OW2con'12 Marc Lacoste

VESPA: Multi-Layered Self-Protection for IaaS Clouds - Marc Lacoste, Orange Labs. Abstract : Self-protection has raised growing interest as possible element of answer to the cloud protection challenge. Faced with multiple threats and heterogeneous defense systems, the autonomic approach proposes simpler, stronger, and more efficient cloud security management. Previous solutions fall at the last hurdle, overlooking one or several key desirable features such as flexible security policies, cross-layered defense, multiple control granularities, and open security architectures. This talk presents VESPA, an open self-protection architecture and framework for cloud infrastructures that overcomes the previous limitations. Developed in the OpenCloudWare project, VESPA adopts a policy-based management approach, and allows a two-level regulation of security, both within a software layer and across layers. Flexible coordination between self-protection loops allows enforcing a rich spectrum of security strategies such as cross-layer detection and reaction. A multi-plane, extensible architecture also enables simple integration of commodity detection and reaction components. Evaluation results on a VESPA KVM-based implementation show that the design is applicable for effective and yet flexible self-protection of cloud infrastructures.

Видео OW2con'12 Marc Lacoste автора История животных