Multi-level Security for Deploying Distributed Applications on Clouds, Devices and Things

Paul Watson, Mark Little
2014 2014 IEEE 6th International Conference on Cloud Computing Technology and Science  
The deployment of the components of distributed systems is now often very dynamic -server-side components are virtualised so they can be dynamically deployed on a range of platforms including public and private clouds, while users expect to be able to install clients on devices from phones to tablets. This can introduce security problems that place data at risk. This paper describes a new method for modeling the security of a distributed application and generating the set of possible deployment
more » ... options that meet the overall security requirements. The model encompasses the entities that influence the security of a distributed system: data, services networks and platforms (e.g. clouds, devices and "things"). The paper describes the method and how it can be used to answer a range of security questions, using a set of case studies including federated clouds, network roaming and "Bring Your Own Devices" (BYOD). Abstract The deployment of the components of distributed systems is now often very dynamic -server-side components are virtualised so they can be dynamically deployed on a range of platforms including public and private clouds, while users expect to be able to install clients on devices from phones to tablets. This can introduce security problems that place data at risk. This paper describes a new method for modeling the security of a distributed application and generating the set of possible deployment options that meet the overall security requirements. The model encompasses the entities that influence the security of a distributed system: data, services networks and platforms (e.g. clouds, devices and "things"). The paper describes the method and how it can be used to answer a range of security questions, using a set of case studies including federated clouds, network roaming and "Bring Your Own Devices" (BYOD). Abstract-The deployment of the components of distributed systems is now often very dynamic -server-side components are virtualised so they can be dynamically deployed on a range of platforms including public and private clouds, while users expect to be able to install clients on devices from phones to tablets. This can introduce security problems that place data at risk. This paper describes a new method for modeling the security of a distributed application and generating the set of possible deployment options that meet the overall security requirements. The model encompasses the entities that influence the security of a distributed system: data, services networks and platforms (e.g. clouds, devices and "things"). The paper describes the method and how it can be used to answer a range of security questions, using a set of case studies including federated clouds, network roaming and "Bring Your Own Devices" (BYOD).
doi:10.1109/cloudcom.2014.72 dblp:conf/cloudcom/WatsonL14 fatcat:fsdrmnrkojgbtcq67cx6eah3hm