Towards Resilience Metrics for Future Cloud Applications

Marko Novak, Syed Noorulhassan Shirazi, Aleksandar Hudic, Thomas Hecht, Markus Tauber, David Hutchison, Silia Maksuti, Ani Bicaku

Abstract

An analysis of new technologies can yield insight into the way these technologies will be used. Inevitably, new technologies and their uses are likely to result in new security issues regarding threats, vulnerabilities and attack vectors. In this paper, we investigate and analyse technological and security trends and their potential to become future threats by systematically examining industry reports on existing technologies. Using a cloud computing use case we identify potential resilience metrics that can shed light on the security properties of the system.

References

  1. Authorization., N. D. (2006). National defense authoriazation act for fiscal year 2006.
  2. Ballard, J. R., Rae, I., and Akella, A. (2010). Extensible and scalable network monitoring using opensafe. Proc. INM/WREN, pages 8-8.
  3. Dekker, M. (2012). Critical cloud computing: A ciip perspective on cloud computing services. Technical report, European Network and Information Security Agency (ENISA).
  4. Gartner (2014). Gartner symphosium it xpo, executive summary report.
  5. Grobauer, B., Walloschek, T., and Stocker, E. (2011). Understanding cloud computing vulnerabilities. IEEE Security and Privacy, 9(2):50-57.
  6. Hudic, A., Tauber, M., Lorunser, T., Krotsiani, M., Spanoudakis, G., Mauthe, A., and Weippl, E. (2014). A multi-layer and multitenant cloud assurance evaluation methodology. In Cloud Computing Technology and Science (CloudCom), 2014 IEEE 6th International Conference on, pages 386-393.
  7. Ibrahim, A. S., Hamlyn-Harris, J., Grundy, J., and Almorsy, M. (2011). Cloudsec: a security monitoring appliance for virtual machines in the iaas cloud model. Network and System Security (NSS), 2011 5th International Conference, pages 113-120.
  8. IDC (2014). Idc predictions 2015: Accelerating innovation and growth on the 3rd platform.
  9. Insider, U. B. (2014). Billions of dollars are set to flow into these 7 areas of tech in 2015.
  10. IsReport (2014). Information platform for business solutions, it forecast for 2015.
  11. Jung, C., Schwarz, R., Rudolf, M., Moucha, C., and Eitel, A. (2015). Seccrit deliverable d4.4 policy decision and enforcement tools.
  12. Kaspersky (2014). Next 9 security predictions for 2015.
  13. Khajeh, H. A., Greenwood, D., Smith, J. W., and Sommerville, I. (2012). The cloud adoption toolkit: Supporting cloud adoption decisions in the enterprise. Software Practice and Experience, 42:447-465.
  14. Khajeh, H. A., Greenwood, D., and Sommerville, I. (2010). Cloud migration: A case study of migrating an enterprise it system to iaas. Cloud Computing (CLOUD), pages 450-457.
  15. Khajeh, H. A., Sommerville, I., Bogaerts, J., and Teregowda, P. (2011). Decision support tools for cloud migration in the enterprise. Cloud Computing (CLOUD), pages 541 - 548.
  16. Mason, A. (2015). Global telecoms market: trends and forecasts 20152020.
  17. McAfee (2014). Information platform for business solutions, it forecast for 2015.
  18. McKinsey and Company (2015). Ten it enabled business trends for the decade ahead.
  19. Neal, D. (2011). Amazon web services outages raise serious cloud questions.
  20. Payne, B. D., Carbone, M., Sharif, M., and Lee, W. (2008). Lares: An architecture for secure active monitoring using virtualization. Security and Privacy, 2008. SP 2008. IEEE Symposium, pages 233-247.
  21. Scholler, M., Bless, R., Pallas, F., Horneber, J., and Smith, P. (2013). An architectural model for deploying critical infrastructure services in the cloud. In Cloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on, volume 1, pages 458-466. IEEE.
  22. Shirazi, N., Simpson, S., Marnerides, A., Watson, M., Mauthe, A., and Hutchison, D. (2014). Assessing the impact of intra-cloud live migration on anomaly detection. In Cloud Networking (CloudNet), 2014 IEEE 3rd International Conference on, pages 52-57.
  23. Shirazi, N., Simpson, S., Oechsner, S., Mauthe, A., and Hutchison, D. (2015). A framework for resilience management in the cloud. e & i Elektrotechnik und Informationstechnik, 132(2):122-132.
  24. Simpson, S., Shirazi, N., Hutchison, D., and Backhaus, H. (2013). Seccrit deliverable d4.2 anomaly detection techniques for cloud computing.
  25. Sterbenz, J. P., Hutchison, D., C¸etinkaya, E. K., Jabbar, A., Rohrer, J. P., Schöller, M., and Smith, P. (2010). Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines. Computer Networks, 54(8):1245-1265.
  26. WebSense (2014). Websense security labs 2015.
Download


Paper Citation


in Harvard Style

Novak M., Shirazi S., Hudic A., Hecht T., Tauber M., Hutchison D., Maksuti S. and Bicaku A. (2016). Towards Resilience Metrics for Future Cloud Applications . In Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-182-3, pages 295-301. DOI: 10.5220/0005910502950301


in Bibtex Style

@conference{closer16,
author={Marko Novak and Syed Noorulhassan Shirazi and Aleksandar Hudic and Thomas Hecht and Markus Tauber and David Hutchison and Silia Maksuti and Ani Bicaku},
title={Towards Resilience Metrics for Future Cloud Applications},
booktitle={Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2016},
pages={295-301},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005910502950301},
isbn={978-989-758-182-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Towards Resilience Metrics for Future Cloud Applications
SN - 978-989-758-182-3
AU - Novak M.
AU - Shirazi S.
AU - Hudic A.
AU - Hecht T.
AU - Tauber M.
AU - Hutchison D.
AU - Maksuti S.
AU - Bicaku A.
PY - 2016
SP - 295
EP - 301
DO - 10.5220/0005910502950301