A Software-Defined Security Strategy for Supporting Autonomic Security Enforcement in Distributed Cloud

International audienceWe propose in this paper a software-defined security framework, for supporting the enforcement of security policies in distributed cloud environments. These ones require security mechanisms able to cope with their multi-tenancy and multi-cloud properties. This framework relies on the autonomic paradigm to dynamically configure and adjust these mechanisms to distributed cloud constraints, and exploit the software-defined logic to express and propagate security policies to the considered cloud resources. The proposed framework is evaluated through a set of validation scenarios corresponding to a realistic use cases including cloud resource allocation/deallocation, cloud resource state change, and dynamic access control