1,209 research outputs found
Interoperable Federated Cloud Networking
The BEACON framework enables the provision of federated cloud infrastructures, with special emphasis on inter-cloud networking and security issues, to support the automated deployment of applications and services across different clouds and datacenters. BEACON is distributed as open source (see http://github.com/BeaconFramework) and some enhancements are being contributed to the OpenNebula and OpenStack cloud management platforms
Management and Service-aware Networking Architectures (MANA) for Future Internet Position Paper: System Functions, Capabilities and Requirements
Future Internet (FI) research and development threads have recently been gaining momentum all over the world and as such the international race to create a new generation Internet is in full swing: GENI, Asia Future Internet, Future Internet Forum Korea, European Union Future Internet Assembly (FIA). This is a position paper identifying the research orientation with a time horizon of 10 years, together with the key challenges for the capabilities in the Management and Service-aware Networking Architectures (MANA) part of the Future Internet (FI) allowing for parallel and federated Internet(s)
Collaborative Intrusion Detection in Federated Cloud Environments
Moving services to the Cloud is a trend that has steadily gained popularity over recent years, with a constant increase in sophistication and complexity of such services. Today, critical infrastructure operators are considering moving their services and data to the Cloud. Infrastructure vendors will inevitably take advantage of the benefits Cloud Computing has to offer. As Cloud Computing grows in popularity, new models are deployed to exploit even further its full capacity, one of which is the deployment of Cloud federations. A Cloud federation is an association among different Cloud Service Providers (CSPs) with the goal of sharing resources and data. In providing a larger-scale and higher performance infrastructure, federation enables on-demand provisioning of complex services. In this paper we convey our contribution to this area by outlining our proposed methodology that develops a robust collaborative intrusion detection methodology in a federated Cloud environment. For collaborative intrusion detection we use the Dempster-Shafer theory of evidence to fuse the beliefs provided by the monitoring entities, taking the final decision regarding a possible attack. Protecting the federated Cloud against cyber attacks is a vital concern, due to the potential for significant economic consequences
WLCG Security Operations Centres Working Group
Security monitoring is an area of considerable interest for sites in the Worldwide LHC
Computing Grid (WLCG), particularly as we move as a community towards the use of
a growing range of computing models and facilities. There is an increasingly large set
of tools available for these purposes, many of which work in concert and use concepts
drawn from the use of analytics for Big Data. The integration of these tools into what
is commonly called a Security Operations Centre (SOC), however, can be a complex task
- the open source project Apache Metron (which at the time of writing is in incubator
stage and is an evolution of the earlier OpenSOC project) is a popular example of one
such integration. At the same time, the necessary scope and rollout of such tools can vary
widely for sites of different sizes and topologies. Nevertheless, the use of such platforms
could be critical for security in modern Grid and Cloud sites across all scientific disciplines.
In parallel, the use and need for threat intelligence sharing is at a key stage and is an
important component of a SOC. Grid and Cloud security is a global endeavour - modern
threats can affect the entire community, and trust between sites is of utmost importance.
Threat intelligence sharing platforms are a vital component to building this trust as well
as propagating useful threat data. The MISP software (Malware Information Sharing
Platform) is a very popular and
exible tool for this purpose, in use at a wide range of
organizations in different domains across the world.
In this context we present the work of the WLCG Security Operations Centres Work-
ing Group, which was created to coordinate activities in these areas across the WLCG.
The mandate of this group includes the development of a scalable SOC reference design
applicable for a range of sites by examining current and prospective SOC projects & tools.
In particular we report on the first work on the deployment of MISP and the Bro Intru-
sion Detection System at a number of WLCG sites as SOC components, including areas
of integration between these tools. We also report on our future roadmap and framework,
which includes the Apache Metron project
CyberGuarder: a virtualization security assurance architecture for green cloud computing
Cloud Computing, Green Computing, Virtualization, Virtual Security Appliance, Security Isolation
- …