Oriental Journal of Computer Science and Technology

Open Access Open Access  Restricted Access Subscription Access

High Level Security Trust Zones for Private Clouds


Affiliations
1 A.V.C. College of Engineering, Mannampandal, Mayiladuthurai, 609 305, India
 

The vulnerability of Cloud Computing Systems (CCSs) to Advanced Persistent Threats (APTs) is significant. So a cloud architecture reference model that incorporates a wide range of security controls and best practices, and a cloud security assessment model - Cloud-Trust - that estimates high level security metrics to quantify the degree of confidentiality and integrity offered by a CCS or cloud service provider (CSP) is used. Cloud-Trust is used to assess the security level of four multi-tenant IaaS cloud architectures equipped with alternative cloud security controls and to show the probability of CCS penetration (high value data compromise) is high if a minimal set of security controls are implemented. CCS penetration probability drops substantially if a cloud defense in depth security architecture is adopted that protects virtual machine (VM) images at rest, strengthens CSP and cloud tenant system administrator access controls, and which employs other network security controls to minimize cloud network surveillance and discovery of live VMs.

Keywords

Cloud Computing, VM, CSP, IaaS, CCSs, APTs.
User
Notifications
Font Size

Abstract Views: 213

PDF Views: 0




  • High Level Security Trust Zones for Private Clouds

Abstract Views: 213  |  PDF Views: 0

Authors

R. Vinoth
A.V.C. College of Engineering, Mannampandal, Mayiladuthurai, 609 305, India
B. Guruprasath
A.V.C. College of Engineering, Mannampandal, Mayiladuthurai, 609 305, India
B. N. Karthik
A.V.C. College of Engineering, Mannampandal, Mayiladuthurai, 609 305, India

Abstract


The vulnerability of Cloud Computing Systems (CCSs) to Advanced Persistent Threats (APTs) is significant. So a cloud architecture reference model that incorporates a wide range of security controls and best practices, and a cloud security assessment model - Cloud-Trust - that estimates high level security metrics to quantify the degree of confidentiality and integrity offered by a CCS or cloud service provider (CSP) is used. Cloud-Trust is used to assess the security level of four multi-tenant IaaS cloud architectures equipped with alternative cloud security controls and to show the probability of CCS penetration (high value data compromise) is high if a minimal set of security controls are implemented. CCS penetration probability drops substantially if a cloud defense in depth security architecture is adopted that protects virtual machine (VM) images at rest, strengthens CSP and cloud tenant system administrator access controls, and which employs other network security controls to minimize cloud network surveillance and discovery of live VMs.

Keywords


Cloud Computing, VM, CSP, IaaS, CCSs, APTs.