Title :
CloudSEC: A Cloud Architecture for Composing Collaborative Security Services
Author :
Xu, Jia ; Yan, Jia ; He, Liang ; Su, Purui ; Feng, Dengguo
Author_Institution :
State Key Lab. of Inf. Security, Chinese Acad. of Sci., Beijing, China
fDate :
Nov. 30 2010-Dec. 3 2010
Abstract :
Massive Internet invasions implemented through the distributed platform fabricated by rapid diffusion of malwares, has become a significant issue in network security. We argue that the notion of “Collaborative Security” is an emerging trend in resisting distributed attacks originated from malware. Therefore, this paper proposes a new architecture: CloudSEC, for composing collaborative security-related services in clouds, such as correlated intrusion analysis, anti-spam, anti-DDOS, automated malware detection and containment. CloudSEC is modeled as a dynamic peer-to-peer overlay hierarchy with three types of top-down architectural components. Based on, this architecture, both data distribution and task scheduling overlays can be simultaneously implemented in a loosely coupled fashion, which can efficiently retrieve data resources from heterogeneous network security facilities, and harness distributed collection of computational resources to process data-intensive tasks. Hence, CloudSEC endues the network security infrastructure with the capability of dynamic adaptation and collaboration on an inter-organizational scale. The results of preliminary evaluation demonstrate that, CloudSEC not only delivers a sample service of distributed intrusion correlation with high scalability and robustness, but also achieves remarkable effectiveness in data sharing and task scheduling.
Keywords :
cloud computing; groupware; invasive software; CloudSEC; Internet invasions; cloud architecture; composing collaborative security services; computational resources; data sharing; distributed intrusion correlation; distributed platform; malwares; network security; peer-to-peer overlay; Collaboration; Computer architecture; Distributed databases; Peer to peer computing; Scheduling; Security; XML; cloud architecture; collaborative security; distributed data sharing; peer-to-peer overlay; self-adaptive task scheduling;
Conference_Titel :
Cloud Computing Technology and Science (CloudCom), 2010 IEEE Second International Conference on
Conference_Location :
Indianapolis, IN
Print_ISBN :
978-1-4244-9405-7
Electronic_ISBN :
978-0-7695-4302-4
DOI :
10.1109/CloudCom.2010.16