Title :
Dynamic access control in cloud services
Author :
Zaborovsky, Vladimir ; Lukashin, Alexey ; Kupreenko, Sergey ; Mulukha, Vladimir
Author_Institution :
Telematics Dept., State Polytech. Univ., St. Petersburg, Russia
Abstract :
The term “cloud computing” refers to the software services that are offered over the Internet. The problems of security of such services are becoming particularly important due to intricate structure and dynamic nature of distributed cloud environment. Complexity of the cloud platforms requires more functionality from the security devices, as well as their online configurability in accordance with the current state of network environment through which the users can access the information services. In this paper, we propose a specialized firewall solution implementing the access control using the hypervisor functionality, and describe a dynamic access model based on virtual connections management employing the mechanism of traffic filtering in transparent, also called “stealth”, mode. A security appliance (firewall) in this mode is not visible to other participants (components) of the network interactions, allowing it to implement the access policy while remaining invulnerable to cyber crooks.
Keywords :
Web services; authorisation; cloud computing; telecommunication traffic; Internet; cloud computing; cloud services; cyber crooks; distributed cloud environment; dynamic access control; hypervisor functionality; information services; network interactions; online configurability; security devices; software services; specialized firewall solution; stealth mode; traffic filtering; virtual connections management; Access control; Cloud computing; Filtering; Fires; Virtual machine monitors; Virtual machining; NetGraph; access policy; cloud computing; firewall; hypervisor XEN; security; virtualization;
Conference_Titel :
Systems, Man, and Cybernetics (SMC), 2011 IEEE International Conference on
Conference_Location :
Anchorage, AK
Print_ISBN :
978-1-4577-0652-3
DOI :
10.1109/ICSMC.2011.6083854
