TY - CHAP
T1 - Defining Intercloud Security Framework and Architecture Components for Multi-cloud Data Intensive Applications
AU - Demchenko, Yuri
AU - Turkmen, Fatih
AU - Slawik, Mathias
AU - De Laat, Cees
PY - 2017/7/10
Y1 - 2017/7/10
N2 - This paper presents results of the ongoing development of the Intercloud Security Framework (ICSF), that is a part of the Intercloud Architecture Framework (ICAF), and provides an architectural basis for building security infrastructure services for multi-cloud applications. The paper refers to general use case of the data intensive applications that indicate need for multi-cloud applications platforms that will require corresponding multi-cloud security services. The paper presents analysis of the general multi-cloud use case that helps eliciting the general requirement to ICSF and identifying the security infrastructure functional components that would allow using distributed cloud based resources and data sets. The paper defines the main ICSF services and functional components, and explains importance of consistent implementation of the Security Services Lifecycle Management in cloud based applications. The paper provides overview of the cloud compliance standards and their role in cloud security. The paper refers to the security infrastructure development in the CYCLONE project that implements federated identify management, secure logging service, and multi-domain Attribute Based Access Control, security services lifecycle management. The paper discusses implementation of the Trust Bootstrapping Protocol as an important mechanism to ensure consistent security in the virtualised inter-cloud environment.
AB - This paper presents results of the ongoing development of the Intercloud Security Framework (ICSF), that is a part of the Intercloud Architecture Framework (ICAF), and provides an architectural basis for building security infrastructure services for multi-cloud applications. The paper refers to general use case of the data intensive applications that indicate need for multi-cloud applications platforms that will require corresponding multi-cloud security services. The paper presents analysis of the general multi-cloud use case that helps eliciting the general requirement to ICSF and identifying the security infrastructure functional components that would allow using distributed cloud based resources and data sets. The paper defines the main ICSF services and functional components, and explains importance of consistent implementation of the Security Services Lifecycle Management in cloud based applications. The paper provides overview of the cloud compliance standards and their role in cloud security. The paper refers to the security infrastructure development in the CYCLONE project that implements federated identify management, secure logging service, and multi-domain Attribute Based Access Control, security services lifecycle management. The paper discusses implementation of the Trust Bootstrapping Protocol as an important mechanism to ensure consistent security in the virtualised inter-cloud environment.
KW - Cloud Compliance
KW - Cloud Security
KW - Dynamic Access Control Infrastructure (DACI)
KW - Intercloud Federations Framework (ICFF)
KW - Intercloud Security Framework (ICSF)
KW - Shared Responsibility Model
KW - Trusted Bootstrapping Protocol
UR - http://www.mendeley.com/research/defining-intercloud-security-framework-architecture-components-multicloud-data-intensive-application
U2 - 10.1109/CCGRID.2017.144
DO - 10.1109/CCGRID.2017.144
M3 - Chapter
SN - 9781509066100
T3 - Proceedings - 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGRID 2017
SP - 945
EP - 952
BT - Proceedings - 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGRID 2017
PB - Institute of Electrical and Electronics Engineers Inc.
ER -