{"id":1055,"date":"2015-09-23T13:31:57","date_gmt":"2015-09-23T13:31:57","guid":{"rendered":"https:\/\/prismacloud.eu\/?p=1055"},"modified":"2017-05-22T13:44:29","modified_gmt":"2017-05-22T13:44:29","slug":"proactive-security-analysis-of-changes-in-virtualized-infrastructures","status":"publish","type":"post","link":"https:\/\/prismacloud.eu\/proactive-security-analysis-of-changes-in-virtualized-infrastructures\/","title":{"rendered":"Proactive Security Analysis of Changes in Virtualized Infrastructures"},"content":{"rendered":"<p><strong>Authors<\/strong><\/p>\n<p>S\u00f6ren Bleikertz (IBM Research - Zurich), Carsten Vogel\u00a0(IBM Research - Zurich), Thomas Gro\u00df (Newcastle University), Sebastian M\u00f6dersheim (DTU Compute)<\/p>\n<p><strong>Abstract<\/strong><\/p>\n<p style=\"text-align: justify;\">The pervasiveness of cloud computing can be attributed to its scale and elasticity. However, the operational complexity of the underlying cloud infrastructure is high, due to its dynamics, multi-tenancy, and size. Misconfigurations and insider attacks carry significant operational and security risks, such as breaches in tenant isolation put both the infrastructure provider and the consumers at risk.We tackle this challenge by establishing a practical security system, called Weatherman, that proactively analyzes changes induced by management operations with respect to security policies. We achieve this by contributing the first formal model of cloud management operations that captures their impact on the infrastructure in the form of graph transformations. Our approach combines such a model of operations with an information flow analysis suited for isolation as well as a policy verifier for a variety of security and operational policies. Our system provides a run-time enforcement of infrastructure security policies, as well as a what-if analysis for change planning.<\/p>\n<p><strong>Venue<\/strong><\/p>\n<p>2015 Annual Computer Security Applications Conference (ACSAC 31) (<a href=\"https:\/\/www.acsac.org\/2015\/\">https:\/\/www.acsac.org\/2015\/<\/a>)<\/p>\n<p><strong>Place and Date<\/strong><\/p>\n<p>Los Angeles, California, USA, December\u00a05th-9th 2015<\/p>\n<p><strong>Publication Reference<\/strong><\/p>\n<p>S\u00f6ren Bleikertz, Carsten Vogel, Thomas Gro\u00df, Sebastian M\u00f6dersheim. \"Proactive Security Analysis of Changes in Virtualized Infrastructures\", Information Security and Cryptology - ICISC 2015 - 2015 Annual Computer Security Applications Conference, Los Angeles, California, December 5-9, 2015.<\/p>\n<p>[<a href=\"https:\/\/www.openfoo.org\/research\/bleikertz_vogel_gross_moedersheim-acsac2015.pdf\">Download<\/a>]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Authors S\u00f6ren Bleikertz (IBM Research - Zurich), Carsten Vogel\u00a0(IBM Research - Zurich), Thomas Gro\u00df (Newcastle University), Sebastian M\u00f6dersheim (DTU Compute) Abstract The pervasiveness of cloud computing can be attributed to its scale and elasticity. However, the operational complexity of the underlying cloud infrastructure is high, due to its dynamics, multi-tenancy, and size. Misconfigurations and insider [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":746,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/posts\/1055"}],"collection":[{"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/comments?post=1055"}],"version-history":[{"count":5,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/posts\/1055\/revisions"}],"predecessor-version":[{"id":1930,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/posts\/1055\/revisions\/1930"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/media\/746"}],"wp:attachment":[{"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/media?parent=1055"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/categories?post=1055"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/prismacloud.eu\/wp-json\/wp\/v2\/tags?post=1055"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}