Network security for Hybrid Cloud

Cloud computing has enabled elastic and transparent access to distributed services, without investing in new infrastructures. In the last few years, Cloud computing has grown from being a promising business concept to one of the fast growing segments of the IT industry. Despite of all the hype surrounding the Cloud, enterprise customers are still reluctant to deploy their business in the Cloud. Security is one of the major issues which reduces the growth of Cloud computing and complications with data privacy and data protection continue to plague the market. In this paper, we propose a solution for Hybrid Cloud security, focusing on a Virtual Intrusion Detection System (V-IDS). We present a new architecture that considers the basic principles of the Cloud computing, virtualization and GMPLS Control Plane and applies them to the intrusion detection systems, in order to protect Cloud networks characterized by constantly changing of the underlying infrastructure and physical topology. Based on the defined architecture, we have implemented a prototype of Cloud based IDS that validates our thesis. The prototype is realized though the integration of two open-source technologies: OpenStack and DRAGON (Dynamic Resource Allocation via GMPLS Optical Networks).