Using Diversity in Cloud-Based Deployment Environment to Avoid Intrusions

  1. Lookup NU author(s)
  2. Dr Anatoliy Gorbenko
  3. Professor Alexander Romanovsky
Author(s)Gorbenko A, Kharchenko V, Tarasyuk O, Romanovsky A
Editor(s)Troubitsyna, E;
Publication type Conference Proceedings (inc. Abstract)
Conference NameThird International Workshop on Software Engineering for Resilient Systems (SERENE)
Conference LocationGeneva, Switzerland
Year of Conference2011
Date29-30 September 2011
Volume6968
Pages145-155
Series TitleLecture Notes in Computer Science
ISBN9783642241239
Full text is available for this publication:
This paper puts forward a generic intrusion-avoidance architecture to be used for deploying web services on the cloud. The architecture, targeting the IaaS cloud providers, avoids intrusions by employing software diversity at various system levels and dynamically reconfiguring the cloud deployment environment. The paper studies intrusions caused by vulnerabilities of system software and discusses an approach allowing the system architects to decrease the risk of intrusions. This solution will also reduce the so-called system’s days-of-risk which is calculated as a time period of an increased security risk between the time when a vulnerability is publicly disclosed to the time when a patch is available to fix it.
PublisherSpringer
URLhttp://dx.doi.org/10.1007/978-3-642-24124-6_14
DOI10.1007/978-3-642-24124-6_14
ActionsLink to this publication
Library holdingsSearch Newcastle University Library for this item