Int. J. of Cloud Computing   »   2013 Vol.2, No.2/3

 

 

Title: Building resilient cloud services using DDDAS and moving target defence

 

Authors: Glynis Dsouza; Gabriel Rodriguez; Youssif Al-Nashif; Salim Hariri

 

Addresses:
NSF Center for Autonomic Computing, The University of Arizona, Tucson, AZ, 85721, USA
Computer Architecture Group, University of A Coruña, Campus de Elviña, s/n 15071 A Coruña, Spain
NSF Center for Autonomic Computing, The University of Arizona, Tucson, AZ, 85721, USA
NSF Center for Autonomic Computing, The University of Arizona, Tucson, AZ, 85721, USA

 

Abstract: It is widely accepted that we cannot build cloud systems that are free from vulnerabilities and cannot be penetrated or attacked. Our approach to address cloud security challenges is based on using the dynamic data driven application system (DDDAS) and moving target defence (MTD) strategies to develop resilient cloud services (RCS). The use of the MTD strategy makes it extremely difficult for an attacker to exploit existing vulnerabilities by varying different aspects of the system execution environment. By continuously changing the execution environment based on the DDDAS paradigm to meet the dynamic changes in system and application security requirements, we can reduce the attack surface and consequently, the attackers will have very limited time to figure out the current execution environment and what vulnerabilities are to be exploited. The DDDAS-based resilient cloud services (DRCS) implementation utilises the following capabilities: software behaviour encryption (SBE), replication, diversity, automated checkpointing and recovery.

 

Keywords: DDDAS paradigm; moving target defence; MTD; resiliency; diversity; checkpointing; recovery block; acceptance test; cloud services; cloud computing; cloud security; vulnerabilities; software behaviour encryption; cryptography; replication.

 

DOI: 10.1504/IJCC.2013.055266

 

Int. J. of Cloud Computing, 2013 Vol.2, No.2/3, pp.171 - 190

 

Available online: 24 Jul 2013

 

 

Editors Full text accessAccess for SubscribersPurchase this articleComment on this article