Title :
Towards secure and at-runtime tailorable customer-driven public cloud deployment
Author :
Karatas, Fatih ; Bourimi, Mohamed ; Barth, Thomas ; Kesdogan, Dogan ; Giménez, Rafael ; Schwittek, Widura ; Planagum, Marc
Author_Institution :
Dept. of IT Security, Privacy & Trust, Trust of the Univ. of Siegen, Siegen, Germany
Abstract :
Cloud computing as a facility for outsourcing IT related tasks is a growing trend. Customer-driven application deployment in public clouds has to be secure and flexible by means of easing security configuration as well as by avoiding the vendor lock-in problem. In this paper we present an approach intending to meet these needs by (1) easing security configuration(s), (2) automating the consideration of security best practices and adding/enabling anonymity components at-runtime, and (3) by using Open Virtualization Format (OVF) in order to overcome the vendor lock-in problem. The requirements gathering is based on the needs of three projects from different business domains, the EU FP7 digital.me project, the multidisciplinary iFishWatcher/iAngle combined project and the joint german-french research and development project ReSCUe IT. All projects require empowering lay as well as experienced customers to (re-)deploy their own applications and migrate them easily by considering security thereby. Supporting tailorability of the deployed environment by adding anonymity components at-runtime without downtimes is a specific requirement in these projects. We present first results and discuss experiences and future work directions.
Keywords :
cloud computing; security of data; virtualisation; EU FP7 digital.me project; German-French research and development project; anonymity component; cloud computing; customer-driven application deployment; customer-driven public cloud deployment; iFishWatcher-iAngle combined project; open virtualization format; security best practice; security configuration; vendor lock-in problem; Authentication; Best practices; Cloud computing; Runtime; Servers; Supply chains; Cloud deployment; cloud security; di.me; security best practices; user-controlled deployment; vendor lock-in prevention;
Conference_Titel :
Pervasive Computing and Communications Workshops (PERCOM Workshops), 2012 IEEE International Conference on
Conference_Location :
Lugano
Print_ISBN :
978-1-4673-0905-9
Electronic_ISBN :
978-1-4673-0906-6
DOI :
10.1109/PerComW.2012.6197463