Cloud resiliency and security via diversified replica execution and monitoring
作者: Azzedine Benameur , Nathan S. Evans , Matthew C. Elder
DOI: 10.1109/ISRCS.2013.6623768
关键词: Total cost of ownership 、 Information technology 、 Cloud testing 、 Business 、 Provisioning 、 Critical infrastructure 、 Cloud computing 、 Computer security 、 Cloud computing security 、 Application server
摘要: The Information Technology industry heavily relies on the cloud computing paradigm for large-scale infrastructures, and more military critical infrastructure systems are moving towards platforms as well. Leveraging can reduce total cost of ownership allocates resources demand in order to cope with load. Two key expectations when shifting cloud-based services availability security. However, recent outages major Platform a Service (PaaS) providers reportedly widely press have proven that even platform cannot provide perfect availability. In addition, 2013 Defense Science Board report “Cyber Security Reliability Digital Cloud” finds while some security practices be improved environment, threats different or exacerbated. this paper we present an approach leverage elasticity on-demand provisioning features improve resilience concerns common attacks. Our utilizes diversification lightweight virtualized application servers redundancy protection against both errors network-based
sci-hub.se 参考文章(18)
Alfonso Valdes, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Joshua Levy, Hassen Saïdi, Victoria Stavridou, Tomás E. Uribe, An Architecture for an Adaptive Intrusion-Tolerant Server international workshop on security. pp. 158- 178 ,(2002) , 10.1007/978-3-540-39871-4_14
Georgios Portokalidis, Angelos D. Keromytis, REASSURE: A Self-contained Mechanism for Healing Software Using Rescue Points Advances in Information and Computer Security. pp. 16- 32 ,(2011) , 10.1007/978-3-642-25141-2_2
Liming Chen, A. Avizienis, N-VERSION PROGRAMMINC: A FAULT-TOLERANCE APPROACH TO RELlABlLlTY OF SOFTWARE OPERATlON ieee international symposium on fault tolerant computing. pp. 113- ,(1995) , 10.1109/FTCSH.1995.532621
Stelios Sidiroglou, Giannis Giovanidis, Angelos D. Keromytis, A dynamic mechanism for recovering from buffer overflow attacks international conference on information security. pp. 1- 15 ,(2005) , 10.1007/11556992_1
Angelos D. Keromytis, Roxana Geambasu, Simha Sethumadhavan, Salvatore J. Stolfo, Junfeng Yang, Azzedine Benameur, Marc Dacier, Matthew Elder, Darrell Kienzle, Angelos Stavrou, The MEERKATS Cloud Security Architecture international conference on distributed computing systems workshops. pp. 446- 450 ,(2012) , 10.1109/ICDCSW.2012.42
Angelos D. Keromytis, Salvatore J. Stolfo, Junfeng Yang, Angelos Stavrou, Anup Ghosh, Dawson Engler, Marc Dacier, Matthew Elder, Darrell Kienzle, The MINESTRONE Architecture Combining Static and Dynamic Analysis Techniques for Software Security 2011 First SysSec Workshop. pp. 53- 56 ,(2011) , 10.1109/SYSSEC.2011.33
Josiah Dykstra, Using apache as a caching proxy server XRDS: Crossroads, The ACM Magazine for Students. ,vol. 7, pp. 5- 5 ,(2001) , 10.1145/969637.969642
Yasushi Saito, Jockey: a user-space library for record-replay debugging international symposium on open collaboration. pp. 69- 76 ,(2005) , 10.1145/1085130.1085139
Vasileios P. Kemerlis, Georgios Portokalidis, Kangkook Jee, Angelos D. Keromytis, libdft Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments - VEE '12. ,vol. 47, pp. 121- 132 ,(2012) , 10.1145/2151024.2151042
Anh Nguyen-Tuong, Jonathan Rowanhill, Jason Hiser, Wei Hu, Jack Davidson, Adrian Filipi, John Knight, David Evans, Benjamin Cox, N-variant systems: a secretless framework for security through diversity usenix security symposium. pp. 9- ,(2006)