Full Program »
Proactive Security Analysis of Changes in Virtualized Infrastructures
its scale and elasticity. However, the operational complexity
of the underlying cloud infrastructure is high, due to its
dynamics, multi-tenancy, and size. Misconfigurations and
insider attacks carry significant operational and security
risks, such as breaches in tenant isolation put both the
infrastructure provider and consumers at risk.
We tackle this challenge by establishing a practical secu-
rity system, called Weatherman, that proactively analyzes
changes induced by management operations with respect
to security policies. We achieve this by contributing the
first formal model of cloud management operations that cap-
tures their impact on the infrastructure in the form of graph
transformations. Our approach combines such a model of
operations with an information flow analysis suited for iso-
lation as well as a policy verifier for a variety of security
and operational policies. Our system provides a run-time
enforcement of infrastructure security policies, as well as a
what-if analysis for change planning.
Author(s):
Sören Bleikertz
IBM Research - Zurich
Switzerland
Thomas Groß
University of Newcastle upon Tyne
United Kingdom
Sebastian Mödersheim
DTU Compute
Denmark
Carsten Vogel
IBM Research - Zurich
Switzerland