Dynamic access control in cloud services

The term “cloud computing” refers to the software services that are offered over the Internet. The problems of security of such services are becoming particularly important due to intricate structure and dynamic nature of distributed cloud environment. Complexity of the cloud platforms requires more functionality from the security devices, as well as their online configurability in accordance with the current state of network environment through which the users can access the information services. In this paper, we propose a specialized firewall solution implementing the access control using the hypervisor functionality, and describe a dynamic access model based on virtual connections management employing the mechanism of traffic filtering in transparent, also called “stealth”, mode. A security appliance (firewall) in this mode is not visible to other participants (components) of the network interactions, allowing it to implement the access policy while remaining invulnerable to cyber crooks.