ own security requirements, usually results in a complex tradeoff with the efficiency of the overall system. In this paper, we developed a novel architectural model enforcing cloud security, based on a multi-agent scheme and a security aware non-deterministic Meta Scheduler driven by genetic heuristics. Such model is explicitly designed to prevent Denial of Service and Timing Attacks over the cloud and has been demonstrated to be integrable within the well-known OpenStack platform. Additionally, we proposed two different models for assuring users security demands. The first is a scoring model that allows scheduling tasks only on the Virtual Machines offering proper security level. The second model takes into account the time spent on the necessary cryptographic operations dedicated to particular task. The above scheduling system has been simulated in order to assess the effectiveness of the proposed security architecture, resulting in an increased system safety and resiliency against attacks, without sensibly impacting the performance of the whole cloud environment.

Non-deterministic security driven meta scheduler for distributed cloud organizations

PALMIERI, FRANCESCO
2017

Abstract

Security is a very complex and challenging problem in Cloud organizations. Ensuring the security of operations within the cloud by also enforcing the users’ own security requirements, usually results in a complex tradeoff with the efficiency of the overall system. In this paper, we developed a novel architectural model enforcing cloud security, based on a multi-agent scheme and a security aware non-deterministic Meta Scheduler driven by genetic heuristics. Such model is explicitly designed to prevent Denial of Service and Timing Attacks over the cloud and has been demonstrated to be integrable within the well-known OpenStack platform. Additionally, we proposed two different models for assuring users security demands. The first is a scoring model that allows scheduling tasks only on the Virtual Machines offering proper security level. The second model takes into account the time spent on the necessary cryptographic operations dedicated to particular task. The above scheduling system has been simulated in order to assess the effectiveness of the proposed security architecture, resulting in an increased system safety and resiliency against attacks, without sensibly impacting the performance of the whole cloud environment.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11386/4687277
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 27
  • ???jsp.display-item.citation.isi??? 17
social impact